summaryrefslogtreecommitdiffstats
path: root/accel
Commit message (Collapse)AuthorAgeFilesLines
* kvm: add support for KVM_GUESTDBG_BLOCKIRQMaxim Levitsky2021-12-101-0/+17
| | | | | | | | | | | | Use the KVM_GUESTDBG_BLOCKIRQ debug flag if supported. Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> [Extracted from Maxim's patch into a separate commit. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20211111110604.207376-6-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* gdbstub, kvm: let KVM report supported singlestep flagsMaxim Levitsky2021-12-101-0/+12
| | | | | | | | | Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> [Extracted from Maxim's patch into a separate commit. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20211111110604.207376-5-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* accel/tcg: suppress IRQ check for special TBsAlex Bennée2021-11-292-2/+11
| | | | | | | | | | | | | | | | | | When we set cpu->cflags_next_tb it is because we want to carefully control the execution of the next TB. Currently there is a race that causes the second stage of watchpoint handling to get ignored if an IRQ is processed before we finish executing the instruction that triggers the watchpoint. Use the new CF_NOIRQ facility to avoid the race. We also suppress IRQs when handling precise self modifying code to avoid unnecessary bouncing. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Cc: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru> Fixes: https://gitlab.com/qemu-project/qemu/-/issues/245 Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20211129140932.4115115-3-alex.bennee@linaro.org>
* meson: remove useless libdl testPaolo Bonzini2021-11-161-1/+1
| | | | | | | | | | | | dlopen is never used after it is sought via cc.find_library, because plugins use gmodule instead; remove the test. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20211110092454.30916-1-pbonzini@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20211115142915.3797652-5-alex.bennee@linaro.org>
* accel/tcg: Register a force_rcu notifierGreg Kurz2021-11-102-0/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A TCG vCPU doing a busy loop systematicaly hangs the QEMU monitor if the user passes 'device_add' without argument. This is because drain_cpu_all() which is called from qmp_device_add() cannot return if readers don't exit read-side critical sections. That is typically what busy-looping TCG vCPUs do: int cpu_exec(CPUState *cpu) { [...] rcu_read_lock(); [...] while (!cpu_handle_exception(cpu, &ret)) { // Busy loop keeps vCPU here } [...] rcu_read_unlock(); return ret; } For MTTCG, have all vCPU threads register a force_rcu notifier that will kick them out of the loop using async_run_on_cpu(). The notifier is called with the rcu_registry_lock mutex held, using async_run_on_cpu() ensures there are no deadlocks. For RR, a single thread runs all vCPUs. Just register a single notifier that kicks the current vCPU to the next one. For MTTCG: Suggested-by: Paolo Bonzini <pbonzini@redhat.com> For RR: Suggested-by: Richard Henderson <richard.henderson@linaro.org> Fixes: 7bed89958bfb ("device_core: use drain_call_rcu in in qmp_device_add") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/650 Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20211109183523.47726-3-groug@kaod.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* plugins: try and make plugin_insn_append more ergonomicAlex Bennée2021-11-042-3/+2Star
| | | | | | | | | | | | | | | | | | Currently we make the assumption that the guest frontend loads all op code bytes sequentially. This mostly holds up for regular fixed encodings but some architectures like s390x like to re-read the instruction which causes weirdness to occur. Rather than changing the frontends make the plugin API a little more ergonomic and able to handle the re-read case. Stuff will still get strange if we read ahead of the opcode but so far no front ends have done that and this patch asserts the case so we can catch it early if they do. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Suggested-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20211026102234.3961636-21-alex.bennee@linaro.org>
* Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingRichard Henderson2021-11-031-0/+7
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Build system fixes and cleanups * DMA support in the multiboot option ROM * Rename default-bus-bypass-iommu * Deprecate -watchdog and cleanup -watchdog-action * HVF fix for <PAGE_SIZE regions * Support TSC scaling for AMD nested virtualization * Fix for ESP fuzzing bug # gpg: Signature made Tue 02 Nov 2021 10:57:37 AM EDT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] * remotes/bonzini/tags/for-upstream: (27 commits) configure: fix --audio-drv-list help message configure: Remove the check for the __thread keyword Move the l2tpv3 test from configure to meson.build meson: remove unnecessary coreaudio test program meson: remove pointless warnings meson.build: Allow to disable OSS again meson: bump submodule to 0.59.3 qtest/am53c974-test: add test for cancelling in-flight requests esp: ensure in-flight SCSI requests are always cancelled KVM: SVM: add migration support for nested TSC scaling hw/i386: fix vmmouse registration watchdog: remove select_watchdog_action vl: deprecate -watchdog watchdog: add information from -watchdog help to -device help hw/i386: Rename default_bus_bypass_iommu hvf: Avoid mapping regions < PAGE_SIZE as ram configure: do not duplicate CPU_CFLAGS into QEMU_LDFLAGS configure: remove useless NPTL probe target/i386: use DMA-enabled multiboot ROM for new-enough QEMU machine types optionrom: add a DMA-enabled multiboot ROM ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * hvf: Avoid mapping regions < PAGE_SIZE as ramAlexander Graf2021-11-021-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | HVF has generic memory listener code that adds all RAM regions as HVF RAM regions. However, HVF can only handle page aligned, page granule regions. So let's ignore regions that are not page aligned and sized. They will be trapped as MMIO instead. Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20211025132147.28308-1-agraf@csgraf.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* | Merge remote-tracking branch ↵Richard Henderson2021-11-033-65/+92
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'remotes/berrange/tags/hmp-x-qmp-620-pull-request' into staging Initial conversion of HMP debugging commands to QMP This introduces a new policy that all HMP commands will be converted to have QMP equivalents, marked unstable if no formal QAPI modelling is intended to be done. New unstable commands are added as follows: - HMP "info roms" => QMP "x-query-roms" - HMP "info profile" => QMP "x-query-profile" - HMP "info numa" => QMP "x-query-numa" - HMP "info usb" => QMP "x-query-usb" - HMP "info rdma" => QMP "x-query-rdma" - HMP "info ramblock" => QMP "x-query-ramblock" - HMP "info irq" => QMP "x-query-irq" - HMP "info jit" => QMP "x-query-jit" - HMP "info opcount" => QMP "x-query-opcount" # gpg: Signature made Tue 02 Nov 2021 01:54:28 PM EDT # gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full] # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full] * remotes/berrange/tags/hmp-x-qmp-620-pull-request: qapi: introduce x-query-opcount QMP command qapi: introduce x-query-jit QMP command qapi: introduce x-query-irq QMP command qapi: introduce x-query-ramblock QMP command qapi: introduce x-query-rdma QMP command qapi: introduce x-query-usb QMP command qapi: introduce x-query-numa QMP command qapi: introduce x-query-profile QMP command qapi: introduce x-query-roms QMP command docs/devel: document expectations for HMP commands in the future docs/devel: add example of command returning unstructured text docs/devel: document expectations for QAPI data modelling for QMP monitor: introduce HumanReadableText and HMP support docs/devel: update error handling guidance for HMP commands docs/devel: tweak headings in monitor command docs docs/devel: rename file for writing monitor commands monitor: make hmp_handle_error return a boolean monitor: remove 'info ioapic' HMP command Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | qapi: introduce x-query-opcount QMP commandDaniel P. Berrangé2021-11-023-8/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a counterpart to the HMP "info opcount" command. It is being added with an "x-" prefix because this QMP command is intended as an ad hoc debugging tool and will thus not be modelled in QAPI as fully structured data, nor will it have long term guaranteed stability. The existing HMP command is rewritten to call the QMP command. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
| * | qapi: introduce x-query-jit QMP commandDaniel P. Berrangé2021-11-023-57/+75
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a counterpart to the HMP "info jit" command. It is being added with an "x-" prefix because this QMP command is intended as an ad hoc debugging tool and will thus not be modelled in QAPI as fully structured data, nor will it have long term guaranteed stability. The existing HMP command is rewritten to call the QMP command. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* | | Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20211102' into stagingRichard Henderson2021-11-022-760/+102Star
|\ \ \ | |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Split out host signal handing from accel/tcg/user-exec.c to linux-user/host/arch/host-signal.h - Replace TCGCPUOps.tlb_fill with TCGCPUOps.record_sigsegv for user-only - Add TCGCPUOps.record_sigbus for user-only - Remove a lot of target-specific cpu_loop handling for signals, now accomplished with generic code. # gpg: Signature made Tue 02 Nov 2021 07:06:14 AM EDT # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate] * remotes/rth/tags/pull-tcg-20211102: (60 commits) linux-user: Handle BUS_ADRALN in host_signal_handler tcg: Add helper_unaligned_{ld,st} for user-only sigbus accel/tcg: Report unaligned load/store for user-only accel/tcg: Report unaligned atomics for user-only target/sparc: Set fault address in sparc_cpu_do_unaligned_access target/sparc: Split out build_sfsr target/sparc: Remove DEBUG_UNALIGNED target/sh4: Set fault address in superh_cpu_do_unaligned_access target/s390x: Implement s390x_cpu_record_sigbus linux-user/ppc: Remove POWERPC_EXCP_ALIGN handling target/ppc: Restrict ppc_cpu_do_unaligned_access to sysemu target/ppc: Set fault address in ppc_cpu_do_unaligned_access target/ppc: Move SPR_DSISR setting to powerpc_excp target/microblaze: Do not set MO_ALIGN for user-only linux-user/hppa: Remove EXCP_UNALIGN handling target/arm: Implement arm_cpu_record_sigbus target/alpha: Implement alpha_cpu_record_sigbus linux-user: Add cpu_loop_exit_sigbus hw/core: Add TCGCPUOps.record_sigbus accel/tcg: Restrict TCGCPUOps::tlb_fill() to sysemu ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | tcg: Add helper_unaligned_{ld,st} for user-only sigbusRichard Henderson2021-11-021-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To be called from tcg generated code on hosts that support unaligned accesses natively, in response to an access that is supposed to be aligned. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | accel/tcg: Report unaligned load/store for user-onlyRichard Henderson2021-11-021-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use the new cpu_loop_exit_sigbus for cpu_mmu_lookup. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | accel/tcg: Report unaligned atomics for user-onlyRichard Henderson2021-11-021-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use the new cpu_loop_exit_sigbus for atomic_mmu_lookup, which has access to complete alignment info from the TCGMemOpIdx arg. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user: Add cpu_loop_exit_sigsegvRichard Henderson2021-11-021-15/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | This is a new interface to be provided by the os emulator for raising SIGSEGV on fault. Use the new record_sigsegv target hook. Reviewed by: Warner Losh <imp@bsdimp.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/riscv: Populate host_signal.hRichard Henderson2021-11-021-134/+0Star
| | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/mips: Populate host_signal.hRichard Henderson2021-11-021-51/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/s390: Populate host_signal.hRichard Henderson2021-11-021-87/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/aarch64: Populate host_signal.hRichard Henderson2021-11-021-93/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Drop the *BSD code, to be re-created under bsd-user/ later. Reviewed-by: Warner Losh <imp@bsdimp.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/arm: Populate host_signal.hRichard Henderson2021-11-021-44/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Drop the *BSD code, to be re-created under bsd-user/ later. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/sparc: Populate host_signal.hRichard Henderson2021-11-021-61/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Drop the *BSD code, to be re-created under bsd-user/ later. Drop the Solaris code as completely unused. Reviewed-by: Warner Losh <imp@bsdimp.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/alpha: Populate host_signal.hRichard Henderson2021-11-021-30/+1Star
| | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/ppc: Populate host_signal.hRichard Henderson2021-11-021-78/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Drop the *BSD code, to be re-created under bsd-user/ later. Reviewed-by: Warner Losh <imp@bsdimp.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | linux-user/host/x86: Populate host_signal.hRichard Henderson2021-11-021-135/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | Split host_signal_pc and host_signal_write out of user-exec.c. Drop the *BSD code, to be re-created under bsd-user/ later. Reviewed-by: Warner Losh <imp@bsdimp.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | accel/tcg: Fold cpu_exit_tb_from_sighandler into callerRichard Henderson2021-10-301-12/+2Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | Remove the comment about siglongjmp. We do use sigsetjmp in the main cpu loop, but we do not save the signal mask as most exits from the cpu loop do not require them. Reviewed-by: Warner Losh <imp@bsdimp.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | accel/tcg: Split out handle_sigsegv_accerr_writeRichard Henderson2021-10-301-41/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the major portion of handle_cpu_signal which is specific to tcg, handling the page protections for the translations. Most of the rest will migrate to linux-user/ shortly. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> --- v2: Pass guest address to handle_sigsegv_accerr_write.
| * | accel/tcg: Move clear_helper_retaddr to cpu loopRichard Henderson2021-10-302-3/+2Star
| | | | | | | | | | | | | | | | | | | | | | | | Currently there are only two places that require we reset this value before exiting to the main loop, but that will change. Reviewed-by: Warner Losh <imp@bsdimp.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * | accel/tcg: Split out adjust_signal_pcRichard Henderson2021-10-301-16/+25
| |/ | | | | | | | | | | | | | | | | | | | | Split out a function to adjust the raw signal pc into a value that could be passed to cpu_restore_state. Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> --- v2: Adjust pc in place; return MMUAccessType.
* / KVM: introduce dirty_pages and kvm_dirty_ring_enabledHyman Huang(黄勇)2021-11-012-0/+12
|/ | | | | | | | | | | | | | | | dirty_pages is used to calculate dirtyrate via dirty ring, when enabled, kvm-reaper will increase the dirty pages after gfns being dirtied. kvm_dirty_ring_enabled shows if kvm-reaper is working. dirtyrate thread could use it to check if measurement can base on dirty ring feature. Signed-off-by: Hyman Huang(黄勇) <huangy81@chinatelecom.cn> Message-Id: <fee5fb2ab17ec2159405fc54a3cff8e02322f816.1624040308.git.huangy81@chinatelecom.cn> Reviewed-by: Peter Xu <peterx@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>
* accel/tcg: Handle gdb singlestep in cpu_tb_execRichard Henderson2021-10-161-0/+11
| | | | | | | Currently the change in cpu_tb_exec is masked by the debug exception being raised by the translators. But this allows us to remove that code. Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20211013' into stagingRichard Henderson2021-10-133-475/+572
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use MO_128 for 16-byte atomic memory operations. Add cpu_ld/st_mmu memory primitives. Move helper_ld/st memory helpers out of tcg.h. Canonicalize alignment flags in MemOp. # gpg: Signature made Wed 13 Oct 2021 10:48:45 AM PDT # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate] * remotes/rth/tags/pull-tcg-20211013: tcg: Canonicalize alignment flags in MemOp tcg: Move helper_*_mmu decls to tcg/tcg-ldst.h target/arm: Use cpu_*_mmu instead of helper_*_mmu target/sparc: Use cpu_*_mmu instead of helper_*_mmu target/s390x: Use cpu_*_mmu instead of helper_*_mmu target/mips: Use 8-byte memory ops for msa load/store target/mips: Use cpu_*_data_ra for msa load/store accel/tcg: Move cpu_atomic decls to exec/cpu_ldst.h accel/tcg: Add cpu_{ld,st}*_mmu interfaces target/hexagon: Implement cpu_mmu_index target/s390x: Use MO_128 for 16 byte atomics target/ppc: Use MO_128 for 16 byte atomics target/i386: Use MO_128 for 16 byte atomics target/arm: Use MO_128 for 16 byte atomics memory: Log access direction for invalid accesses Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * tcg: Move helper_*_mmu decls to tcg/tcg-ldst.hRichard Henderson2021-10-131-0/+1
| | | | | | | | | | | | | | | | | | | | These functions have been replaced by cpu_*_mmu as the most proper interface to use from target code. Hide these declarations from code that should not use them. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| * accel/tcg: Add cpu_{ld,st}*_mmu interfacesRichard Henderson2021-10-133-475/+571
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These functions are much closer to the softmmu helper functions, in that they take the complete MemOpIdx, and from that they may enforce required alignment. The previous cpu_ldst.h functions did not have alignment info, and so did not enforce it. Retain this by adding MO_UNALN to the MemOp that we create in calling the new functions. Note that we are not yet enforcing alignment for user-only, but we now have the information with which to do so. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* | hvf: Determine slot count from struct layoutAlexander Graf2021-10-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | We can handle up to a static amount of memory slots, capped by the size of an internal array. Let's make sure that array size is the only source of truth for the number of elements in that array. Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20211008054616.43828-1-agraf@csgraf.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* | target/i386/kvm: Restrict SEV stubs to x86 architecturePhilippe Mathieu-Daudé2021-10-132-23/+0Star
|/ | | | | | | | | | SEV is x86-specific, no need to add its stub to other architectures. Move the stub file to target/i386/kvm/. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20211007161716.453984-5-philmd@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* accel/tcg: re-factor plugin_inject_cb so we can assert insn_idx is validAlex Bennée2021-10-121-72/+85
| | | | | | | | | | | | | | | | | | | | | | | | Coverity doesn't know enough about how we have arranged our plugin TCG ops to know we will always have incremented insn_idx before injecting the callback. Let us assert it for the benefit of Coverity and protect ourselves from accidentally breaking the assumption and triggering harder to grok errors deeper in the code if we attempt a negative indexed array lookup. However to get to this point we re-factor the code and remove the second hand instruction boundary detection in favour of scanning the full set of ops and using the existing INDEX_op_insn_start to cleanly detect when the instruction has started. As we no longer need the plugin specific list of ops we delete that. My initial benchmarks shows no discernible impact of dropping the plugin specific ops list. Fixes: Coverity 1459509 Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Cc: Peter Maydell <peter.maydell@linaro.org> Message-Id: <20210917162332.3511179-12-alex.bennee@linaro.org>
* trace: Split guest_mem_beforeRichard Henderson2021-10-064-44/+20Star
| | | | | | | | | | There is no point in encoding load/store within a bit of the memory trace info operand. Represent atomic operations as a single read-modify-write tracepoint. Use MemOpIdx instead of inventing a form specifically for traces. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* plugins: Reorg arguments to qemu_plugin_vcpu_mem_cbRichard Henderson2021-10-064-29/+21Star
| | | | | | | | | | Use the MemOpIdx directly, rather than the rearrangement of the same bits currently done by the trace infrastructure. Pass in enum qemu_plugin_mem_rw so that we are able to treat read-modify-write operations as a single operation. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* accel/tcg: Pass MemOpIdx to atomic_trace_*_postRichard Henderson2021-10-062-39/+39
| | | | | | | | We will shortly use the MemOpIdx directly, but in the meantime re-compute the trace meminfo. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* trace/mem: Pass MemOpIdx to trace_mem_get_infoRichard Henderson2021-10-063-25/+35
| | | | | | | | We (will) often have the complete MemOpIdx handy, so use that. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* tcg: Rename TCGMemOpIdx to MemOpIdxRichard Henderson2021-10-064-55/+55
| | | | | | | | | We're about to move this out of tcg.h, so rename it as we did when moving MemOp. Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* accel/tcg: Drop signness in tracing in cputlb.cRichard Henderson2021-10-062-46/+9Star
| | | | | | | | | We are already inconsistent about whether or not MO_SIGN is set in trace_mem_get_info. Dropping it entirely allows some simplification. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* memory: Name all the memory listenersPeter Xu2021-09-302-2/+6
| | | | | | | | | | Provide a name field for all the memory listeners. It can be used to identify which memory listener is which. Signed-off-by: Peter Xu <peterx@redhat.com> Reviewed-by: David Hildenbrand <david@redhat.com> Message-Id: <20210817013553.30584-2-peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* accel/tcg: Restrict cpu_handle_halt() to sysemuPhilippe Mathieu-Daudé2021-09-221-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | Commit 372579427a5 ("tcg: enable thread-per-vCPU") added the following comment describing EXCP_HALTED in qemu_tcg_cpu_thread_fn(): case EXCP_HALTED: /* during start-up the vCPU is reset and the thread is * kicked several times. If we don't ensure we go back * to sleep in the halted state we won't cleanly * start-up when the vCPU is enabled. * * cpu->halted should ensure we sleep in wait_io_event */ g_assert(cpu->halted); break; qemu_wait_io_event() is sysemu-specific, so we can restrict the cpu_handle_halt() call in cpu_exec() to system emulation. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210912172731.789788-2-f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* arm/hvf: Add a WFI handlerPeter Collingbourne2021-09-211-3/+2Star
| | | | | | | | | | | | | | | | | | | | | | | | Sleep on WFI until the VTIMER is due but allow ourselves to be woken up on IPI. In this implementation IPI is blocked on the CPU thread at startup and pselect() is used to atomically unblock the signal and begin sleeping. The signal is sent unconditionally so there's no need to worry about races between actually sleeping and the "we think we're sleeping" state. It may lead to an extra wakeup but that's better than missing it entirely. Signed-off-by: Peter Collingbourne <pcc@google.com> Signed-off-by: Alexander Graf <agraf@csgraf.de> Acked-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Sergio Lopez <slp@redhat.com> Message-id: 20210916155404.86958-6-agraf@csgraf.de [agraf: Remove unused 'set' variable, always advance PC on WFX trap, support vm stop / continue operations and cntv offsets] Signed-off-by: Alexander Graf <agraf@csgraf.de> Acked-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Sergio Lopez <slp@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* hvf: Add Apple Silicon supportAlexander Graf2021-09-201-0/+9
| | | | | | | | | | | | | | | | | | | | | With Apple Silicon available to the masses, it's a good time to add support for driving its virtualization extensions from QEMU. This patch adds all necessary architecture specific code to get basic VMs working, including save/restore. Known limitations: - WFI handling is missing (follows in later patch) - No watchpoint/breakpoint support Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Sergio Lopez <slp@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20210916155404.86958-5-agraf@csgraf.de [PMM: added missing #include] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* hvf: Introduce hvf_arch_init() callbackAlexander Graf2021-09-201-1/+2
| | | | | | | | | | | We will need to install a migration helper for the ARM hvf backend. Let's introduce an arch callback for the overall hvf init chain to do so. Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20210916155404.86958-4-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* hvf: Add execute to dirty log permission bitmapAlexander Graf2021-09-201-2/+2
| | | | | | | | | | | | | Hvf's permission bitmap during and after dirty logging does not include the HV_MEMORY_EXEC permission. At least on Apple Silicon, this leads to instruction faults once dirty logging was enabled. Add the bit to make it work properly. Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20210916155404.86958-3-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* Merge remote-tracking branch ↵Peter Maydell2021-09-161-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'remotes/vivier2/tags/trivial-branch-for-6.2-pull-request' into staging Trivial patches pull request 20210916 # gpg: Signature made Thu 16 Sep 2021 15:09:39 BST # gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C # gpg: issuer "laurent@vivier.eu" # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full] # gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full] # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full] # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/trivial-branch-for-6.2-pull-request: target/sparc: Make sparc_cpu_dump_state() static target/avr: Fix compiler errors (-Werror=enum-conversion) hw/vfio: Fix typo in comments intel_iommu: Fix typo in comments target/i386: spelling: occured=>occurred, mininum=>minimum configure: add missing pc-bios/qemu_vga.ndrv symlink in build tree spelling: sytem => system qdev: Complete qdev_init_gpio_out() documentation hw/i386/acpi-build: Fix a typo util: Remove redundant checks in the openpty() Signed-off-by: Peter Maydell <peter.maydell@linaro.org>