aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-10-27target-arm: lpae: Move declaration of t0sz and t1szEdgar E. Iglesias
Move declaration of t0sz and t1sz to the top of the function avoiding a mix of code and variable declarations. No functional change. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-4-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: lpae: Make t0sz and t1sz signed integersEdgar E. Iglesias
Make t0sz and t1sz signed integers to match tsz and to make it easier to implement support for AArch32 negative t0sz. t1sz is changed for consistensy. No functional change. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-3-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add HPFAR_EL2Edgar E. Iglesias
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-2-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX GPT debugJean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: b7ce7e98a051479453744aded122789531d80a44.1445781957.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX EPIT debugJean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 5bbad71517ca728d8865f7b9f998baa0df022794.1445781957.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX FEC debugJean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 57e565982db94fb433c32dfa17608888464d21de.1445781957.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX CCM debugJean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Adding some missing qemu_log_mask call for bad registers. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 293e08f31cbb4df84d58f693243e61e770c73b3a.1445781957.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX AVIC debugJean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 29885ffea2577eaf2288c1d17fd87ee951748b49.1445781957.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX I2C debugJean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 328acfe6fc09a5afdbfbfd5220e0869fd5082660.1445781957.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX GPIO debugJean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message The qemu_log_mask() outputis following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 4f2007adcf0f579864bb4dd8a825824e0e9098b8.1445781957.git.jcd@tribudubois.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27i.MX: Standardize i.MX serial debug.Jean-Christophe Dubois
The goal is to have debug code always compiled during build. We standardize all debug output on the following format: [QOM_TYPE_NAME]reporting_function: debug message We also replace IPRINTF with qemu_log_mask(). The qemu_log_mask() output is following the same format as the above debug. Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net> Message-id: 47b8759b251d356c633faf7ea34f897f340aea4e.1445781957.git.jcd@tribudubois.net [PMM: Drop attempt to print the ram_addr of a memory region in one DPRINTF, which (a) was using the wrong format string so didn't build on 32-bit and (b) was incorrectly looking at a private field of a MemoryRegion struct] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27hw/arm/virt: don't use a15memmap directlyAndrew Jones
We should always go through VirtBoardInfo when we need the memmap. To avoid using a15memmap directly, in this case, we need to defer the max-cpus check from class init time to instance init time. In class init we now use MAX_CPUMASK_BITS for max_cpus initialization, which is the maximum QEMU supports, and also, incidentally, the maximum KVM/gicv3 currently supports. Also, a nice side-effect of delaying the max-cpus check is that we now get more appropriate error messages for gicv2 machines that try to configure more than 123 cpus. Before this patch it would complain that the requested number of cpus was greater than 123, but for gicv2 configs, it should complain that the number is greater than 8. Signed-off-by: Andrew Jones <drjones@redhat.com> Message-id: 1445189728-860-3-git-send-email-drjones@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27arm_gic_kvm: Disable live migration if not supportedPavel Fedin
Currently, if the kernel does not have live migration API, the migration will still be attempted, but vGIC save/restore functions will just not do anything. This will result in a broken machine state. This patch fixes the problem by adding migration blocker if kernel API is not supported. Signed-off-by: Pavel Fedin <p.fedin@samsung.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add support for SPSR_(ABT|UND|IRQ|FIQ)Soren Brinkmann
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm/translate.c: Handle non-executable page-straddling Thumb insnsPeter Maydell
When the memory we're trying to translate code from is not executable we have to turn this into a guest fault. In order to report the correct PC for this fault, and to make sure it is not reported until after any other possible faults for instructions earlier in execution, we must terminate TBs at the end of a page, in case the next instruction is in a non-executable page. This is simple for T16, A32 and A64 instructions, which are always aligned to their size. However T32 instructions may be 32-bits but only 16-aligned, so they can straddle a page boundary. Correct the condition that checks whether the next instruction will touch the following page, to ensure that if we're 2 bytes before the boundary and this insn is T32 then we end the TB. Reported-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Fix "no 64-bit EL2" assumption in arm_excp_unmasked()Peter Maydell
The code in arm_excp_unmasked() suppresses the ability of PSTATE.AIF to mask exceptions from a lower EL targeting EL2 or EL3 if the CPU is 64-bit. This is correct for a target of EL3, but not correct for targeting EL2. Further, we go to some effort to calculate scr and hcr values which are not used at all for the 64-bit CPU case. Rearrange the code to correctly implement the 64-bit CPU logic and keep the hcr/scr calculations in the 32-bit CPU codepath. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1444327729-4120-1-git-send-email-peter.maydell@linaro.org Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-10-27Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into ↵Peter Maydell
staging # gpg: Signature made Tue 27 Oct 2015 05:47:28 GMT using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: net: free the string returned by object_get_canonical_path_component net: make iov_to_buf take right size argument in nc_sendv_compat() net: Remove duplicate data from query-rx-filter on multiqueue net devices vmxnet3: Do not fill stats if device is inactive options: Add documentation for filter-dump net/dump: Provide the dumping facility as a net-filter net/dump: Separate the NetClientState from the DumpState net/dump: Rework net-dump init functions net/dump: Add support for receive_iov function net: cadence_gem: Set initial MAC address Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27net: free the string returned by object_get_canonical_path_componentYang Hongyang
The value returned from object_get_canonical_path_component must be freed. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Cc: Jason Wang <jasowang@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27net: make iov_to_buf take right size argument in nc_sendv_compat()Yang Hongyang
We want "buf, sizeof(buf)" here. sizeof(buffer) is the size of a pointer, which is wrong. Thanks to Paolo for pointing it out. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Cc: Jason Wang <jasowang@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27net: Remove duplicate data from query-rx-filter on multiqueue net devicesVladislav Yasevich
When responding to a query-rx-filter command on a multiqueue netdev, qemu reports the data for each queue. The data, however, is not per-queue, but per device and the same data is reported multiple times. This causes confusion and may also cause extra unnecessary processing when looking at the data. Commit 638fb14169 (net: Make qmp_query_rx_filter() with name argument more obvious) partially addresses this issue, by limiting the output when the name is specified. However, when the name is not specified, the issue still persists. Signed-off-by: Vladislav Yasevich <vyasevic@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27vmxnet3: Do not fill stats if device is inactiveShmulik Ladkani
Guest OS may issue VMXNET3_CMD_GET_STATS even before device was activated (for example in linux, after insmod but prior net-dev open). Accessing shared descriptors prior device activation is illegal as the VMXNET3State structures have not been fully initialized. As a result, guest memory gets corrupted and may lead to guest OS crashes. Fix, by not filling the stats descriptors if device is inactive. Reported-by: Leonid Shatz <leonid.shatz@ravellosystems.com> Acked-by: Dmitry Fleytman <dmitry@daynix.com> Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27options: Add documentation for filter-dumpThomas Huth
Add a short description for the filter-dump command line options. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27net/dump: Provide the dumping facility as a net-filterThomas Huth
Use the net-filter infrastructure to provide the dumping functions for netdev devices, too. Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27net/dump: Separate the NetClientState from the DumpStateThomas Huth
With the upcoming dumping-via-netfilter patch, the DumpState should not be related to NetClientState anymore, so move the related information to a new struct called DumpNetClient. Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27net/dump: Rework net-dump init functionsThomas Huth
Move the creation of the dump client from net_dump_init() into net_init_dump(), so we can later use the former function for dump via netfilter, too. Also rename net_dump_init() to net_dump_state_init() to make it easier distinguishable from net_init_dump(). Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27net/dump: Add support for receive_iov functionThomas Huth
Adding a proper receive_iov function to the net dump module. This will make it easier to support the dump filter feature for the -netdev option in later patches. Reviewed-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-27net: cadence_gem: Set initial MAC addressSebastian Huber
Set initial MAC address to the one specified by the command line. Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de> Reviewed-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-26Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2015-10-26' into ↵Peter Maydell
staging Xen 2015-10-26 # gpg: Signature made Mon 26 Oct 2015 11:32:50 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>" * remotes/sstabellini/tags/xen-2015-10-26: xen-platform: Replace assert() with appropriate error reporting xen_platform: switch to realize Qemu/Xen: Fix early freeing MSIX MMIO memory region Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-26xen-platform: Replace assert() with appropriate error reportingEduardo Habkost
Commit dbb7405d8caad0814ceddd568cb49f163a847561 made it possible to trigger an assert using "-device xen-platform". Replace it with appropriate error reporting. Before: $ qemu-system-x86_64 -device xen-platform qemu-system-x86_64: hw/i386/xen/xen_platform.c:391: xen_platform_initfn: Assertion `xen_enabled()' failed. Aborted (core dumped) $ After: $ qemu-system-x86_64 -device xen-platform qemu-system-x86_64: -device xen-platform: xen-platform device requires the Xen accelerator $ Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2015-10-26xen_platform: switch to realizeStefano Stabellini
Use realize to initialize the xen_platform device Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-10-26Merge remote-tracking branch 'remotes/elmarco/tags/ivshmem-pull-request' ↵Peter Maydell
into staging ivshmem series # gpg: Signature made Mon 26 Oct 2015 09:27:46 GMT using RSA key ID 75969CE5 # gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" # gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 87A9 BD93 3F87 C606 D276 F62D DAE8 E109 7596 9CE5 * remotes/elmarco/tags/ivshmem-pull-request: (51 commits) doc: document ivshmem & hugepages ivshmem: use little-endian int64_t for the protocol ivshmem: use kvm irqfd for msi notifications ivshmem: rename MSI eventfd_table ivshmem: remove EventfdEntry.vector ivshmem: add hostmem backend ivshmem: use qemu_strtosz() ivshmem: do not keep shm_fd open tests: add ivshmem qtest qtest: add qtest_add_abrt_handler() msix: implement pba write (but read-only) contrib: remove unnecessary strdup() ivshmem: add check on protocol version in QEMU docs: update ivshmem device spec ivshmem-server: fix hugetlbfs support ivshmem-server: use a uint16 for client ID ivshmem-client: check the number of vectors contrib: add ivshmem client and server util: const event_notifier_get_fd() argument ivshmem: reset mask on device reset ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-26Qemu/Xen: Fix early freeing MSIX MMIO memory regionLan Tianyu
msix->mmio is added to XenPCIPassthroughState's object as property. object_finalize_child_property is called for XenPCIPassthroughState's object, which calls object_property_del_all, which is going to try to delete msix->mmio. object_finalize_child_property() will access msix->mmio's obj. But the whole msix struct has already been freed by xen_pt_msix_delete. This will cause segment fault when msix->mmio has been overwritten. This patch is to fix the issue. Signed-off-by: Lan Tianyu <tianyu.lan@intel.com> Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2015-10-26doc: document ivshmem & hugepagesMarc-André Lureau
Document and give some examples of hugepages support with ivshmem device and server. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2015-10-26ivshmem: use little-endian int64_t for the protocolMarc-André Lureau
The current ivshmem protocol uses 'long' for integers. But the sizeof(long) depends on the host and the endianess is not defined, which may cause portability troubles. Instead, switch to using little-endian int64_t. This breaks the protocol, except on x64 little-endian host where this change should be compatible. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-26ivshmem: use kvm irqfd for msi notificationsMarc-André Lureau
Use irqfd for improving context switch when notifying the guest. If the host doesn't support kvm irqfd, regular msi notifications are still supported. Note: the ivshmem implementation doesn't allow switching between MSI and IO interrupts, this patch doesn't either. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-26ivshmem: rename MSI eventfd_tableMarc-André Lureau
The array is used to have vector specific data, so use a more descriptive name. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-26ivshmem: remove EventfdEntry.vectorMarc-André Lureau
No need to store an extra int for the vector number when it can be computed easily by looking at the position in the array. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-26ivshmem: add hostmem backendMarc-André Lureau
Instead of handling allocation, teach ivshmem to use a memory backend. This allows to use hugetlbfs backed memory now. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-26ivshmem: use qemu_strtosz()Marc-André Lureau
Use the common qemu utility function to parse the memory size. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-26ivshmem: do not keep shm_fd openMarc-André Lureau
Remove shm_fd from device state, closing it as early as possible to avoid leaks. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-26tests: add ivshmem qtestMarc-André Lureau
Adds 4 ivshmemtests: - single qemu instance and basic IO - pair of instances, check memory sharing - pair of instances with server, and MSIX - hot plug/unplug A temporary shm is created as well as a directory to place server socket, both should be clear on exit and abort. Cc: Cam Macdonell <cam@cs.ualberta.ca> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-10-24qtest: add qtest_add_abrt_handler()Marc-André Lureau
Allow a test to add abort handlers, use GHook for all handlers. There is currently no way to remove a handler, but it could be later added if needed. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-24msix: implement pba write (but read-only)Marc-André Lureau
qpci_msix_pending() writes on pba region, causing qemu to SEGV: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff7fba8c0 (LWP 25882)] 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in () #1 0x00005555556556c5 in memory_region_oldmmio_write_accessor (mr=0x5555579f3f80, addr=0, value=0x7fffffffbf68, size=4, shift=0, mask=4294967295, attrs=...) at /home/elmarco/src/qemu/memory.c:434 #2 0x00005555556558e1 in access_with_adjusted_size (addr=0, value=0x7fffffffbf68, size=4, access_size_min=1, access_size_max=4, access=0x55555565563e <memory_region_oldmmio_write_accessor>, mr=0x5555579f3f80, attrs=...) at /home/elmarco/src/qemu/memory.c:506 #3 0x00005555556581eb in memory_region_dispatch_write (mr=0x5555579f3f80, addr=0, data=0, size=4, attrs=...) at /home/elmarco/src/qemu/memory.c:1176 #4 0x000055555560b6f9 in address_space_rw (as=0x555555eff4e0 <address_space_memory>, addr=3759147008, attrs=..., buf=0x7fffffffc1b0 "", len=4, is_write=true) at /home/elmarco/src/qemu/exec.c:2439 #5 0x000055555560baa2 in cpu_physical_memory_rw (addr=3759147008, buf=0x7fffffffc1b0 "", len=4, is_write=1) at /home/elmarco/src/qemu/exec.c:2534 #6 0x000055555564c005 in cpu_physical_memory_write (addr=3759147008, buf=0x7fffffffc1b0, len=4) at /home/elmarco/src/qemu/include/exec/cpu-common.h:80 #7 0x000055555564cd9c in qtest_process_command (chr=0x55555642b890, words=0x5555578de4b0) at /home/elmarco/src/qemu/qtest.c:378 #8 0x000055555564db77 in qtest_process_inbuf (chr=0x55555642b890, inbuf=0x55555641b340) at /home/elmarco/src/qemu/qtest.c:569 #9 0x000055555564dc07 in qtest_read (opaque=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", size=22) at /home/elmarco/src/qemu/qtest.c:581 #10 0x000055555574ce3e in qemu_chr_be_write (s=0x55555642b890, buf=0x7fffffffc2e0 "writel 0xe0100800 0x0\n", len=22) at qemu-char.c:306 #11 0x0000555555751263 in tcp_chr_read (chan=0x55555642bcf0, cond=G_IO_IN, opaque=0x55555642b890) at qemu-char.c:2876 #12 0x00007ffff64c9a8a in g_main_context_dispatch (context=0x55555641c400) at gmain.c:3122 (without this patch, this can be reproduced with the ivshmem qtest) Implement an empty mmio write to avoid the crash. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-24contrib: remove unnecessary strdup()Marc-André Lureau
getopt() optarg points to argv memory, no need to dup those values, fixes small leaks detected by clang-analyzer. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2015-10-24ivshmem: add check on protocol version in QEMUDavid Marchand
Send a protocol version as the first message from server, clients must close communication if they don't support this protocol version. Older QEMUs should be fine with this change in the protocol since they overrides their own vm_id on reception of an id associated to no eventfd. Signed-off-by: David Marchand <david.marchand@6wind.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> [use fifo_update_and_get()] Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-24docs: update ivshmem device specDavid Marchand
Add some notes on the parts needed to use ivshmem devices: more specifically, explain the purpose of an ivshmem server and the basic concept to use the ivshmem devices in guests. Move some parts of the documentation and re-organise it. Signed-off-by: David Marchand <david.marchand@6wind.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-24ivshmem-server: fix hugetlbfs supportMarc-André Lureau
As pointed out on the ML by Andrew Jones, glibc no longer permits creating POSIX shm on hugetlbfs directly. When given a hugetlbfs path, create a shareable file there. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2015-10-24ivshmem-server: use a uint16 for client IDMarc-André Lureau
In practice, the number of VM is limited to MAXUINT16 in ivshmem, so use the same limit on the server (removes a theorical infinite loop) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-24ivshmem-client: check the number of vectorsMarc-André Lureau
Check the number of vectors received from the server, to avoid out of bound array access. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2015-10-24contrib: add ivshmem client and serverDavid Marchand
When using ivshmem devices, notifications between guests can be sent as interrupts using a ivshmem-server (typical use described in documentation). The client is provided as a debug tool. Signed-off-by: Olivier Matz <olivier.matz@6wind.com> Signed-off-by: David Marchand <david.marchand@6wind.com> [fix a valgrind warning, option and server_close() segvs, extra server headers includes, getopt() return type, out-of-tree build, use qemu event_notifier instead of eventfd, fix x86/osx warnings - Marc-André] Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>