aboutsummaryrefslogtreecommitdiff
path: root/exec.c
AgeCommit message (Collapse)Author
2016-10-26exec: Avoid direct references to Int128 partsRichard Henderson
Reviewed-by: Emilio G. Cota <cota@braap.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-10-25Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into ↵Peter Maydell
staging x86 and CPU queue, 2016-10-24 x2APIC support to APIC code, cpu_exec_init() refactor on all architectures, and other x86 changes. # gpg: Signature made Mon 24 Oct 2016 20:51:14 BST # gpg: using RSA key 0x2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: exec: call cpu_exec_exit() from a CPU unrealize common function exec: move cpu_exec_init() calls to realize functions exec: split cpu_exec_init() pc: q35: Bump max_cpus to 288 pc: Require IRQ remapping and EIM if there could be x2APIC CPUs pc: Add 'etc/boot-cpus' fw_cfg file for machine with more than 255 CPUs Increase MAX_CPUMASK_BITS from 255 to 288 pc: Clarify FW_CFG_MAX_CPUS usage comment pc: kvm_apic: Pass APIC ID depending on xAPIC/x2APIC mode pc: apic_common: Reset APIC ID to initial ID when switching into x2APIC mode pc: apic_common: Restore APIC ID to initial ID on reset pc: apic_common: Extend APIC ID property to 32bit pc: Leave max apic_id_limit only in legacy cpu hotplug code acpi: cphp: Force switch to modern cpu hotplug if APIC ID > 254 pc: acpi: x2APIC support for SRAT table pc: acpi: x2APIC support for MADT table and _MAT method Conflicts: target-arm/cpu.c Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-24exec: call cpu_exec_exit() from a CPU unrealize common functionLaurent Vivier
As cpu_exec_exit() mirrors the cpu_exec_realizefn(), rename it as cpu_exec_unrealizefn(). Create and register a cpu_common_unrealizefn() function for the CPU device class and call cpu_exec_unrealizefn() from this function. Remove cpu_exec_exit() from cpu_common_finalize() (which mirrors init, not realize), and as x86_cpu_unrealizefn() and ppc_cpu_unrealizefn() overwrite the device class unrealize function, add a call to a parent_unrealize pointer. Signed-off-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24exec: move cpu_exec_init() calls to realize functionsLaurent Vivier
Modify all CPUs to call it from XXX_cpu_realizefn() function. Remove all the cannot_destroy_with_object_finalize_yet as unsafe references have been moved to cpu_exec_realizefn(). (tested with QOM command provided by commit 4c315c27) for arm: Setting of cpu->mp_affinity is moved from arm_cpu_initfn() to arm_cpu_realizefn() as setting of cpu_index is now done in cpu_exec_realizefn(). To avoid to overwrite an user defined value, we set it to an invalid value by default, and update it in realize function only if the value is still invalid. Signed-off-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Andrew Jones <drjones@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24exec: split cpu_exec_init()Laurent Vivier
Put in cpu_exec_initfn() what initializes the CPU, and leave in cpu_exec_init() what adds it to the environment. As cpu_exec_initfn() is called by all XX_cpu_initfn(), call it directly in cpu_common_initfn(). cpu_exec_init() is now a realize function, it will be renamed to cpu_exec_realizefn() and moved to the XX_cpu_realizefn() function in a following patch. Signed-off-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24cpu: Support a target CPU having a variable page sizePeter Maydell
Support target CPUs having a page size which isn't knownn at compile time. To use this, the CPU implementation should: * define TARGET_PAGE_BITS_VARY * not define TARGET_PAGE_BITS * define TARGET_PAGE_BITS_MIN to the smallest value it might possibly want for TARGET_PAGE_BITS * call set_preferred_target_page_bits() in its realize function to indicate the actual preferred target page size for the CPU (and report any error from it) In CONFIG_USER_ONLY, the CPU implementation should continue to define TARGET_PAGE_BITS appropriately for the guest OS page size. Machines which want to take advantage of having the page size something larger than TARGET_PAGE_BITS_MIN must set the MachineClass minimum_page_bits field to a value which they guarantee will be no greater than the preferred page size for any CPU they create. Note that changing the target page size by setting minimum_page_bits is a migration compatibility break for that machine. For debugging purposes, attempts to use TARGET_PAGE_SIZE before it has been finally confirmed will assert. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-10-24exec.c: Remove static allocation of sub_section of sub_pageVijaya Kumar K
Allocate sub_section dynamically. Remove dependency on TARGET_PAGE_SIZE to make run-time page size detection for arm platforms. Signed-off-by: Vijaya Kumar K <vijayak@cavium.com> Message-id: 1465808915-4887-3-git-send-email-vijayak@caviumnetworks.com [PMM: use flexible array member rather than separate malloc so we don't need an extra pointer deref when using it] Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-24exec.c: workaround regression caused by alignment change in d2f39adHaozhong Zhang
Commit d2f39ad "exec.c: Ensure right alignment also for file backed ram" added an additional alignment requirement on the size of backend file besides the previous page size. On x86, the alignment is changed from 4KB in QEMU 2.6 to 2MB in QEMU 2.7. This change breaks certain usages in QEMU 2.7 on x86, e.g. -object memory-backend-file,id=mem1,mem-path=/tmp/,size=$SZ -device pc-dimm,id=dimm1,memdev=mem1 where $SZ is multiple of 4KB but not 2MB (e.g. 1023M). QEMU 2.7 reports the following error message and aborts: qemu-system-x86_64: -device pc-dimm,memdev=mem1,id=nv1: backend memory size must be multiple of 0x200000 The same regression may also happen in other platforms as indicated by Igor Mammedov. This change is however necessary for s390 according to the commit message of d2f39ad, so we workaround the regression by taking the change only on s390. Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com> Reported-by: "Xu, Anthony" <anthony.xu@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-10-13RAMBlocks: Store page sizeDr. David Alan Gilbert
Store the page size in each RAMBlock, we need it later. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
2016-10-08exec: remove unused compacted argumentMarc-André Lureau
Since commit b35ba30f8f when it was introduced, phys_page_compact() takes an unused compacted argument. ubsan complains about it when launching qemu-x86_64 without arguments: qemu/exec.c:310:5: runtime error: variable length array bound evaluates to non-positive value 0 Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-09-27cpus-common: move CPU list management to common codePaolo Bonzini
Add a mutex for the CPU list to system emulation, as it will be used to manage safe work. Abstract manipulation of the CPU list in new functions cpu_list_add and cpu_list_remove. Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-13kvm-all: drop kvm_setup_guest_memoryCao jin
kvm_setup_guest_memory only does "madvise to QEMU_MADV_DONTFORK" and is only called by ram_block_add, which actually is duplicate code. Bonus: add simple comment for kvm_has_sync_mmu to make life easier. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com> Message-Id: <1473662096-32598-1-git-send-email-caoj.fnst@cn.fujitsu.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-13qtail: clean up direct access to tqe_prev fieldIgor Mammedov
instead of accessing tqe_prev field dircetly outside of queue.h use macros to check if element is in list and make sure that afer element is removed from list tqe_prev field could be used to do the same check. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1469450832-84343-1-git-send-email-imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-05exec: Ensure the only one cpu_index allocation method is usedIgor Mammedov
Make sure that cpu_index auto allocation isn't used in combination with manual cpu_index assignment. And dissallow out of order cpu removal if auto allocation is in use. Target that wishes to support out of order unplug should switch to manual cpu_index assignment. Following patch could be used as an example: (pc: init CPUState->cpu_index with index in possible_cpus[])) Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-08-02fix qemu exit on memory hotplug when allocation fails at prealloc timeIgor Mammedov
When adding hostmem backend at runtime, QEMU might exit with error: "os_mem_prealloc: Insufficient free host memory pages available to allocate guest RAM" It happens due to os_mem_prealloc() not handling errors gracefully. Fix it by passing errp argument so that os_mem_prealloc() could report error to callers and undo performed allocation when os_mem_prealloc() fails. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1469008443-72059-1-git-send-email-imammedo@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-07-26exec: Set cpu_index only if it's not been explictly setIgor Mammedov
It keeps the legacy behavior for all users that doesn't care about stable cpu_index value, but would allow boards that would support device_add/device_del to set stable cpu_index that won't depend on order in which cpus are created/destroyed. While at that simplify cpu_get_free_index() as cpu_index generated by USER_ONLY and softmmu variants is the same since none of the users support cpu-remove so far, except of not yet released spapr/x86 device_add/delr, which will be altered by follow up patches to set stable cpu_index manually. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-07-26exec: Don't use cpu_index to detect if cpu_exec_init()'s been calledIgor Mammedov
Instead use QTAIL's tqe_prev field to detect if cpu's been placed in list by cpu_exec_init() which is always set if QTAIL element is in list. Fixes SIGSEGV on failure path in case cpu_index is assigned by board and cpu.relalize() fails before cpu_exec_init() is called. In follow up patches, cpu_index will be assigned by boards that support cpu hot(un)plug and need stable cpu_index that doesn't depend on order cpus are created/removed. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reported-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-07-26exec: Reduce CONFIG_USER_ONLY ifdeffeneryIgor Mammedov
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-07-17exec: avoid realloc in phys_map_node_reservePeter Lieven
this is the first step in reducing the brk heap fragmentation created by the map->nodes memory allocation. Since the introduction of RCU the freeing of the PhysPageMaps is delayed so that sometimes several hundred are allocated at the same time. Even worse the memory for map->nodes is allocated and shortly afterwards reallocated. Since the number of nodes it grows to in the end is the same for all PhysPageMaps remember this value and at least avoid the reallocation. The large number of simultaneous allocations (about 450 x 70kB in my configuration) has to be addressed later. Signed-off-by: Peter Lieven <pl@kamp.de> Message-Id: <1468577030-21097-1-git-send-email-pl@kamp.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-07-12Use #include "..." for our own headers, <...> for othersMarkus Armbruster
Tracked down with an ugly, brittle and probably buggy Perl script. Also move includes converted to <...> up so they get included before ours where that's obviously okay. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-06-16os-posix: include sys/mman.hPaolo Bonzini
qemu/osdep.h checks whether MAP_ANONYMOUS is defined, but this check is bogus without a previous inclusion of sys/mman.h. Include it in sysemu/os-posix.h and remove it from everywhere else. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-13exec: Fix qemu_ram_block_from_host for XenAnthony PERARD
Since f615f39 (exec: remove ram_addr argument from qemu_ram_block_from_host), migration under Xen is likely to fail, with a SEGV of QEMU. But the commit only reveal a bug with the calculation of the offset value in qemu_ram_block_from_host(). This patch calculates the offset from the ram_addr as qemu_ram_addr_from_host() will later calculate the ram_addr from the offset. Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
2016-06-09cpu-exec: Rename cpu_resume_from_signal() to cpu_loop_exit_noexc()Peter Maydell
The function cpu_resume_from_signal() is now always called with a NULL puc argument, and is rather misnamed since it is never called from a signal handler. It is essentially forcing an exit to the top level cpu loop but without raising any exception, so rename it to cpu_loop_exit_noexc() and drop the useless unused argument. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergey Fedorov <sergey.fedorov@linaro.org> Acked-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Riku Voipio <riku.voipio@linaro.org> Message-id: 1463494687-25947-4-git-send-email-peter.maydell@linaro.org
2016-05-31Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.7-20160531' ↵Peter Maydell
into staging ppc patch queue for 2016-05-31 Here's another ppc patch queue. This batch is all preliminaries towards two significant features: 1) Full hypervisor-mode support for POWER8 Patches 1-8 start fixing various bugs with TCG's handling of hypervisor mode 2) CPU hotplug support Patches 9-12 make some preliminary fixes towards implementing CPU hotplug on ppc64 (and other non-x86 platforms). These patches are actually to generic code, not ppc, but are included here with Paolo's ACK. # gpg: Signature made Tue 31 May 2016 01:39:44 BST using RSA key ID 20D9B392 # gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" # gpg: aka "David Gibson (Red Hat) <dgibson@redhat.com>" # gpg: aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 75F4 6586 AE61 A66C C44E 87DC 6C38 CACA 20D9 B392 * remotes/dgibson/tags/ppc-for-2.7-20160531: cpu: Add a sync version of cpu_remove() cpu: Reclaim vCPU objects exec: Do vmstate unregistration from cpu_exec_exit() exec: Remove cpu from cpus list during cpu_exec_exit() ppc: Add PPC_64H instruction flag to POWER7 and POWER8 ppc: Get out of emulation on SMT "OR" ops ppc: Fix sign extension issue in mtmsr(d) emulation ppc: Change 'invalid' bit mask of tlbiel and tlbie ppc: tlbie, tlbia and tlbisync are HV only ppc: Do some batching of TCG tlb flushes ppc: Use split I/D mmu modes to avoid flushes on interrupts ppc: Remove MMU_MODEn_SUFFIX definitions Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-05-30exec: Do vmstate unregistration from cpu_exec_exit()Bharata B Rao
cpu_exec_init() does vmstate_register for the CPU device. This needs to be undone from cpu_exec_exit(). This change is needed to support CPU hot removal. Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Acked-by: Paolo Bonzini <pbonzini@redhat.com> [dwg: added missing include to fix compile on some archs] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-30exec: Remove cpu from cpus list during cpu_exec_exit()Bharata B Rao
CPUState *cpu gets added to the cpus list during cpu_exec_init(). It should be removed from cpu_exec_exit(). cpu_exec_exit() is called from generic CPU::instance_finalize and some archs like PowerPC call it from CPU unrealizefn. So ensure that we dequeue the cpu only once. Now -1 value for cpu->cpu_index indicates that we have already dequeued the cpu for CONFIG_USER_ONLY case also. Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Thomas Huth <thuth@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-05-29exec: hide mr->ram_addr from qemu_get_ram_ptr usersPaolo Bonzini
Let users of qemu_get_ram_ptr and qemu_ram_ptr_length pass in an address that is relative to the MemoryRegion. This basically means what address_space_translate returns. Because the semantics of the second parameter change, rename the function to qemu_map_ram_ptr. Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-29memory: split memory_region_from_host from qemu_ram_addr_from_hostPaolo Bonzini
Move the old qemu_ram_addr_from_host to memory_region_from_host and make it return an offset within the region. For qemu_ram_addr_from_host return the ram_addr_t directly, similar to what it was before commit 1b5ec23 ("memory: return MemoryRegion from qemu_ram_addr_from_host", 2013-07-04). Reviewed-by: Marc-André Lureau <marcandre.lureau@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-29exec: remove ram_addr argument from qemu_ram_block_from_hostPaolo Bonzini
Of the two callers, one does not use it, and the other can compute it itself based on the other output argument (offset) and the RAMBlock. Reviewed-by: Marc-André Lureau <marcandre.lureau@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-29memory: remove qemu_get_ram_fd, qemu_set_ram_fd, qemu_ram_block_host_ptrPaolo Bonzini
Remove direct uses of ram_addr_t and optimize memory_region_{get,set}_fd now that a MemoryRegion knows its RAMBlock directly. Reviewed-by: Marc-André Lureau <marcandre.lureau@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-23memory: remove unnecessary masking of MemoryRegion ram_addrPaolo Bonzini
mr->ram_block->offset is already aligned to both host and target size (see qemu_ram_alloc_internal). Remove further masking as it is unnecessary. Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-23exec: adjust rcu_read_lock requirementGonglei
qemu_ram_unset_idstr() doesn't need rcu lock anymore, meanwhile make the range of rcu lock in qemu_ram_set_idstr() as small as possible. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Message-Id: <1462845901-89716-3-git-send-email-arei.gonglei@huawei.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-23memory: drop find_ram_block()Gonglei
On the one hand, we have already qemu_get_ram_block() whose function is similar. On the other hand, we can directly use mr->ram_block but searching RAMblock by ram_addr which is a kind of waste. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Fam Zheng <famz@redhat.com> Message-Id: <1462845901-89716-2-git-send-email-arei.gonglei@huawei.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-23exec.c: Ensure right alignment also for file backed ramDominik Dingel
While in the anonymous ram case we already take care of the right alignment such an alignment gurantee does not exist for file backed ram allocation. Instead, pagesize is used for alignment. On s390 this is not enough for gmap, as we need to satisfy an alignment up to segments. Reported-by: Halil Pasic <pasic@linux.vnet.ibm.com> Signed-off-by: Dominik Dingel <dingel@linux.vnet.ibm.com> Message-Id: <1461585338-45863-1-git-send-email-dingel@linux.vnet.ibm.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19hw: clean up hw/hw.h includesPaolo Bonzini
Include qom/object.h and exec/memory.h instead of exec/ioport.h; exec/ioport.h was almost everywhere required only for those two includes, not for the content of the header itself. Remove block/aio.h, everybody is already including it through another path. With this change, include/hw/hw.h is freed from qemu-common.h. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19cpu: move exec-all.h inclusion out of cpu.hPaolo Bonzini
exec-all.h contains TCG-specific definitions. It is not needed outside TCG-specific files such as translate.c, exec.c or *helper.c. One generic function had snuck into include/exec/exec-all.h; move it to include/qom/cpu.h. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19qemu-common: push cpu.h inclusion out of qemu-common.hPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-19hw: cannot include hw/hw.h from user emulationPaolo Bonzini
All qdev definitions are available from other headers, user-mode emulation does not need hw/hw.h. By considering system emulation only, it is simpler to disentangle hw/hw.h from NEED_CPU_H. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-12tb: consistently use uint32_t for tb->flagsEmilio G. Cota
We are inconsistent with the type of tb->flags: usage varies loosely between int and uint64_t. Settle to uint32_t everywhere, which is superior to both: at least one target (aarch64) uses the most significant bit in the u32, and uint64_t is wasteful. Compile-tested for all targets. Suggested-by: Laurent Desnogues <laurent.desnogues@gmail.com> Suggested-by: Richard Henderson <rth@twiddle.net> Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Emilio G. Cota <cota@braap.org> Signed-off-by: Richard Henderson <rth@twiddle.net> Message-Id: <1460049562-23517-1-git-send-email-cota@braap.org>
2016-04-05memory: fix segv on qemu_ram_free(block=0x0)Marc-André Lureau
Since f1060c55bf1377b4, the pointer is directly passed to qemu_ram_free(). However, on initialization failure, it may be called with a NULL pointer. Return immediately in this case. This fixes a SEGV when memory initialization failed, for example permission denied on open backing store /dev/hugepages, with -object memory-backend-file,mem-path=/dev/hugepages. Program received signal SIGSEGV, Segmentation fault. 0x00005555556e67e7 in qemu_ram_free (block=0x0) at /home/elmarco/src/qemu/exec.c:1775 Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <1459250451-29984-1-git-send-email-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22exec: fix error handling in file_ram_allocPaolo Bonzini
One instance of double closing, and invalid close(-1) in some cases of "goto error". Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22util: move declarations out of qemu-common.hVeronia Bahaa
Move declarations out of qemu-common.h for functions declared in utils/ files: e.g. include/qemu/path.h for utils/path.c. Move inline functions out of qemu-common.h and into new files (e.g. include/qemu/bcd.h) Signed-off-by: Veronia Bahaa <veroniabahaa@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22include/qemu/osdep.h: Don't include qapi/error.hMarkus Armbruster
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the Error typedef. Since then, we've moved to include qemu/osdep.h everywhere. Its file comment explains: "To avoid getting into possible circular include dependencies, this file should not include any other QEMU headers, with the exceptions of config-host.h, compiler.h, os-posix.h and os-win32.h, all of which are doing a similar job to this file and are under similar constraints." qapi/error.h doesn't do a similar job, and it doesn't adhere to similar constraints: it includes qapi-types.h. That's in excess of 100KiB of crap most .c files don't actually need. Add the typedef to qemu/typedefs.h, and include that instead of qapi/error.h. Include qapi/error.h in .c files that need it and don't get it now. Include qapi-types.h in qom/object.h for uint16List. Update scripts/clean-includes accordingly. Update it further to match reality: replace config.h by config-target.h, add sysemu/os-posix.h, sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h comment quoted above similarly. This reduces the number of objects depending on qapi/error.h from "all of them" to less than a third. Unfortunately, the number depending on qapi-types.h shrinks only a little. More work is needed for that one. Signed-off-by: Markus Armbruster <armbru@redhat.com> [Fix compilation without the spice devel packages. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-15exec: fix early return from ram_block_addPaolo Bonzini
After reporting an error, ram_block_add was going on with the registration of the RAMBlock. The visible effect is that it unlocked the ramlist mutex twice. Fixes: 528f46af6ecd1e300db18684969104d4067b867b Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-15exec: Fix memory allocation when memory path isn't on hugetlbfsMarkus Armbruster
gethugepagesize() works reliably only when its argument is on hugetlbfs. When it's not, it returns the filesystem's "optimal transfer block size", which may or may not be the actual page size you'll get when you mmap(). If the value is too small or not a power of two, we fail qemu_ram_mmap()'s assertions. These were added in commit 794e8f3 (v2.5.0). The bug's impact before that is currently unknown. Seems fairly unlikely at least when the normal page size is 4KiB. Else, if the value is too large, we align more strictly than necessary. gethugepagesize() goes back to commit c902760 (v0.13). That commit clearly intended gethugepagesize() to be used on hugetlbfs only. Not only was it named accordingly, it also printed a warning when used on anything else. However, the commit neglected to spell out the restriction in user documentation of -mem-path. Commit bfc2a1a (v2.5.0) dropped the warning as bogus "because QEMU functions perfectly well with the path on a regular tmpfs filesystem". It sure does when you're sufficiently lucky. In my testing, I was lucky, too. Fix by switching to qemu_fd_getpagesize(). Rename the variable holding its result from hpagesize to page_size. Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1457378754-21649-3-git-send-email-armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-15exec: Fix memory allocation when memory path names new fileMarkus Armbruster
Commit 8d31d6b extended file_ram_alloc() to accept file names in addition to directory names. Even though it passes O_CREAT to open(), it actually works only for existing files. Reproducer adapted from the commit's qemu-doc.texi update: $ qemu-system-x86_64 -object memory-backend-file,size=2M,mem-path=/dev/hugepages/my-shmem-file,id=mb1 qemu-system-x86_64: -object memory-backend-file,size=2M,mem-path=/dev/hugepages/my-shmem-file,id=mb1: failed to get page size of file /dev/hugepages/my-shmem-file: No such file or directory This is because we first get the page size for @path, then open the actual file. Unwise even before the flawed commit, because the directory could change in between, invalidating the page size. Unlikely to bite in practice. Rearrange the code to create the file (if necessary) before getting its page size. Carefully avoid TOCTTOU conditions with a method suggested by Paolo Bonzini. While there, replace "hugepages" by "guest RAM" in error messages, because host memory backends can be used for purposes other than huge pages, e.g. /dev/shm/ shared memory. Help text of -mem-path agrees. Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1457378754-21649-2-git-send-email-armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-07exec: Introduce AddressSpaceDispatch.mru_sectionFam Zheng
Under heavy workloads the lookup will likely end up with the same MemoryRegionSection from last time. Using a pointer to cache the result, like ram_list.mru_block, significantly reduces cost of address_space_translate. During address space topology update, as->dispatch will be reallocated so the pointer is invalidated automatically. Perf reports a visible drop on the cpu usage, because phys_page_find is not called. Before: 2.35% qemu-system-x86_64 [.] phys_page_find 0.97% qemu-system-x86_64 [.] address_space_translate_internal 0.95% qemu-system-x86_64 [.] address_space_translate 0.55% qemu-system-x86_64 [.] address_space_lookup_region After: 0.97% qemu-system-x86_64 [.] address_space_translate_internal 0.97% qemu-system-x86_64 [.] address_space_lookup_region 0.84% qemu-system-x86_64 [.] address_space_translate Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <1456813104-25902-8-git-send-email-famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-07exec: Factor out section_covers_addrFam Zheng
This will be shared by the next patch. Also add a comment explaining the unobvious condition on "size.hi". Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <1456813104-25902-7-git-send-email-famz@redhat.com> [Small change to the comment. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-07exec: Pass RAMBlock pointer to qemu_ram_freeFam Zheng
The only caller now knows exactly which RAMBlock to free, so it's not necessary to do the lookup. Reviewed-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <1456813104-25902-6-git-send-email-famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-07memory: Drop MemoryRegion.ram_addrFam Zheng
All references to mr->ram_addr are replaced by memory_region_get_ram_addr(mr) (except for a few assertions that are replaced with mr->ram_block). Reviewed-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <1456813104-25902-5-git-send-email-famz@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>