aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2015-10-12exec: remove non-TCG stuff from exec-all.h header.Paolo Bonzini4-6/+6
The header is included from basically everywhere, thanks to cpu.h. It should be moved to the (TCG only) files that actually need it. As a start, remove non-TCG stuff. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12target-i386/kvm: Hyper-V HV_X64_MSR_VP_RUNTIME supportAndrey Smetanin5-1/+43
HV_X64_MSR_VP_RUNTIME msr used by guest to get "the time the virtual processor consumes running guest code, and the time the associated logical processor spends running hypervisor code on behalf of that guest." Calculation of that time is performed by task_cputime_adjusted() for vcpu task by KVM side. Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Richard Henderson <rth@twiddle.net> CC: Eduardo Habkost <ehabkost@redhat.com> CC: "Andreas Färber" <afaerber@suse.de> CC: Marcelo Tosatti <mtosatti@redhat.com> Message-Id: <1442397584-16698-4-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12target-i386/kvm: set Hyper-V features cpuid bit HV_X64_MSR_VP_INDEX_AVAILABLEAndrey Smetanin3-1/+12
Hyper-V features bit HV_X64_MSR_VP_INDEX_AVAILABLE value is based on cpu option "hv-vpindex" and kernel support of HV_X64_MSR_VP_INDEX. Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Richard Henderson <rth@twiddle.net> CC: Eduardo Habkost <ehabkost@redhat.com> CC: "Andreas Färber" <afaerber@suse.de> CC: Marcelo Tosatti <mtosatti@redhat.com> Message-Id: <1442397584-16698-3-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12target-i386/kvm: Hyper-V HV_X64_MSR_RESET supportAndrey Smetanin3-2/+12
HV_X64_MSR_RESET msr is used by Hyper-V based Windows guest to reset guest VM by hypervisor. This msr is stateless so no migration/fetch/update is required. This code checks cpu option "hv-reset" and support by kernel. If both conditions are met appropriate Hyper-V features cpuid bit is set. Signed-off-by: Andrey Smetanin <asmetanin@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Richard Henderson <rth@twiddle.net> CC: Eduardo Habkost <ehabkost@redhat.com> CC: "Andreas Färber" <afaerber@suse.de> CC: Marcelo Tosatti <mtosatti@redhat.com> Message-Id: <1442397584-16698-2-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12linux-headers: update from kvm/nextPaolo Bonzini3-2/+53
linux-headers/linux/vhost.h is currently out of sync with Linux. Do not touch it in this update. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12checkpatch: allow open braces on typedef linesPaolo Bonzini1-5/+0
The style here seems to be split according to the maintainer, but traditionally open braces were placed on typedef lines. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12exec.c: Collect AddressSpace related fields into a CPUAddressSpace structPeter Maydell5-31/+48
Gather up all the fields currently in CPUState which deal with the CPU's AddressSpace into a separate CPUAddressSpace struct. This paves the way for allowing the CPU to know about more than one AddressSpace. The rearrangement also allows us to make the MemoryListener a directly embedded object in the CPUAddressSpace (it could not be embedded in CPUState because 'struct MemoryListener' isn't defined for the user-only builds). This allows us to resolve the FIXME in tcg_commit() by going directly from the MemoryListener to the CPUAddressSpace. This patch extracts the actual update of the cached dispatch pointer from cpu_reload_memory_map() (which is renamed accordingly to cpu_reloading_memory_map() as it is only responsible for breaking cpu-exec.c's RCU critical section now). This lets us keep the definition of the CPUAddressSpace struct private to exec.c. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <1443709790-25180-4-git-send-email-peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12cpu-exec-common.c: Clarify comment about cpu_reload_memory_map()'s RCU ↵Peter Maydell1-6/+14
operations The reason for cpu_reload_memory_map()'s RCU operations is not so much because the guest could make the critical section very long, but that it could have a critical section within which it made an arbitrary number of changes to the memory map and thus accumulate an unbounded amount of memory data structures awaiting reclamation. Clarify the comment to make this clearer. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <1443709790-25180-3-git-send-email-peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12exec.c: Don't call cpu_reload_memory_map() from cpu_exec_init()Peter Maydell1-1/+0
Currently we call cpu_reload_memory_map() from cpu_exec_init(), but this is not necessary: * KVM doesn't use the data structures maintained by cpu_reload_memory_map() (the TLB and cpu->memory_dispatch) * for TCG, we will call this function via tcg_commit() either as soon as tcg_cpu_address_space_init() registers the listener, or when the first MemoryRegion is added to the AddressSpace if the AS is empty when we register the listener The unnecessary call is awkward for adding support for multiple address spaces per CPU, so drop it. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Message-Id: <1443709790-25180-2-git-send-email-peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12configure: Require Python 2.6Markus Armbruster1-8/+4
RHEL-6 and SLES-11 provide Python 2.6. It'll also work on OS X back to 10.6. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1441396383-17304-1-git-send-email-armbru@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12megasas: fix megasas_get_sata_addrPaolo Bonzini1-1/+1
There are two bugs here. First, the 16-bit id loses the high 8 bits when shifted left by 24. Second, the address must be combined with an "or" or we just get zero. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12scsi: switch from g_slice allocator to mallocPaolo Bonzini3-14/+12
Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12nbd: switch from g_slice allocator to mallocPaolo Bonzini1-2/+2
Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-12Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into ↵Peter Maydell10-41/+108
staging Pull request v2: * Fix virtio 16lx -> HWADDR_PRIx format specifier [Peter] # gpg: Signature made Mon 12 Oct 2015 11:19:06 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" * remotes/stefanha/tags/block-pull-request: sdhci.c: Limit the maximum block size block: switch from g_slice allocator to malloc virtio dataplane: adapt dataplane for virtio Version 1 virtio-blk: use blk_io_plug/unplug for Linux AIO batching sdhci: Pass drive parameter to sdhci-pci via qdev property Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-12Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into ↵Peter Maydell20-65/+917
staging # gpg: Signature made Mon 12 Oct 2015 08:56:47 BST using RSA key ID 398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: tests: add test cases for netfilter object netfilter: add a netbuffer filter net/queue: export qemu_net_queue_append_iov netfilter: print filter info associate with the netdev netfilter: add an API to pass the packet to next filter net/queue: introduce NetQueueDeliverFunc net: merge qemu_deliver_packet and qemu_deliver_packet_iov netfilter: hook packets before net queue send init/cleanup of netfilter object vl.c: init delayed object after net_init_clients vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command e1000: use alias for default model vmxnet3: Support reading IMR registers on bar0 net/vmxnet3: Refine l2 header validation Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-12sdhci.c: Limit the maximum block sizeAlistair Francis1-0/+10
It is possible for the guest to set an invalid block size which is larger then the fifo_buffer[] array. This could cause a buffer overflow. To avoid this limit the maximum size of the blksize variable. Signed-off-by: Alistair Francis <alistair.francis@xilinx.com> Reported-by: Intel Security ATR <secure@intel.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Message-id: abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.francis@xilinx.com Suggested-by: Igor Mitsyanko <i.mitsyanko@gmail.com> Reported-by: Intel Security ATR <secure@intel.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12block: switch from g_slice allocator to mallocPaolo Bonzini5-12/+12
Simplify memory allocation by sticking with a single API. GSlice is not that fast anyway (tcmalloc/jemalloc are better). Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12virtio dataplane: adapt dataplane for virtio Version 1Pierre Morel2-15/+58
Let dataplane allocate different region for the desc/avail/used ring regions. Take VIRTIO_RING_F_EVENT_IDX into account to increase the used/avail rings accordingly. [Fix 32-bit builds by changing 16lx format specifier to HWADDR_PRIx. --Stefan] Signed-off-by: Pierre Morel <pmorel@linux.vnet.ibm.com> Tested-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Message-id: 1441625636-23773-1-git-send-email-pmorel@linux.vnet.ibm.com (changed __virtio16 into uint16_t, map descriptor table and available ring read-only) Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-10-09' ↵Peter Maydell46-62/+463
into staging Fix device introspection regressions # gpg: Signature made Fri 09 Oct 2015 14:43:41 BST using RSA key ID EB918653 # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" * remotes/armbru/tags/pull-monitor-2015-10-09: Revert "qdev: Use qdev_get_device_class() for -device <type>,help" qdev: Protect device-list-properties against broken devices qmp: Fix device-list-properties not to crash for abstract device device-introspect-test: New, covering device introspection libqtest: New hmp() & friends libqtest: Clean up unused QTestState member sigact_old tests: Fix how qom-test is run macio: move DBDMA_init from instance_init to realize hw: do not pass NULL to memory_region_init from instance_init memory: allow destroying a non-empty MemoryRegion virtio-input: Fix device introspection on non-Linux hosts update-linux-headers: Rename SW_MAX to SW_MAX_ Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-12virtio-blk: use blk_io_plug/unplug for Linux AIO batchingStefan Hajnoczi1-0/+4
The raw-posix block driver implements Linux AIO batching so multiple requests can be submitted with a single io_submit(2) system call. Batching is currently only used by virtio-scsi and virtio-blk-data-plane. Enable batching for regular virtio-blk so the number of io_submit(2) system calls is reduced for workloads with queue depth > 1. In 4KB random read performance tests with queue depth 32, the CPU utilization on the host is reduced by 9.4%. The fio job is as follows: [global] bs=4k ioengine=libaio iodepth=32 direct=1 sync=0 time_based=1 runtime=30 clocksource=gettimeofday ramp_time=5 [job1] rw=randread filename=/dev/vdb size=4096M write_bw_log=fio write_iops_log=fio write_lat_log=fio log_avg_msec=1000 This benchmark was run on an raw image on LVM. The disk was an SSD drive and -drive cache=none,aio=native was used. Tested-by: Pradeep Surisetty <psuriset@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com>
2015-10-12sdhci: Pass drive parameter to sdhci-pci via qdev propertyKevin O'Connor3-14/+24
Commit 19109131 disabled the sdhci-pci support because it used drive_get_next(). This patch reenables sdhci-pci and changes it to pass the drive via a qdev property - for example: -device sdhci-pci,drive=drive0 -drive id=drive0,if=sd,file=myimage Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin O'Connor <kevin@koconnor.net> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12tests: add test cases for netfilter objectYang Hongyang3-0/+203
Using qtest qmp interface to implement following cases: 1) add/remove netfilter 2) add a netfilter then delete the netdev 3) add/remove more than one netfilters 4) add more than one netfilters and then delete the netdev Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12netfilter: add a netbuffer filterYang Hongyang4-1/+209
This filter is to buffer/release packets. Can be used when using MicroCheckpointing or other Remus like VM FT solutions. You can also use it to crudely simulate network delay. Doesn't actually delay individual packets, but batches them together, which is a delay of sorts. Usage: -netdev tap,id=bn0 -object filter-buffer,id=f0,netdev=bn0,queue=rx,interval=1000 NOTE: Interval is in microseconds, it can't be omitted currently, and can't be 0. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12net/queue: export qemu_net_queue_append_iovYang Hongyang2-6/+13
This will be used by buffer filter implementation later to queue packets. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12netfilter: print filter info associate with the netdevYang Hongyang3-0/+32
When execute "info network", print filter info also. add a info_str member to NetFilterState, store specific filters info. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12netfilter: add an API to pass the packet to next filterYang Hongyang2-0/+65
add an API qemu_netfilter_pass_to_next() to pass the packet to next filter. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12net/queue: introduce NetQueueDeliverFuncYang Hongyang3-5/+18
net/queue.c has logic to send/queue/flush packets but a qemu_deliver_packet_iov() call is hardcoded. Abstract this func so that we can use our own deliver function in netfilter. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Cc: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12net: merge qemu_deliver_packet and qemu_deliver_packet_iovYang Hongyang3-41/+21
qemu_deliver_packet_iov already have the compat delivery, we can drop qemu_deliver_packet. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12netfilter: hook packets before net queue sendYang Hongyang3-0/+91
Capture packets that will be sent. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12init/cleanup of netfilter objectYang Hongyang7-0/+229
Add a netfilter object based on QOM. A netfilter is attached to a netdev, captures all network packets that pass through the netdev. When we delete the netdev, we also delete the netfilter object attached to it, because if the netdev is removed, the filter which attached to it is useless. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12vl.c: init delayed object after net_init_clientsYang Hongyang1-7/+8
Init delayed object after net_init_clients, because netfilters need to be initialized after net clients initialized. Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12vmxnet3: Add support for VMXNET3_CMD_GET_ADAPTIVE_RING_INFO commandShmulik Ladkani2-1/+14
Some drivers (e.g. vmware-tools) issue the VMXNET3_CMD_GET_ADAPTIVE_RING_INFO command. Currently, due to lack of support, a bogus value (-1) is returned. Support this command, returning the "adaptive-ring disabled" flag. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12e1000: use alias for default modelJason Wang2-7/+2
Instead of duplicating the "e1000-82540em" device model as "e1000", make the latter an alias for the former. Cc: Markus Armbruster <armbru@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com Reviewed-by: Markus Armbruster <armbru@redhat.com>
2015-10-12vmxnet3: Support reading IMR registers on bar0Shmulik Ladkani1-1/+5
Instead of asserting, return the actual IMR register value. This is aligned with what's returned on ESXi. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> Tested-by: Dana Rubin <dana.rubin@ravellosystems.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-12net/vmxnet3: Refine l2 header validationDana Rubin2-6/+17
Validation of l2 header length assumed minimal packet size as eth_header + 2 * vlan_header regardless of the actual protocol. This caused crash for valid non-IP packets shorter than 22 bytes, as 'tx_pkt->packet_type' hasn't been assigned for such packets, and 'vmxnet3_on_tx_done_update_stats()' expects it to be properly set. Refine header length validation in 'vmxnet_tx_pkt_parse_headers'. Check its return value during packet processing flow. As a side effect, in case IPv4 and IPv6 header validation failure, corrupt packets will be dropped. Signed-off-by: Dana Rubin <dana.rubin@ravellosystems.com> Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-10-09Merge remote-tracking branch 'remotes/kraxel/tags/pull-virgl-20151008-1' ↵Peter Maydell21-59/+1626
into staging virtio-gpu: add 3d rendering support using virgl, misc fixes. ui/gtk: add opengl context and scanout support (for virtio-gpu). # gpg: Signature made Thu 08 Oct 2015 10:35:39 BST using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-virgl-20151008-1: gtk/opengl: add opengl context and scanout support (GtkGLArea) gtk/opengl: add opengl context and scanout support (egl) opengl: add egl-context.[ch] helpers virtio-gpu: add cursor update tracepoint virtio-gpu: add 3d mode and virgl rendering support. virtio-gpu: update headers for virgl/3d virtio-gpu: change licence from GPLv2 to GPLv2+ virtio-gpu: move iov free to virtio_gpu_cleanup_mapping_iov ui/console: add opengl context and scanout support interfaces. sdl2: stop flickering shaders: initialize vertexes once Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-09Revert "qdev: Use qdev_get_device_class() for -device <type>,help"Markus Armbruster1-3/+6
This reverts commit 31bed5509dfcbdfc293154ce81086a4dbd7a80b6. The reverted commit changed qdev_device_help() to reject abstract devices and devices that have cannot_instantiate_with_device_add_yet set, to fix crash bugs like -device x86_64-cpu,help. Rejecting abstract devices makes sense: they're purely internal, and the implementation of the help feature can't cope with them. Rejecting non-pluggable devices makes less sense: even though you can't use them with -device, the help may still be useful elsewhere, for instance with -global. This is a regression: -device FOO,help used to help even for FOO that aren't pluggable. The previous two commits fixed the crash bug at a lower layer, so reverting this one is now safe. Fixes the -device FOO,help regression, except for the broken devices marked cannot_even_create_with_object_new_yet. For those, the error message is improved. Example of a device where the regression is fixed: $ qemu-system-x86_64 -device PIIX4_PM,help PIIX4_PM.command_serr_enable=bool (on/off) PIIX4_PM.multifunction=bool (on/off) PIIX4_PM.rombar=uint32 PIIX4_PM.romfile=str PIIX4_PM.addr=int32 (Slot and optional function number, example: 06.0 or 06) PIIX4_PM.memory-hotplug-support=bool PIIX4_PM.acpi-pci-hotplug-with-bridge-support=bool PIIX4_PM.s4_val=uint8 PIIX4_PM.disable_s4=uint8 PIIX4_PM.disable_s3=uint8 PIIX4_PM.smb_io_base=uint32 Example of a device where it isn't fixed: $ qemu-system-x86_64 -device host-x86_64-cpu,help Can't list properties of device 'host-x86_64-cpu' Both failed with "Parameter 'driver' expects pluggable device type" before. Cc: qemu-stable@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1443689999-12182-11-git-send-email-armbru@redhat.com>
2015-10-09qdev: Protect device-list-properties against broken devicesMarkus Armbruster27-27/+185
Several devices don't survive object_unref(object_new(T)): they crash or hang during cleanup, or they leave dangling pointers behind. This breaks at least device-list-properties, because qmp_device_list_properties() needs to create a device to find its properties. Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Example reproducer: $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } } qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. Aborted (core dumped) [Exit 134 (SIGABRT)] Unfortunately, I can't fix the problems in these devices right now. Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet to mark them: * Hang during cleanup (didn't debug, so I can't say why): "realview_pci", "versatile_pci". * Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic", "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such CPUs * Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu", "host-powerpc64-cpu", "host-embedded-powerpc-cpu", "host-powerpc-cpu" (the powerpc ones can't currently reach the assertion, because the CPUs are only registered when KVM is enabled, but the assertion is arguably in the wrong place all the same) Make qmp_device_list_properties() fail cleanly when the device is so marked. This improves device-list-properties from "crashes, hangs or leaves dangling pointers behind" to "fails". Not a complete fix, just a better-than-nothing work-around. In the above reproducer, device-list-properties now fails with "Can't list properties of device 'pxa2xx-pcmcia'". This also protects -device FOO,help, which uses the same machinery since commit ef52358 "qdev-monitor: include QOM properties in -device FOO, help output", v2.2. Example reproducer: $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help Before: qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. After: Can't list properties of device 'pxa2xx-pcmcia' Cc: "Andreas Färber" <afaerber@suse.de> Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com> Cc: Alexander Graf <agraf@suse.de> Cc: Anthony Green <green@moxielogic.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Cc: Blue Swirl <blauwirbel@gmail.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Cc: Jia Liu <proljc@gmail.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Cc: Max Filippov <jcmvbkbc@gmail.com> Cc: Michael Walle <michael@walle.cc> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Richard Henderson <rth@twiddle.net> Cc: qemu-ppc@nongnu.org Cc: qemu-stable@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1443689999-12182-10-git-send-email-armbru@redhat.com>
2015-10-09qmp: Fix device-list-properties not to crash for abstract deviceMarkus Armbruster2-11/+10
Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Cc: qemu-stable@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Message-Id: <1443689999-12182-9-git-send-email-armbru@redhat.com>
2015-10-09device-introspect-test: New, covering device introspectionMarkus Armbruster2-3/+163
The test doesn't check that the output makes any sense, only that QEMU survives. Useful since we've had an astounding number of crash bugs around there. In fact, we have a bunch of them right now: a few devices crash or hang, and some leave dangling pointers behind. The test skips testing the broken parts. The next commits will fix them up, and drop the skipping. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1443689999-12182-8-git-send-email-armbru@redhat.com>
2015-10-09libqtest: New hmp() & friendsMarkus Armbruster4-22/+78
New convenience function hmp() to facilitate use of human-monitor-command in tests. Use it to simplify its existing uses. To blend into existing libqtest code, also add qtest_hmpv() and qtest_hmp(). That, and the egregiously verbose GTK-Doc comment format make this patch look bigger than it is. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <1443689999-12182-7-git-send-email-armbru@redhat.com>
2015-10-09libqtest: Clean up unused QTestState member sigact_oldMarkus Armbruster1-1/+0
Unused since commit d766825. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1443689999-12182-6-git-send-email-armbru@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
2015-10-09tests: Fix how qom-test is runMarkus Armbruster1-6/+8
We want to run qom-test for every architecture, without having to manually add it to every architecture's list of tests. Commit 3687d53 accomplished this by adding it to every architecture's list automatically. However, some architectures inherit their tests from others, like this: check-qtest-x86_64-y = $(check-qtest-i386-y) check-qtest-microblazeel-y = $(check-qtest-microblaze-y) check-qtest-xtensaeb-y = $(check-qtest-xtensa-y) For such architectures, we ended up running the (slow!) test twice. Commit 2b8419c attempted to avoid this by adding the test only when it's not already present. Works only as long as we consider adding the test to the architectures on the left hand side *after* the ones on the right hand side: x86_64 after i386, microblazeel after microblaze, xtensaeb after xtensa. Turns out we consider them in $(SYSEMU_TARGET_LIST) order. Defined as SYSEMU_TARGET_LIST := $(subst -softmmu.mak,,$(notdir \ $(wildcard $(SRC_PATH)/default-configs/*-softmmu.mak))) On my machine, this results in the oder xtensa, x86_64, microblazeel, microblaze, i386. Consequently, qom-test runs twice for microblazeel and x86_64. Replace this complex and flawed machinery with a much simpler one: add generic tests (currently just qom-test) to check-qtest-generic-y instead of check-qtest-$(target)-y for every target, then run $(check-qtest-generic-y) for every target. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Message-Id: <1443689999-12182-5-git-send-email-armbru@redhat.com>
2015-10-09macio: move DBDMA_init from instance_init to realizePaolo Bonzini1-4/+4
DBDMA_init is not idempotent, and calling it from instance_init breaks a simple object_new/object_unref pair. Work around this, pending qdev-ification of DBDMA, by moving the call to realize. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1443689999-12182-4-git-send-email-armbru@redhat.com>
2015-10-09hw: do not pass NULL to memory_region_init from instance_initPaolo Bonzini7-12/+12
This causes the region to outlive the object, because it attaches the region to /machine. This is not nice for the "realize" method, but much worse for "instance_init" because it can cause dangling pointers after a simple object_new/object_unref pair. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1443689999-12182-3-git-send-email-armbru@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
2015-10-09memory: allow destroying a non-empty MemoryRegionPaolo Bonzini1-1/+16
This is legal; the MemoryRegion will simply unreference all the existing subregions and possibly bring them down with it as well. However, it requires a bit of care to avoid an infinite loop. Finalizing a memory region cannot trigger an address space update, but memory_region_del_subregion errs on the side of caution and might trigger a spurious update: avoid that by resetting mr->enabled first. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1443689999-12182-2-git-send-email-armbru@redhat.com>
2015-10-09virtio-input: Fix device introspection on non-Linux hostsMarkus Armbruster3-9/+17
When CONFIG_LINUX is off, devices "virtio-keyboard-device", "virtio-mouse-device", "virtio-tablet-device" and "virtio-input-host-device" aren't compiled in, yet "virtio-keyboard-pci", "virtio-mouse-pci", "virtio-tablet-pci" and "virtio-input-host-pci" still are. Attempts to introspect them crash, e.g. $ qemu-system-x86_64 -device virtio-tablet-pci,help ** ERROR:/work/armbru/qemu/qom/object.c:333:object_initialize_with_type: assertion failed: (type != NULL) Broken in commit 710e2d9 and commit 006a5ed. Fix by compiling the "virtio-FOO-pci" exactly when compiling the "virtio-FOO-device": compile "virtio-keyboard-device", "virtio-mouse-device", "virtio-tablet-device" regardless of CONFIG_LINUX, and compile "virtio-input-host-pci" only for CONFIG_LINUX. Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Message-Id: <1444320700-26260-3-git-send-email-armbru@redhat.com>
2015-10-09update-linux-headers: Rename SW_MAX to SW_MAX_Markus Armbruster2-2/+3
The next commit will compile hw/input/virtio-input.c and hw/input/virtio-input-hid.c even when CONFIG_LINUX is off. These files include both "include/standard-headers/linux/input.h" and <windows.h> then. Doesn't work, because both define SW_MAX. We don't actually use it. Patch input.h to define SW_MAX_ instead. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1444320700-26260-2-git-send-email-armbru@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-09Merge remote-tracking branch 'remotes/stefanha/tags/tracing-pull-request' ↵Peter Maydell3-35/+5
into staging # gpg: Signature made Fri 09 Oct 2015 10:15:13 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" * remotes/stefanha/tags/tracing-pull-request: trace: remove malloc tracing docs: update the usage example of "dtrace" backend in tracing.txt Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-09Merge remote-tracking branch ↵Peter Maydell27-91/+83
'remotes/mjt/tags/pull-trivial-patches-2015-10-08' into staging trivial patches for 2015-10-08 # gpg: Signature made Thu 08 Oct 2015 17:51:05 BST using RSA key ID A4C3D7DB # gpg: Good signature from "Michael Tokarev <mjt@tls.msk.ru>" # gpg: aka "Michael Tokarev <mjt@corpit.ru>" # gpg: aka "Michael Tokarev <mjt@debian.org>" * remotes/mjt/tags/pull-trivial-patches-2015-10-08: tests: Unique test path for /string-visitor/output linux-user: Remove type casts to union type linux-user: Use g_new() & friends where that makes obvious sense rocker: Use g_new() & friends where that makes obvious sense .travis.yml: Run make check for all targets, not just some hw: char: Remove unnecessary variable hw: timer: Remove unnecessary variable qapi: add missing @ MAINTAINERS: Add NSIS file for W32, W64 hosts target-ppc: Remove unnecessary variable target-microblaze: Remove unnecessary variable s/cpu_get_real_ticks/cpu_get_host_ticks/ pc: check for underflow in load_linux pci-assign: do not include sys/io.h block/ssh: remove dead code imx_serial: Generate interrupt on tx empty if enabled sdhci: Change debug prints to compile unconditionally sdhci: use PRIx64 for uint64_t type Add .dir-locals.el file to configure emacs coding style Signed-off-by: Peter Maydell <peter.maydell@linaro.org>