Alex Bennée [Fri, 1 Aug 2014 16:08:57 +0000 (17:08 +0100)]
trace: add some tcg tracing support
This adds a couple of tcg specific trace-events which are useful for
tracing execution though tcg generated blocks. It's been tested with
lttng user space tracing but is generic enough for all systems. The tcg
events are:
* translate_block - when a subject block is translated
* exec_tb - when a translated block is entered
* exec_tb_exit - when we exit the translated code
* exec_tb_nocache - special case translations
Of course we can only trace the entrance to the first block of a chain
as each block will jump directly to the next when it can. See the -d
nochain patch to allow more complete tracing at the expense of
performance.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Alex Bennée [Fri, 1 Aug 2014 16:08:56 +0000 (17:08 +0100)]
trace: teach lttng backend to use format strings
This makes the UST backend pay attention to the format string arguments
that are defined when defining payload data. With this you can now
ensure integers are reported in hex mode if you want.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Lluís Vilanova [Fri, 30 May 2014 12:12:13 +0000 (14:12 +0200)]
trace: [tcg] Generate TCG tracing routines
Generate header "trace/generated-tcg-tracers.h" with the necessary routines for
tracing events in guest code:
* trace_${event}_tcg
Convenience wrapper that calls the translation-time tracer
'trace_${event}_trans', and calls 'gen_helper_trace_${event}_exec to
generate the TCG code to later trace the event at execution time.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Generates header "trace/generated-helpers-wrappers.h" with definitions for TCG
helper wrappers.
These wrappers ('gen_helper_trace_${event}_exec_wrapper') transform mixed native
and TCG argument types to TCG types and call the actual TCG helpers
('gen_helper_trace_${event}_exec_proxy').
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Lluís Vilanova [Fri, 30 May 2014 12:11:56 +0000 (14:11 +0200)]
trace: [tcg] Define TCG tracing helper routines
Generates file "trace/generated-helpers.c" with TCG helper definitions to trace
events in guest code at execution time.
The helpers ('helper_trace_${event}_exec_proxy') cast the TCG-compatible native
argument types to their original types (as defined in "trace-events") and call
the tracing routine ('trace_${event}_exec').
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Stefan Hajnoczi [Sun, 22 Jun 2014 13:46:07 +0000 (21:46 +0800)]
trace: install simpletrace SystemTap tapset
The simpletrace SystemTap tapset outputs simpletrace binary traces for
SystemTap probes. This is useful because SystemTap has no default way
to format or store traces. The simpletrace SystemTap tapset provides an
easy way to store traces.
The simpletrace.py tool or custom Python scripts using the
simpletrace.py API can analyze SystemTap these traces:
Note that, unlike qemu-system-x86_64.stp and
qemu-system-x86_64.stp-installed, only one file is needed since the
simpletrace SystemTap tapset does not reference the QEMU binary by path.
Therefore it doesn't matter whether the QEMU binary is installed or not.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
It can be useful to read simpletrace files that have no header. For
example, a ring buffer may not have a header record but can still be
processed if the user is sure the file format version is compatible.
Stefan Hajnoczi [Sun, 22 Jun 2014 13:46:05 +0000 (21:46 +0800)]
trace: add tracetool simpletrace_stap format
This new tracetool "format" generates a SystemTap .stp file that outputs
simpletrace binary trace data.
In contrast to simpletrace or ftrace, SystemTap does not define its own
trace format. All output from SystemTap is generated by .stp files.
This patch lets us generate a .stp file that outputs in the simpletrace
binary format.
This makes it possible to reuse simpletrace.py to analyze traces
recorded using SystemTap. The simpletrace binary format is especially
useful for long-running traces like flight-recorder mode where string
formatting can be expensive.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Tomoki Sekiyama [Mon, 30 Jun 2014 21:51:40 +0000 (17:51 -0400)]
qga: Disable unsupported commands by default
Currently management softwares cannot know whether a qemu-ga command is
supported or not on the running platform until they actually execute it.
This patch disables unsupported commands at launch time of qemu-ga, so that
management softwares can check whether they are supported from 'enabled'
property of the result from 'guest-info' command.
Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Tomoki Sekiyama [Mon, 30 Jun 2014 21:51:34 +0000 (17:51 -0400)]
qga: Add guest-get-fsinfo command
Add command to get mounted filesystems information in the guest.
The returned value contains a list of mountpoint paths and
corresponding disks info such as disk bus type, drive address,
and the disk controllers' PCI addresses, so that management layer
such as libvirt can resolve the disk backends.
For example, when `lsblk' result is:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sdb 8:16 0 1G 0 disk
`-sdb1 8:17 0 1024M 0 part
`-vg0-lv0 253:1 0 1.4G 0 lvm /mnt/test
sdc 8:32 0 1G 0 disk
`-sdc1 8:33 0 512M 0 part
`-vg0-lv0 253:1 0 1.4G 0 lvm /mnt/test
vda 252:0 0 25G 0 disk
`-vda1 252:1 0 25G 0 part /
where sdb is a SCSI disk with PCI controller 0000:00:0a.0 and ID=1,
sdc is an IDE disk with PCI controller 0000:00:01.1, and
vda is a virtio-blk disk with PCI device 0000:00:06.0,
guest-get-fsinfo command will return the following result:
In Linux guest, the disk information is resolved from sysfs. So far,
it only supports virtio-blk, virtio-scsi, IDE, SATA, SCSI disks on x86
hosts, and "disk" parameter may be empty for unsupported disk types.
Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
*updated schema to report 2.2 as initial supported version
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Tomoki Sekiyama [Mon, 30 Jun 2014 21:51:27 +0000 (17:51 -0400)]
qga: Add guest-fsfreeze-freeze-list command
If an array of mount point paths is specified as 'mountpoints' argument
of guest-fsfreeze-freeze-list, qemu-ga will only freeze the file systems
mounted on specified paths in Linux guests. Otherwise, it works as the
same way as guest-fsfreeze-freeze.
This would be useful when the host wants to create partial disk snapshots.
Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com> Reviewed-by: Eric Blake <eblake@redhat.com>
*updated schema to report 2.2 as initial supported version
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Peter Maydell [Thu, 7 Aug 2014 13:54:47 +0000 (14:54 +0100)]
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
KVM changes include a MIPS patch and the testdev backend used by the
ARM kvm-unit-tests. icount include the first part of reverse execution
and Sebastian Tanase's patches to slow down -icount execution to the
desired speed of the target.
v1->v2: fix dump_drift_info to print nothing outside icount mode,
and to compile on 32-bit architectures
# gpg: Signature made Thu 07 Aug 2014 14:09:58 BST using RSA key ID 9B4D86F2
# gpg: Good signature from "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: aka "Paolo Bonzini <bonzini@gnu.org>"
* remotes/bonzini/tags/for-upstream:
target-mips: Ignore unassigned accesses with KVM
monitor: Add drift info to 'info jit'
cpu-exec: Print to console if the guest is late
cpu-exec: Add sleeping algorithm
icount: Add align option to icount
icount: Add QemuOpts for icount
icount: Fix virtual clock start value on ARM
timer: add cpu_icount_to_ns function.
migration: migrate icount fields.
icount: put icount variables into TimerState.
backends: Introduce chr-testdev
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
James Hogan [Mon, 28 Jul 2014 11:37:50 +0000 (12:37 +0100)]
target-mips: Ignore unassigned accesses with KVM
MIPS registers an unassigned access handler which raises a guest bus
error exception. However this causes QEMU to crash when KVM is enabled
as it isn't called from the main execution loop so longjmp() gets called
without a corresponding setjmp().
Until the KVM API can be updated to trigger a guest exception in
response to an MMIO exit, prevent the bus error exception being raised
from mips_cpu_unassigned_access() if KVM is enabled.
The check is at run time since the do_unassigned_access callback is
initialised before it is known whether KVM will be enabled.
The problem can be triggered with Malta emulation by making the guest
write to the reset region at physical address 0x1bf00000, since it is
marked read-only which is treated as unassigned for writes.
Signed-off-by: James Hogan <james.hogan@imgtec.com> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Gleb Natapov <gleb@redhat.com> Cc: Christoffer Dall <christoffer.dall@linaro.org> Cc: Sanjay Lal <sanjayl@kymasys.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Sebastian Tanase [Fri, 25 Jul 2014 09:56:33 +0000 (11:56 +0200)]
monitor: Add drift info to 'info jit'
Show in 'info jit' the current delay between the host clock
and the guest clock. In addition, print the maximum advance
and delay of the guest compared to the host.
Signed-off-by: Sebastian Tanase <sebastian.tanase@openwide.fr> Tested-by: Camille Bégué <camille.begue@openwide.fr> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Sebastian Tanase [Fri, 25 Jul 2014 09:56:32 +0000 (11:56 +0200)]
cpu-exec: Print to console if the guest is late
If the align option is enabled, we print to the user whenever
the guest clock is behind the host clock in order for he/she
to have a hint about the actual performance. The maximum
print interval is 2s and we limit the number of messages to 100.
If desired, this can be changed in cpu-exec.c
Signed-off-by: Sebastian Tanase <sebastian.tanase@openwide.fr> Tested-by: Camille Bégué <camille.begue@openwide.fr> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Sebastian Tanase [Fri, 25 Jul 2014 09:56:31 +0000 (11:56 +0200)]
cpu-exec: Add sleeping algorithm
The goal is to sleep qemu whenever the guest clock
is in advance compared to the host clock (we use
the monotonic clocks). The amount of time to sleep
is calculated in the execution loop in cpu_exec.
At first, we tried to approximate at each for loop the real time elapsed
while searching for a TB (generating or retrieving from cache) and
executing it. We would then approximate the virtual time corresponding
to the number of virtual instructions executed. The difference between
these 2 values would allow us to know if the guest is in advance or delayed.
However, the function used for measuring the real time
(qemu_clock_get_ns(QEMU_CLOCK_REALTIME)) proved to be very expensive.
We had an added overhead of 13% of the total run time.
Therefore, we modified the algorithm and only take into account the
difference between the 2 clocks at the begining of the cpu_exec function.
During the for loop we try to reduce the advance of the guest only by
computing the virtual time elapsed and sleeping if necessary. The overhead
is thus reduced to 3%. Even though this method still has a noticeable
overhead, it no longer is a bottleneck in trying to achieve a better
guest frequency for which the guest clock is faster than the host one.
As for the the alignement of the 2 clocks, with the first algorithm
the guest clock was oscillating between -1 and 1ms compared to the host clock.
Using the second algorithm we notice that the guest is 5ms behind the host, which
is still acceptable for our use case.
The tests where conducted using fio and stress. The host machine in an i5 CPU at
3.10GHz running Debian Jessie (kernel 3.12). The guest machine is an arm versatile-pb
built with buildroot.
Currently, on our test machine, the lowest icount we can achieve that is suitable for
aligning the 2 clocks is 6. However, we observe that the IO tests (using fio) are
slower than the cpu tests (using stress).
Signed-off-by: Sebastian Tanase <sebastian.tanase@openwide.fr> Tested-by: Camille Bégué <camille.begue@openwide.fr> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Sebastian Tanase [Wed, 23 Jul 2014 09:47:50 +0000 (11:47 +0200)]
icount: Fix virtual clock start value on ARM
When using the icount option on ARM, the virtual
clock starts counting at realtime clock but it
should start at 0.
The reason why the virtual clock starts at realtime clock
is because the first time we call qemu_clock_warp (which
calls icount_warp_rt) in tcg_exec_all, qemu_icount_bias
(which is part of the virtual time computation mechanism)
will increment by realtime - vm_clock_warp_start, with
vm_clock_warp_start being 0 (see icount_warp_rt in cpus.c).
By changing the value of vm_clock_warp_start from 0 to -1,
the first time we call qemu_clock_warp which calls
icount_warp_rt, we will return immediatly because
icount_warp_rt first checks if vm_clock_warp_start is -1
and if it's the case it returns. Therefore, qemu_icount_bias
will first be incremented by the value of a virtual timer
deadline when the virtual cpu goes from active to inactive.
The virtual time will start at 0 and increment based
on the instruction counter when the vcpu is active or
the qemu_icount_bias value when inactive.
Signed-off-by: Sebastian Tanase <sebastian.tanase@openwide.fr> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
KONRAD Frederic [Thu, 31 Jul 2014 23:37:15 +0000 (01:37 +0200)]
timer: add cpu_icount_to_ns function.
This adds cpu_icount_to_ns function which is needed for reverse execution.
It returns the time for a specific instruction.
Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
KONRAD Frederic [Thu, 31 Jul 2014 23:37:10 +0000 (01:37 +0200)]
migration: migrate icount fields.
This fixes a bug where qemu_icount and qemu_icount_bias are not migrated.
It adds a subsection "timer/icount" to vmstate_timers so icount is migrated only
when needed.
Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com> Reviewed-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
KONRAD Frederic [Thu, 31 Jul 2014 23:37:09 +0000 (01:37 +0200)]
icount: put icount variables into TimerState.
This puts qemu_icount and qemu_icount_bias into TimerState structure to allow
them to be migrated.
Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 11 Jul 2014 07:44:26 +0000 (09:44 +0200)]
backends: Introduce chr-testdev
From: Paolo Bonzini <pbonzini@redhat.com>
chr-testdev enables a virtio serial channel to be used for guest
initiated qemu exits. hw/misc/debugexit already enables guest
initiated qemu exits, but only for PC targets. chr-testdev supports
any virtio-capable target. kvm-unit-tests/arm is already making use
of this backend.
Currently there is a single command implemented, "q". It takes a
(prefix) argument for the exit code, thus an exit is implemented by
writing, e.g. "1q", to the virtio-serial port.
It can be used as:
$QEMU ... \
-device virtio-serial-device \
-device virtserialport,chardev=ctd -chardev testdev,id=ctd
Alex Williamson [Tue, 5 Aug 2014 19:05:57 +0000 (13:05 -0600)]
vfio: Don't cache MSIMessage
Commit 40509f7f added a test to avoid updating KVM MSI routes when the
MSIMessage is unchanged and f4d45d47 switched to relying on this
rather than doing our own comparison. Our cached msg is effectively
unused now. Remove it.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Alex Williamson [Tue, 5 Aug 2014 19:05:52 +0000 (13:05 -0600)]
vfio: Fix MSI-X vector expansion
When new MSI-X vectors are enabled we need to disable MSI-X and
re-enable it with the correct number of vectors. That means we need
to reprogram the eventfd triggers for each vector. Prior to f4d45d47
vector->use tracked whether a vector was masked or unmasked and we
could always pick the KVM path when available for unmasked vectors.
Now vfio doesn't track mask state itself and vector->use and virq
remains configured even for masked vectors. Therefore we need to ask
the MSI-X code whether a vector is masked in order to select the
correct signaling path. As noted in the comment, MSI relies on
hardware to handle masking.
Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Cc: qemu-stable@nongnu.org # QEMU 2.1
Peter Maydell [Mon, 4 Aug 2014 14:01:38 +0000 (15:01 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20140804' into staging
target-arm queue:
* Set PC correctly when loading AArch64 ELF files
* sdhci: Fix ADMA dma_memory_read access
* some more foundational work for EL2/EL3 support
* fix bugs which reveal themselves if the TARGET_PAGE_SIZE
is not set to 1K
# gpg: Signature made Mon 04 Aug 2014 14:51:34 BST using RSA key ID 14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
* remotes/pmaydell/tags/pull-target-arm-20140804:
target-arm: A64: fix TLB flush instructions
target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault
target-arm: Fix bit test in sp_el0_access
target-arm: Add FAR_EL2 and 3
target-arm: Add ESR_EL2 and 3
target-arm: Make far_el1 an array
target-arm: A64: Respect SPSEL when taking exceptions
target-arm: A64: Respect SPSEL in ERET SP restore
target-arm: A64: Break out aarch64_save/restore_sp
sd: sdhci: Fix ADMA dma_memory_read access
hw/arm/virt: formatting: memory map
hw/arm/boot: Set PC correctly when loading AArch64 ELF files
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alex Bennée [Mon, 4 Aug 2014 13:41:56 +0000 (14:41 +0100)]
target-arm: A64: fix TLB flush instructions
According to the ARM ARM we weren't correctly flushing the TLB entries
where bits 63:56 didn't match bit 55 of the virtual address. This
exposed a problem when we switched QEMU's internal TARGET_PAGE_BITS to
12 for aarch64.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1406733627-24255-3-git-send-email-alex.bennee@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alex Bennée [Mon, 4 Aug 2014 13:41:55 +0000 (14:41 +0100)]
target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault
Otherwise we break quickly when we change TARGET_PAGE_SIZE.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1406733627-24255-2-git-send-email-alex.bennee@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Stefan Weil [Mon, 4 Aug 2014 13:41:55 +0000 (14:41 +0100)]
target-arm: Fix bit test in sp_el0_access
Static code analyzers complain about a dubious & operation used for a
boolean value. The code does not test the PSTATE_SP bit as it should.
Cc: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1406359601-25583-1-git-send-email-sw@weilnetz.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1402994746-8328-7-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1402994746-8328-6-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
No functional change.
Prepares for future additions of the EL2 and 3 versions of this reg.
Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1402994746-8328-5-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: A64: Respect SPSEL when taking exceptions
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1402994746-8328-4-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1402994746-8328-3-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target-arm: A64: Break out aarch64_save/restore_sp
Break out code to save/restore AArch64 SP into functions.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1402994746-8328-2-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Andrew Jones [Mon, 4 Aug 2014 13:41:53 +0000 (14:41 +0100)]
hw/arm/virt: formatting: memory map
Add some spacing and zeros to make it easier to read and
modify the map. This patch has no functional changes. The
review looks ugly, but it's actually pretty easy to confirm
all the addresses are as they should be - thanks to the new
formatting ;-)
Signed-off-by: Andrew Jones <drjones@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 4 Aug 2014 13:41:53 +0000 (14:41 +0100)]
hw/arm/boot: Set PC correctly when loading AArch64 ELF files
The code in do_cpu_reset() correctly handled AArch64 CPUs
when running Linux kernels, but was missing code in the
branch of the if() that deals with loading ELF files.
Correctly jump to the ELF entry point on reset rather than
leaving the reset PC at zero.
Reported-by: Christopher Covington <cov@codeaurora.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Christopher Covington <cov@codeaurora.org> Cc: qemu-stable@nongnu.org
Peter Maydell [Mon, 4 Aug 2014 10:17:24 +0000 (11:17 +0100)]
Merge remote-tracking branch 'remotes/sstabellini/xen-20140801' into staging
* remotes/sstabellini/xen-20140801:
qemu: support xen hvm direct kernel boot
tap-bsd: implement a FreeBSD only version of tap_open
xen: fix usage of ENODATA
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Amit Shah [Tue, 22 Jul 2014 07:36:25 +0000 (13:06 +0530)]
checker: ignore fields marked unused
While comparing qemu-1.0 json output with qemu-2.1, a few fields got
marked unused. These need to be skipped over, and not flagged as
mismatches.
For handling unused fields, the exact number of bytes need to be skipped
over as the size of the unused field.
Currently, only the term "unused" is matched. When more field names
turn up, this will have to be updated based on the whitelist matching
method to match more such terms.
John Snow [Tue, 29 Jul 2014 23:28:58 +0000 (19:28 -0400)]
virtio-rng: replace error_set calls with error_setg
Under recommendation from Luiz Capitulino, we are changing
the error_set calls to error_setg while we are fixing up
the error handling pathways of virtio-rng.
Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
John Snow [Tue, 29 Jul 2014 23:28:57 +0000 (19:28 -0400)]
virtio-rng: Move error-checking forward to prevent memory leak
This patch pushes the error-checking forward and the virtio
initialization backward in the device realization function
in order to prevent memory leaks for hot plug scenarios.
Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
Chunyan Liu [Mon, 7 Jul 2014 06:34:35 +0000 (14:34 +0800)]
qemu: support xen hvm direct kernel boot
qemu side patch to support xen HVM direct kernel boot:
if -kernel exists, calls xen_load_linux(), which will read kernel/initrd
and add a linuxboot.bin or multiboot.bin option rom. The
linuxboot.bin/multiboot.bin will load kernel/initrd and jump to execute
kernel directly. It's working when xen uses seabios.
During this work, found the 'kvmvapic' is in option_rom list, it should
not be there in xen case. Set s->vapic_control = 0 in xen_apic_realize()
to handle that.
Signed-off-by: Chunyan Liu <cyliu@suse.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Acked-by: Michael S. Tsirkin <mst@redhat.com>
Roger Pau Monne [Fri, 23 May 2014 15:57:48 +0000 (17:57 +0200)]
tap-bsd: implement a FreeBSD only version of tap_open
The current behaviour of tap_open for BSD systems differ greatly from
it's Linux counterpart. Since FreeBSD supports interface renaming and
tap device cloning by opening /dev/tap, implement a FreeBSD specific
version of tap_open that behaves like it's Linux counterpart.
This is specially important for toolstacks that use Qemu (like Xen
libxl), in order to have a unified behaviour across suported
platforms.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Roger Pau Monne [Fri, 23 May 2014 15:57:47 +0000 (17:57 +0200)]
xen: fix usage of ENODATA
ENODATA doesn't exist on FreeBSD, so ENODATA errors returned by the
hypervisor are translated to ENOENT.
Also, the error code is returned in errno if the call returns -1, so
compare the error code with the value in errno instead of the value
returned by the function.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: xen-devel@lists.xenproject.org Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: Anthony Perard <anthony.perard@citrix.com>
Peter Maydell [Tue, 29 Jul 2014 11:04:01 +0000 (12:04 +0100)]
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging
pc migration fixes
Last minute fixes for migration.
It seems that if we don't fix it now, fixing
it in the next version will be even more painful ...
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Tue 29 Jul 2014 11:45:18 BST using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>"
* remotes/mst/tags/for_upstream:
piix: set legacy table size for 1.7
acpi-build: tweak acpi migration limits
pc: future-proof migration-compatibility of ACPI tables
acpi-build: minor code cleanup
pc: acpi: generate AML only for PCI0 devices if PCI bridge hotplug is disabled
bios-tables-test: fix ASL normalization false positive
pc: hack for migration compatibility from QEMU 2.0
acpi-dsdt: procedurally generate _PRT
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
- Tweak error message for legacy machine type:
Basically if table size exceeds the limits we set all
bets are off for migration: e.g. it can start failing even
within given qemu minor version simply because of a bugfix.
- Increase table size to 128k.
- Make sure we notice it long before we start getting close to the
128k limit: warn at 64k.
- Don't fail if we exceed the limit: most people don't care about
migration, even less people care about cross version miration.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Mon, 28 Jul 2014 15:34:16 +0000 (17:34 +0200)]
pc: future-proof migration-compatibility of ACPI tables
This patch avoids that similar changes break QEMU again in the future.
QEMU will now hard-code 64k as the maximum ACPI table size, which
(despite being an order of magnitude smaller than 640k) should be enough
for everyone.
Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Igor Mammedov [Mon, 28 Jul 2014 15:34:18 +0000 (17:34 +0200)]
pc: acpi: generate AML only for PCI0 devices if PCI bridge hotplug is disabled
Fixes migration regression from QEMU-1.7 to a newer QEMUs.
SSDT table size in QEMU-1.7 doesn't change regardless of
a number of PCI bridge devices present at startup.
However in QEMU-2.0 since addition of hotplug on PCI bridges,
each PCI bridge adds ~1875 bytes to SSDT table, including
pc-i440fx-1.7 machine type where PCI bridge hotplug disabled
via compat property.
It breaks migration from "QEMU-1.7" to "QEMU-2.[01] -M pc-i440fx-1.7"
since RAMBlock size of ACPI tables on target becomes larger
then on source and migration fails with:
"Length mismatch: /rom@etc/acpi/tables: 2000 in != 3000"
error.
Fix this by generating AML only for PCI0 bus if
hotplug on PCI bridges is disabled and preserves PCI brigde
description in AML as it was done in QEMU-1.7 for pc-i440fx-1.7.
It will help to maintain size of SSDT static regardless of
number of PCI bridges on startup for pc-i440fx-1.7 machine type.
Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Paolo Bonzini [Mon, 28 Jul 2014 15:34:17 +0000 (17:34 +0200)]
bios-tables-test: fix ASL normalization false positive
My version of IASL (from RHEL7) puts two newlines between the head comment
and the DefinitionBlock property. Kill all newlines after the comment,
so that normalize_asl works properly.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Paolo Bonzini [Mon, 28 Jul 2014 15:34:15 +0000 (17:34 +0200)]
pc: hack for migration compatibility from QEMU 2.0
Changing the ACPI table size causes migration to break, and the memory
hotplug work opened our eyes on how horribly we were breaking things in
2.0 already.
The ACPI table size is rounded to the next 4k, which one would think
gives some headroom. In practice this is not the case, because the user
can control the ACPI table size (each CPU adds 97 bytes to the SSDT and
8 to the MADT) and so some "-smp" values will break the 4k boundary and
fail to migrate. Similarly, PCI bridges add ~1870 bytes to the SSDT.
This patch concerns itself with fixing migration from QEMU 2.0. It
computes the payload size of QEMU 2.0 and always uses that one.
The previous patch shrunk the ACPI tables enough that the QEMU 2.0 size
should always be enough; non-AML tables can change depending on the
configuration (especially MADT, SRAT, HPET) but they remain the same
between QEMU 2.0 and 2.1, so we only compute our padding based on the
sizes of the SSDT and DSDT.
Migration from QEMU 1.7 should work for guests that have a number of CPUs
other than 12, 13, 14, 54, 55, 56, 97, 98, 139, 140. It was already
broken from QEMU 1.7 to QEMU 2.0 in the same way, though.
Even with this patch, QEMU 1.7 and 2.0 have two different ideas of
"-M pc-i440fx-2.0" when there are PCI bridges. Igor sent a patch to
adopt the QEMU 1.7 definition. I think distributions should apply
it if they move directly from QEMU 1.7 to 2.1+ without ever packaging
version 2.0.
Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Paolo Bonzini [Mon, 28 Jul 2014 15:34:14 +0000 (17:34 +0200)]
acpi-dsdt: procedurally generate _PRT
This replaces the _PRT constant with a method that computes it.
The problem is that the DSDT+SSDT have grown from 2.0 to 2.1,
enough to cross the 8k barrier (we align the ACPI tables to 4k
before putting them in fw_cfg). This causes problems with
migration and the pc-i440fx-2.0 machine type.
The solution to the problem is to hardcode 64k as the limit,
but this doesn't solve the bug with pc-i440fx-2.0. The fix will be
for QEMU 2.1 to use exactly the same size as QEMU 2.0 for the
ACPI tables. First, however, we must make the actual AML
equal or smaller; to do this, rewrite _PRT in a way that saves
over 1k of bytecode.
Reviewed-by: Laszlo Ersek <lersek@redhat.com> Tested-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Peter Maydell [Mon, 28 Jul 2014 10:05:14 +0000 (11:05 +0100)]
Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-2014-07-26' into staging
trivial patches for 2014-07-26
# gpg: Signature made Sat 26 Jul 2014 08:16:55 BST using RSA key ID A4C3D7DB
# gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>"
# gpg: aka "Michael Tokarev <mjt@corpit.ru>"
# gpg: aka "Michael Tokarev <mjt@debian.org>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5
# Subkey fingerprint: 6F67 E18E 7C91 C5B1 5514 66A7 BEE5 9D74 A4C3 D7DB
* remotes/mjt/tags/trivial-patches-2014-07-26:
qemu-options: fix another allows-to for -net l2tpv3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Paolo Bonzini [Thu, 24 Jul 2014 14:08:04 +0000 (16:08 +0200)]
qemu-char: ignore flow control if a PTY's slave is not connected
After commit f702e62 (serial: change retry logic to avoid concurrency,
2014-07-11), guest boot hangs if the backend is an unconnected PTY.
The reason is that PTYs do not support G_IO_HUP, and serial_xmit is
never called. To fix this, simply invoke serial_xmit immediately
(via g_idle_source_new) when this happens.
Tested-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
We need to remember has_updates for each vnc client. Otherwise it might
happen that vnc_update_client(has_dirty=1) takes the first exit due to
output buffers not being flushed yet and subsequent calls with
has_dirty=0 take the second exit, wrongly assuming there is nothing to
do because the work defered in the first call is ignored.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de>
Stephan Kulow [Wed, 23 Jul 2014 14:03:14 +0000 (16:03 +0200)]
fix full frame updates for VNC clients
If the client asks for !incremental frame updates, it has lost its content
so dirty doesn't matter - it has to see the full frame, so setting force_update
Signed-off-by: Stephan Kulow <coolo@suse.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de>
Eric Blake [Wed, 23 Jul 2014 12:26:18 +0000 (06:26 -0600)]
docs: document missing VSERPORT_CHANGE event
The VSERPORT_CHANGE event was added in e2ae6159. The patch for
this event was prepared at a time when this file was gone, even
though it got applied immediately after dfab4892 restored this
file. Duplicate the documentation into this file, so that
anyone using this file instead of qapi will not miss out on this
new event.
* docs/qmp/qmp-events.txt (VSERPORT_CHANGE): Add.
Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Wenchao Xia <wenchaoqemu@gmail.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Eric Blake [Wed, 23 Jul 2014 12:26:17 +0000 (06:26 -0600)]
docs: document missing POWERDOWN event
The POWERDOWN event was first documented in 0aab9ec3. But since dfab4892 later restored this file to the state prior to qmp events,
and we never documented it in the past, anyone using this file
instead of qapi will miss out on this event. Tweak the existing
wording of SHUTDOWN to match 84321831, and make the difference
between the two events apparent.
The SPICE_MIGRATE_COMPLETED event was first documented in 7cfadb6b. But since dfab4892 later restored this file to the
state prior to qmp events, and we never documented it in the
past, anyone using this file instead of qapi will miss out on
this event.
Eric Blake [Wed, 23 Jul 2014 12:26:15 +0000 (06:26 -0600)]
docs: split SPICE_* event docs
For consistency with the rest of this file, every event should be
listed in isolation. Compare how commit 7cfadb6b split
SPICE_CONNECTED and SPICE_DISCONNECTED into separate qmp events.
Eric Blake [Wed, 23 Jul 2014 12:26:14 +0000 (06:26 -0600)]
docs: grammar fixes to qmp-events
When converting to qmp events, commits 7cfadb6b and a6330785
fixed some grammar as part of moving text between files. But
since dfab4892 later restored this file to the state prior to
qmp events, we have to do it again.
Peter Maydell [Tue, 22 Jul 2014 16:10:01 +0000 (17:10 +0100)]
hw/misc/imx_ccm.c: Add missing VMState list terminator
The VMStateDescription for the imx_ccm device was missing its
terminator. Found by static search of the codebase using
a regex based on one suggested by Ian Jackson:
pcregrep -rMi '(?s)VMStateField(?:(?!END_OF_LIST).)*?;' $(git grep -l 'VMStateField\[\]')
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Cc: qemu-stable@nongnu.org
"vmstate_xhci_event" was introduced in commit 37352df3 ("xhci: add live
migration support"), and first released in v1.6.0. The field list in this
VMSD is not terminated with the VMSTATE_END_OF_LIST() macro.
During normal use (ie. migration), the issue is practically invisible,
because the "vmstate_xhci_event" object (with the unterminated field list)
is only ever referenced -- via "vmstate_xhci_intr" -- if xhci_er_full()
returns true, for the "ev_buffer" test. Since that field_exists() check
(apparently) almost always returns false, we almost never traverse
"vmstate_xhci_event" during migration, which hides the bug.
However, Amit's vmstate checker forces recursion into this VMSD as well,
and the lack of VMSTATE_END_OF_LIST() breaks the field list terminator
check (field->name != NULL) in dump_vmstate_vmsd(). The result is
undefined behavior, which in my case translates to infinite recursion
(because the loop happens to overflow into "vmstate_xhci_intr", which then
links back to "vmstate_xhci_event").
Add the missing terminator.
Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2. if there is a numa node backed by memory backend object, qemu fails
with message:
./ppc-softmmu/qemu-system-ppc -m 512 \
-object memory-backend-file,size=512M,mem-path=/hugepages,id=f0 \
-numa node,nodeid=0,memdev=f0 \
-kernel /home/hutao/Downloads/vmlinux-ppc \
-initrd /home/hutao/Downloads/initrd-ppc.gz
qemu-system-ppc: memory backend f0 is used multiple times. Each -numa option must use a different memdev value.
This patch does following:
1. replaces memory_region_allocate_system_memory() with
memory_region_init_ram() for rom, sram. Then only system memory
is backed by hugepages when specifying mem-path.
2. for memory banks, allocates all ram with
one memory_region_allocate_system_memory(), and use
memory_region_init_alias() to initialize memory banks.
John Snow [Mon, 21 Jul 2014 21:44:37 +0000 (17:44 -0400)]
virtio-rng: Add human-readable error message for negative max-bytes parameter
If a negative integer is used for the max_bytes parameter, QEMU currently
calls abort() and leaves behind a core dump. This patch replaces the
abort with a simple error message to make the reason for the termination
clearer. This also ensures device-hotplug with invalid input doesn't
cause qemu to quit.
There is an underlying insufficiency in the parameter parsing code of QEMU
that renders it unable to reject negative values for unsigned properties,
thus the error message "a non-negative integer below 2^63" is the most
user-friendly and correct message we can give until the underlying
insufficiency is corrected.
Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com>
projects / mirror_qemu.git / log