summaryrefslogtreecommitdiffstats
path: root/qom
Commit message (Collapse)AuthorAgeFilesLines
...
* qmp: Add qom-list-properties to list QOM object propertiesAlexey Kardashevskiy2018-03-061-0/+7
| | | | | | | | | | | | | | | | | | | | | | | There is already 'device-list-properties' which does most of the job, however it does not handle everything returned by qom-list-types such as machines as they inherit directly from TYPE_OBJECT and not TYPE_DEVICE. It does not handle abstract classes either. This adds a new qom-list-properties command which prints properties of a specific class and its instance. It is pretty much a simplified copy of the device-list-properties handler. Since it creates an object instance, device properties should appear in the output as they are copied to QOM properties at the instance_init hook. This adds a object_class_property_iter_init() helper to allow class properties enumeration uses it in the new QMP command to allow properties listing for abstract classes. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Message-Id: <20180301130939.15875-3-aik@ozlabs.ru> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qapi: Move qapi-schema.json to qapi/, rename generated filesMarkus Armbruster2018-03-021-1/+1
| | | | | | | | | | | | | | | | | | | Move qapi-schema.json to qapi/, so it's next to its modules, and all files get generated to qapi/, not just the ones generated for modules. Consistently name the generated files qapi-MODULE.EXT: qmp-commands.[ch] become qapi-commands.[ch], qapi-event.[ch] become qapi-events.[ch], and qmp-introspect.[ch] become qapi-introspect.[ch]. This gets rid of the temporary hacks in scripts/qapi/commands.py, scripts/qapi/events.py, and scripts/qapi/common.py. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180211093607.27351-28-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> [eblake: Fix trailing dot in tpm.c, undo temporary hack for OSX toolchain] Signed-off-by: Eric Blake <eblake@redhat.com>
* Include less of the generated modular QAPI headersMarkus Armbruster2018-03-022-2/+1Star
| | | | | | | | | | | | | | | | | | | | | In my "build everything" tree, a change to the types in qapi-schema.json triggers a recompile of about 4800 out of 5100 objects. The previous commit split up qmp-commands.h, qmp-event.h, qmp-visit.h, qapi-types.h. Each of these headers still includes all its shards. Reduce compile time by including just the shards we actually need. To illustrate the benefits: adding a type to qapi/migration.json now recompiles some 2300 instead of 4800 objects. The next commit will improve it further. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180211093607.27351-24-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> [eblake: rebase to master] Signed-off-by: Eric Blake <eblake@redhat.com>
* Include qapi/qmp/qerror.h exactly where neededMarkus Armbruster2018-03-021-0/+1
| | | | | | | | Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180211093607.27351-2-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
* Move include qemu/option.h from qemu-common.h to actual usersMarkus Armbruster2018-02-091-0/+1
| | | | | | | | | | | | | | | | | | qemu-common.h includes qemu/option.h, but most places that include the former don't actually need the latter. Drop the include, and add it to the places that actually need it. While there, drop superfluous includes of both headers, and separate #include from file comment with a blank line. This cleanup makes the number of objects depending on qemu/option.h drop from 4545 (out of 4743) to 284 in my "build everything" tree. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180201111846.21846-20-armbru@redhat.com> [Semantic conflict with commit bdd6a90a9e in block/nvme.c resolved]
* Include qapi/qmp/qdict.h exactly where neededMarkus Armbruster2018-02-091-0/+1
| | | | | | | | | | | | | This cleanup makes the number of objects depending on qapi/qmp/qdict.h drop from 4550 (out of 4743) to 368 in my "build everything" tree. For qapi/qmp/qobject.h, the number drops from 4552 to 390. While there, separate #include from file comment with a blank line. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180201111846.21846-13-armbru@redhat.com>
* Include qapi/qmp/qobject.h exactly where neededMarkus Armbruster2018-02-091-1/+0Star
| | | | | | | Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180201111846.21846-11-armbru@redhat.com>
* qdict qlist: Make most helper macros functionsMarkus Armbruster2018-02-091-0/+1
| | | | | | | | | | | | | | | | | | | The macro expansions of qdict_put_TYPE() and qlist_append_TYPE() need qbool.h, qnull.h, qnum.h and qstring.h to compile. We include qnull.h and qnum.h in the headers, but not qbool.h and qstring.h. Works, because we include those wherever the macros get used. Open-coding these helpers is of dubious value. Turn them into functions and drop the includes from the headers. This cleanup makes the number of objects depending on qapi/qmp/qnum.h from 4551 (out of 4743) to 46 in my "build everything" tree. For qapi/qmp/qnull.h, the number drops from 4552 to 21. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180201111846.21846-10-armbru@redhat.com>
* tcg: Add CPUState cflags_next_tbRichard Henderson2017-10-241-0/+1
| | | | | | | | | | | | | We were generating code during tb_invalidate_phys_page_range, check_watchpoint, cpu_io_recompile, and (seemingly) discarding the TB, assuming that it would magically be picked up during the next iteration through the cpu_exec loop. Instead, record the desired cflags in CPUState so that we request the proper TB so that there is no more magic. Reviewed-by: Emilio G. Cota <cota@braap.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* qom: introduce type_register_static_array()Igor Mammedov2017-10-171-0/+9
| | | | | | | | | | | | it will help to remove code duplication of registration static types in places that have open coded loop to perform batch type registering. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* qom/cpu: move cpu_model null check to cpu_class_by_name()Philippe Mathieu-Daudé2017-10-101-1/+6
| | | | | | | | | | | | and clean every implementation. Suggested-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20170917232842.14544-1-f4bug@amsat.org> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* qom: provide root container for internal objsPeter Xu2017-10-031-0/+11
| | | | | | | | | | | | | | | We have object_get_objects_root() to keep user created objects, however no place for objects that will be used internally. Create such a container for internal objects. CC: Andreas Färber <afaerber@suse.de> CC: Markus Armbruster <armbru@redhat.com> CC: Paolo Bonzini <pbonzini@redhat.com> Suggested-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Peter Xu <peterx@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Message-id: 20170928025958.1420-2-peterx@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* cpu: make cpu_generic_init() abort QEMU on errorIgor Mammedov2017-09-191-14/+5Star
| | | | | | | | | | | | | | | | | | Almost every user of cpu_generic_init() checks for returned NULL and then reports failure in a custom way and aborts process. Some users assume that call can't fail and don't check for failure, though they should have checked for it. In either cases cpu_generic_init() failure is fatal, so instead of checking for failure and reporting it various ways, make cpu_generic_init() report errors in consistent way and terminate QEMU on failure. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <1505318697-77161-3-git-send-email-imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* qom: cpus: split cpu_generic_init() on feature parsing and cpu creation partsIgor Mammedov2017-09-191-16/+30
| | | | | | | | | | | it would allow to reuse feature parsing part in various machines that have CPU features instead of re-implementing the same feature parsing each time. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <1505318697-77161-2-git-send-email-imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* vl: Clean up user-creatable objects when exitingEduardo Habkost2017-09-191-0/+5
| | | | | | | | | | | Delete all user-creatable objects in /objects when exiting QEMU, so they can perform cleanup actions. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170824192315.5897-2-ehabkost@redhat.com> Acked-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Tested-by: Zack Cornelius <zack.cornelius@kove.net> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* boards.h: Define new flag ignore_memory_transaction_failuresPeter Maydell2017-09-071-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | Define a new MachineClass field ignore_memory_transaction_failures. If this is flag is true then the CPU will ignore memory transaction failures which should cause the CPU to take an exception due to an access to an unassigned physical address; the transaction will instead return zero (for a read) or be ignored (for a write). This should be set only by legacy board models which rely on the old RAZ/WI behaviour for handling devices that QEMU does not yet model. New board models should instead use "unimplemented-device" for all memory ranges where the guest will attempt to probe for a device that QEMU doesn't implement and a stub device is required. We need this for ARM boards, where we're about to implement support for generating external aborts on memory transaction failures. Too many of our legacy board models rely on the RAZ/WI behaviour and we would break currently working guests when their "probe for device" code provoked an external abort rather than a RAZ. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@xilinx.com> Message-id: 1504626814-23124-2-git-send-email-peter.maydell@linaro.org
* Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2017-09-01-v3' ↵Peter Maydell2017-09-041-8/+8
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into staging QAPI patches for 2017-09-01 # gpg: Signature made Mon 04 Sep 2017 12:30:31 BST # gpg: using RSA key 0x3870B400EB918653 # gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" # gpg: aka "Markus Armbruster <armbru@pond.sub.org>" # Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653 * remotes/armbru/tags/pull-qapi-2017-09-01-v3: (47 commits) qapi: drop the sentinel in enum array qapi: Change data type of the FOO_lookup generated for enum FOO qapi: Convert indirect uses of FOO_lookup[...] to qapi_enum_lookup() qapi: Mechanically convert FOO_lookup[...] to FOO_str(...) qapi: Generate FOO_str() macro for QAPI enum FOO qapi: Avoid unnecessary use of enum lookup table's sentinel qapi: Use qapi_enum_parse() in input_type_enum() crypto: Use qapi_enum_parse() in qcrypto_block_luks_name_lookup() quorum: Use qapi_enum_parse() in quorum_open() block: Use qemu_enum_parse() in blkdebug_debug_breakpoint() hmp: Use qapi_enum_parse() in hmp_migrate_set_parameter() hmp: Use qapi_enum_parse() in hmp_migrate_set_capability() tpm: Clean up model registration & lookup tpm: Clean up driver registration & lookup qapi: Drop superfluous qapi_enum_parse() parameter max qapi: Update qapi-code-gen.txt examples to match current code qapi-schema: Improve section headings qapi-schema: Move queries from common.json to qapi-schema.json qapi-schema: Make block-core.json self-contained qapi-schema: Fold event.json back into qapi-schema.json ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * qapi: Change data type of the FOO_lookup generated for enum FOOMarc-André Lureau2017-09-041-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, a FOO_lookup is an array of strings terminated by a NULL sentinel. A future patch will generate enums with "holes". NULL-termination will cease to work then. To prepare for that, store the length in the FOO_lookup by wrapping it in a struct and adding a member for the length. The sentinel will be dropped next. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170822132255.23945-13-marcandre.lureau@redhat.com> [Basically redone] Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1503564371-26090-16-git-send-email-armbru@redhat.com> [Rebased]
* | qom: cpu: fix parsed feature string lengthIgor Mammedov2017-09-011-8/+6Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since commit ( 9262685b cpu: Factor out cpu_generic_init() ) features parsed by it were truncated only to the 1st feature after CPU name due to fact that featurestr = strtok(NULL, ","); cc->parse_features(cpu, featurestr, &err); would extract exactly one feature and parse_features() callback would parse it and only it leaving the rest of features ignored. Reuse approach from x86 custom impl. i.e. replace strtok() token parsing with g_strsplit(), which would split feature string in 2 parts name and features list and pass the later to parse_features() callback. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1503592308-93913-2-git-send-email-imammedo@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* | cpu: cpu_by_arch_id() helperEduardo Habkost2017-09-011-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | The helper can be used for CPU object lookup using the CPU's arch-specific ID (the one returned by CPUClass::get_arch_id()). Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> [Yi Wang: Added documentation comments] Signed-off-by: Yi Wang <wang.yi59@zte.com.cn> Signed-off-by: Yun Liu <liu.yunh@zte.com.cn> [ehabkost: extracted cpu_by_arch_id() to a separate patch] Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* | qom: Remove unused errp parameter from can_be_deleted()Eduardo Habkost2017-09-011-3/+3
|/ | | | | | | | | | | | | The errp argument is ignored by all implementations of the method, and user_creatable_del() would break if any implementation set an error (because it calls error_setg(errp) if the function returns false). Remove the unused parameter. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170829220337.23427-1-ehabkost@redhat.com> Reviewed-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* Revert "cpu: add APIs to allocate/free CPU environment"Michael S. Tsirkin2017-08-091-34/+0Star
| | | | | | | | This reverts commit e2a7f28693aea7e194ec1435697ec4feb24f8a6f. This was not supposed to go upstream yet. Reverting. Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* cpu: add APIs to allocate/free CPU environmentMichael S. Tsirkin2017-08-071-0/+34
| | | | | | These will be implemented and then used by follow-up patches. Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* docs: fix broken paths to docs/devel/tracing.txtPhilippe Mathieu-Daudé2017-07-311-1/+1
| | | | | | | | | With the move of some docs/ to docs/devel/ on ac06724a71, no references were updated. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* Merge remote-tracking branch ↵Peter Maydell2017-07-181-9/+8Star
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'remotes/ehabkost/tags/x86-and-machine-pull-request' into staging x86 and machine queue, 2017-07-17 # gpg: Signature made Mon 17 Jul 2017 19:46:14 BST # gpg: using RSA key 0x2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-and-machine-pull-request: qmp: Include parent type on 'qom-list-types' output qmp: Include 'abstract' field on 'qom-list-types' output tests: Simplify abstract-interfaces check with a helper i386: add Skylake-Server cpu model i386: Update comment about XSAVES on Skylake-Client i386: expose "TCGTCGTCGTCG" in the 0x40000000 CPUID leaf fw_cfg: move QOM type defines and fw_cfg types into fw_cfg.h fw_cfg: move qdev_init_nofail() from fw_cfg_init1() to callers fw_cfg: switch fw_cfg_find() to locate the fw_cfg device by type rather than path qom: Fix ambiguous path detection when ambiguous=NULL Revert "machine: Convert abstract typename on compat_props to subclass names" test-qdev-global-props: Test global property ordering qdev: fix the order compat and global properties are applied tests: Test case for object_resolve_path*() device-crash-test: Fix regexp on whitelist Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * qom: Fix ambiguous path detection when ambiguous=NULLEduardo Habkost2017-07-171-9/+8Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | object_resolve_path*() ambiguous path detection breaks when ambiguous==NULL and the object tree have 3 objects of the same type and only 2 of them are under the same parent. e.g.: /container/obj1 (TYPE_FOO) /container/obj2 (TYPE_FOO) /obj2 (TYPE_FOO) With the above tree, object_resolve_path_type("", TYPE_FOO, NULL) will incorrectly return /obj2, because the search inside "/container" will return NULL, and the match at "/obj2" won't be detected as ambiguous. Fix that by always calling object_resolve_partial_path() with a non-NULL ambiguous parameter. Test case included. Reported-by: Igor Mammedov <imammedo@redhat.com> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170707213052.13087-3-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* | trace: Allocate cpu->trace_dstate in placeLluís Vilanova2017-07-171-8/+0Star
|/ | | | | | | | | | | | | | | | | | There's little point in dynamically allocating the bitmap if we know at compile-time the max number of events we want to support. Thus, make room in the struct for the bitmap, which will make things easier later: this paves the way for upcoming changes, in which we'll use a u32 to fully capture cpu->trace_dstate. This change also increases performance by saving a dereference and improving locality--note that this is important since upcoming work makes reading this bitmap fairly common. Signed-off-by: Emilio G. Cota <cota@braap.org> Reviewed-by: Lluís Vilanova <vilanova@ac.upc.edu> Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu> Message-id: 149915725977.6295.15069969323605305641.stgit@frigg.lan Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* cpu: Convert to DEFINE_PROP_LINKFam Zheng2017-07-141-0/+1
| | | | | | Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <20170714021509.23681-20-famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qom: enforce readonly nature of link's check callbackIgor Mammedov2017-07-141-4/+4
| | | | | | | | | | | | | link's check callback is supposed to verify/permit setting it, however currently nothing restricts it from misusing it and modifying target object from within. Make sure that readonly semantics are checked by compiler to prevent callback's misuse. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <20170714021509.23681-2-famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* cpu: move interrupt handling out of translate-common.cPaolo Bonzini2017-07-041-0/+13
| | | | | | | | | | | translate-common.c will not be available anymore with --disable-tcg, so we cannot leave cpu_interrupt_handler there. Move the TCG-specific handler to accel/tcg/tcg-all.c, and adopt KVM's handler as the default one, since it works just as well for Xen and qtest. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* cpu: Introduce a wrapper for tlb_flush() that can be used in common codeThomas Huth2017-07-041-3/+2Star
| | | | | | | | | | | | | | | | | Commit 1f5c00cfdb8114c ("qom/cpu: move tlb_flush to cpu_common_reset") moved the call to tlb_flush() from the target-specific reset handlers into the common code qom/cpu.c file, and protected the call with "#ifdef CONFIG_SOFTMMU" to avoid that it is called for linux-user only targets. But since qom/cpu.c is common code, CONFIG_SOFTMMU is *never* defined here, so the tlb_flush() was simply never executed anymore. Fix it by introducing a wrapper for tlb_flush() in a file that is re-compiled for each target, i.e. in translate-all.c. Fixes: 1f5c00cfdb8114c1e3a13426588ceb64f82c9ddb Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1498454578-18709-5-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* tcg: consistently access cpu->tb_jmp_cache atomicallyEmilio G. Cota2017-06-301-4/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some code paths can lead to atomic accesses racing with memset() on cpu->tb_jmp_cache, which can result in torn reads/writes and is undefined behaviour in C11. These torn accesses are unlikely to show up as bugs, but from code inspection they seem possible. For example, tb_phys_invalidate does: /* remove the TB from the hash list */ h = tb_jmp_cache_hash_func(tb->pc); CPU_FOREACH(cpu) { if (atomic_read(&cpu->tb_jmp_cache[h]) == tb) { atomic_set(&cpu->tb_jmp_cache[h], NULL); } } Here atomic_set might race with a concurrent memset (such as the ones scheduled via "unsafe" async work, e.g. tlb_flush_page) and therefore we might end up with a torn pointer (or who knows what, because we are under undefined behaviour). This patch converts parallel accesses to cpu->tb_jmp_cache to use atomic primitives, thereby bringing these accesses back to defined behaviour. The price to pay is to potentially execute more instructions when clearing cpu->tb_jmp_cache, but given how infrequently they happen and the small size of the cache, the performance impact I have measured is within noise range when booting debian-arm. Note that under "safe async" work (e.g. do_tb_flush) we could use memset because no other vcpus are running. However I'm keeping these accesses atomic as well to keep things simple and to avoid confusing analysis tools such as ThreadSanitizer. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Emilio G. Cota <cota@braap.org> Message-Id: <1497486973-25845-1-git-send-email-cota@braap.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
* object: add uint property setter/getterMarc-André Lureau2017-06-201-0/+29
| | | | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20170607163635.17635-13-marcandre.lureau@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* qapi: merge QInt and QFloat in QNumMarc-André Lureau2017-06-201-9/+7Star
| | | | | | | | | | | | | | | We would like to use a same QObject type to represent numbers, whether they are int, uint, or floats. Getters will allow some compatibility between the various types if the number fits other representations. Add a few more tests while at it. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170607163635.17635-7-marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [parse_stats_intervals() simplified a bit, comment in test_visitor_in_int_overflow() tidied up, suppress bogus warnings] Signed-off-by: Markus Armbruster <armbru@redhat.com>
* object: fix potential leak in gettersMarc-André Lureau2017-06-191-3/+3
| | | | | | | | | | | If the property is not of the requested type, the getters will leak a QObject. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20170607163635.17635-3-marcandre.lureau@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* monitor: fix object_del for command-line-created objectsMichael Roth2017-06-061-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently objects specified on the command-line are only partially cleaned up when 'object_del' is issued in either HMP or QMP: the object itself is fully finalized, but the QemuOpts are not removed. This results in the following behavior: x86_64-softmmu/qemu-system-x86_64 -monitor stdio \ -object memory-backend-ram,id=ram1,size=256M QEMU 2.7.91 monitor - type 'help' for more information (qemu) object_del ram1 (qemu) object_del ram1 object 'ram1' not found (qemu) object_add memory-backend-ram,id=ram1,size=256M Duplicate ID 'ram1' for object Try "help object_add" for more information which can be an issue for use-cases like memory hotplug. This happens on the HMP side because hmp_object_add() attempts to create a temporary QemuOpts entry with ID 'ram1', which ends up conflicting with the command-line-created entry, since it was never cleaned up during the previous hmp_object_del() call. We address this by adding a check in user_creatable_del(), which is called by both qmp_object_del() and hmp_object_del() to handle the actual object cleanup, to determine whether an option group entry matching the object's ID is present and removing it if it is. Note that qmp_object_add() never attempts to create a temporary QemuOpts entry, so it does not encounter the duplicate ID error, which is why this isn't generally visible in libvirt. Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Cc: Eric Blake <eblake@redhat.com> Cc: Daniel Berrange <berrange@redhat.com> Cc: qemu-stable@nongnu.org Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1496531612-22166-3-git-send-email-mdroth@linux.vnet.ibm.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* qdev: Replace cannot_instantiate_with_device_add_yet with !user_creatableEduardo Habkost2017-05-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cannot_instantiate_with_device_add_yet was introduced by commit efec3dd631d94160288392721a5f9c39e50fb2bc to replace no_user. It was supposed to be a temporary measure. When it was introduced, we had 54 cannot_instantiate_with_device_add_yet=true lines in the code. Today (3 years later) this number has not shrunk: we now have 57 cannot_instantiate_with_device_add_yet=true lines. I think it is safe to say it is not a temporary measure, and we won't see the flag go away soon. Instead of a long field name that misleads people to believe it is temporary, replace it a shorter and less misleading field: user_creatable. Except for code comments, changes were generated using the following Coccinelle patch: @@ expression DC; @@ ( -DC->cannot_instantiate_with_device_add_yet = false; +DC->user_creatable = true; | -DC->cannot_instantiate_with_device_add_yet = true; +DC->user_creatable = false; ) @@ typedef ObjectClass; expression dc; identifier class, data; @@ static void device_class_init(ObjectClass *class, void *data) { ... dc->hotpluggable = true; +dc->user_creatable = true; ... } @@ @@ struct DeviceClass { ... -bool cannot_instantiate_with_device_add_yet; +bool user_creatable; ... } @@ expression DC; @@ ( -!DC->cannot_instantiate_with_device_add_yet +DC->user_creatable | -DC->cannot_instantiate_with_device_add_yet +!DC->user_creatable ) Cc: Alistair Francis <alistair.francis@xilinx.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Marcel Apfelbaum <marcel@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Thomas Huth <thuth@redhat.com> Acked-by: Alistair Francis <alistair.francis@xilinx.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Acked-by: Marcel Apfelbaum <marcel@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170503203604.31462-2-ehabkost@redhat.com> [ehabkost: kept "TODO remove once we're there" comment] Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* trace: add sanity checkAnthony Xu2017-05-121-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If trace backend is set to TRACE_NOP, trace_get_vcpu_event_count returns 0, cause bitmap_new call abort. The abort can be triggered as follows: $ ./configure --enable-trace-backend=nop --target-list=x86_64-softmmu $ gdb ./x86_64-softmmu/qemu-system-x86_64 -M q35,accel=kvm -m 1G (gdb) bt #0 0x00007ffff04e25f7 in raise () from /lib64/libc.so.6 #1 0x00007ffff04e3ce8 in abort () from /lib64/libc.so.6 #2 0x00005555559de905 in bitmap_new (nbits=<optimized out>) at /home/root/git/qemu2.git/include/qemu/bitmap.h:96 #3 cpu_common_initfn (obj=0x555556621d30) at qom/cpu.c:399 #4 0x0000555555a11869 in object_init_with_type (obj=0x555556621d30, ti=0x55555656bbb0) at qom/object.c:341 #5 0x0000555555a11869 in object_init_with_type (obj=0x555556621d30, ti=0x55555656bd30) at qom/object.c:341 #6 0x0000555555a11efc in object_initialize_with_type (data=data@entry=0x555556621d30, size=76560, type=type@entry=0x55555656bd30) at qom/object.c:376 #7 0x0000555555a12061 in object_new_with_type (type=0x55555656bd30) at qom/object.c:484 #8 0x0000555555a121c5 in object_new (typename=typename@entry=0x555556550340 "qemu64-x86_64-cpu") at qom/object.c:494 #9 0x00005555557f6e3d in pc_new_cpu (typename=typename@entry=0x555556550340 "qemu64-x86_64-cpu", apic_id=0, errp=errp@entry=0x5555565391b0 <error_fatal>) at /home/root/git/qemu2.git/hw/i386/pc.c:1101 #10 0x00005555557fa33e in pc_cpus_init (pcms=pcms@entry=0x5555565f9690) at /home/root/git/qemu2.git/hw/i386/pc.c:1184 #11 0x00005555557fe0f6 in pc_q35_init (machine=0x5555565f9690) at /home/root/git/qemu2.git/hw/i386/pc_q35.c:121 #12 0x000055555574fbad in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4562 Signed-off-by: Anthony Xu <anthony.xu@intel.com> Message-id: 1494369432-15418-1-git-send-email-anthony.xu@intel.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* container: don't leak container referenceMarc-André Lureau2017-05-041-0/+1
| | | | | | | | object_property_add_child() references the child, unref it after to avoid ref leaks. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
* qom: Fix regression with 'qom-type'Eric Blake2017-03-231-0/+2
| | | | | | | | | | | | | | | | | | | | Commit 9a6d1ac assumed that 'qom-type' could be removed from QemuOpts with no ill effects. However, this command line proves otherwise: $ ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio \ -object rng-random,filename=/dev/urandom,id=rng0 \ -device virtio-rng-pci,rng=rng0 qemu-system-x86_64: -object rng-random,filename=/dev/urandom,id=rng0: Parameter 'qom-type' is missing Fix the regression by restoring qom-type in opts after its temporary removal that was needed for the duration of user_creatable_add_opts(). Reported-by: Richard W. M. Jones <rjones@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Message-id: 20170323160315.19696-1-eblake@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* qom: Avoid unvisited 'id'/'qom-type' in user_creatable_add_optsEric Blake2017-03-221-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A regression in commit 15c2f669e caused us to silently ignore excess input to the QemuOpts visitor. Later, commit ea4641 accidentally abused that situation, by removing "qom-type" and "id" from the corresponding QDict but leaving them defined in the QemuOpts, when using the pair of containers to create a user-defined object. Note that since we are already traversing two separate items (a QDict and a QemuOpts), we are already able to flag bogus arguments, as in: $ ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio -object memory-backend-ram,id=mem1,size=4k,bogus=huh qemu-system-x86_64: -object memory-backend-ram,id=mem1,size=4k,bogus=huh: Property '.bogus' not found So the only real concern is that when we re-enable strict checking in the QemuOpts visitor, we do not want to start flagging the two leftover keys as unvisited. Rearrange the code to clean out the QemuOpts listing in advance, rather than removing items from the QDict. Since "qom-type" is usually an automatic implicit default, we don't have to restore it (this does mean that once instantiated, QemuOpts is not necessarily an accurate representation of the original command line - but this is not the first place to do that); however "id" has to be put back (requiring us to cast away a const). [As a side note, hmp_object_add() turns a QDict into a QemuOpts, then calls user_creatable_add_opts() which converts QemuOpts into a new QDict. There are probably a lot of wasteful conversions like this, but cleaning them up is a much bigger task than the immediate regression fix.] CC: qemu-stable@nongnu.org Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20170322144525.18964-3-eblake@redhat.com> Tested-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* qapi: Drop unused non-strict qobject input visitorMarkus Armbruster2017-03-051-1/+1
| | | | | | | | | | The split between tests/test-qobject-input-visitor.c and tests/test-qobject-input-strict.c now makes less sense than ever. The next commit will take care of that. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1488544368-30622-20-git-send-email-armbru@redhat.com>
* qom: Make object_property_set_qobject()'s input visitor strictMarkus Armbruster2017-03-051-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 240f64b made all qobject input visitors created outside tests strict, except for the one in object_property_set_qobject(). That one was left behind only because Eric couldn't spare the time to figure out whether making it strict would break anything, with a TODO comment. Time to resolve it. Strict makes a difference only for otherwise successful visits of QAPI structs or unions. Let's examine what the callers of object_property_set_qobject() visit: * object_property_set_str(), object_property_set_bool(), object_property_set_int() visit a QString, QBool, QInt, respectively. Strictness can't matter. * qmp_qom_set visits its @value argument. Comes straight from QMP and can be anything ('any' in the QAPI schema). Strictness matters when the property's set() method visits a struct or union QAPI type. No such methods exist, thus switching to strict can't break anything. If we acquire such methods in the future, we'll *want* the visitor to be strict, so that unexpected members get rejected as they should be. Switch to strict. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1488544368-30622-18-git-send-email-armbru@redhat.com>
* Merge branch 'icount-update' into HEADPaolo Bonzini2017-03-031-1/+1
|\ | | | | | | | | | | | | | | | | | | | | Merge the original development branch due to breakage caused by the MTTCG merge. Conflicts: cpu-exec.c translate-common.c Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
| * cpu-exec: unify icount_decr and tcg_exit_reqPaolo Bonzini2017-02-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | The icount interrupt flag and tcg_exit_req serve almost the same purpose, let's make them completely the same. The former TB_EXIT_REQUESTED and TB_EXIT_ICOUNT_EXPIRED cases are unified, since we can distinguish them from the value of the interrupt flag. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* | tcg: drop global lock during TCG code executionJan Kiszka2017-02-241-0/+10
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This finally allows TCG to benefit from the iothread introduction: Drop the global mutex while running pure TCG CPU code. Reacquire the lock when entering MMIO or PIO emulation, or when leaving the TCG loop. We have to revert a few optimization for the current TCG threading model, namely kicking the TCG thread in qemu_mutex_lock_iothread and not kicking it in qemu_cpu_kick. We also need to disable RAM block reordering until we have a more efficient locking mechanism at hand. Still, a Linux x86 UP guest and my Musicpal ARM model boot fine here. These numbers demonstrate where we gain something: 20338 jan 20 0 331m 75m 6904 R 99 0.9 0:50.95 qemu-system-arm 20337 jan 20 0 331m 75m 6904 S 20 0.9 0:26.50 qemu-system-arm The guest CPU was fully loaded, but the iothread could still run mostly independent on a second core. Without the patch we don't get beyond 32206 jan 20 0 330m 73m 7036 R 82 0.9 1:06.00 qemu-system-arm 32204 jan 20 0 330m 73m 7036 S 21 0.9 0:17.03 qemu-system-arm We don't benefit significantly, though, when the guest is not fully loading a host CPU. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Message-Id: <1439220437-23957-10-git-send-email-fred.konrad@greensocs.com> [FK: Rebase, fix qemu_devices_reset deadlock, rm address_space_* mutex] Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com> [EGC: fixed iothread lock for cpu-exec IRQ handling] Signed-off-by: Emilio G. Cota <cota@braap.org> [AJB: -smp single-threaded fix, clean commit msg, BQL fixes] Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Pranith Kumar <bobby.prani@gmail.com> [PM: target-arm changes] Acked-by: Peter Maydell <peter.maydell@linaro.org>
* report guest crash information in GUEST_PANICKED eventAnton Nefedov2017-02-161-0/+11
| | | | | | | | | | | it's not very convenient to use the crash-information property interface, so provide a CPU class callback to get the guest crash information, and pass that information in the event Signed-off-by: Anton Nefedov <anton.nefedov@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Message-Id: <1487053524-18674-3-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* arm: Correctly handle watchpoints for BE32 CPUsJulian Brown2017-02-071-0/+6
| | | | | | | | | | | | | | | In BE32 mode, sub-word size watchpoints can fail to trigger because the address of the access is adjusted in the opcode helpers before being compared with the watchpoint registers. This patch reverses the address adjustment before performing the comparison with the help of a new CPUClass hook. This version of the patch augments and tidies up comments a little. Signed-off-by: Julian Brown <julian@codesourcery.com> Message-id: caaf64ffc72f6ae183015337b7afdbd4b8989cb6.1484929304.git.julian@codesourcery.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* trace: switch to modular code generation for sub-directoriesDaniel P. Berrange2017-01-311-1/+1
| | | | | | | | | | | | | | | Introduce rules in the top level Makefile that are able to generate trace.[ch] files in every subdirectory which has a trace-events file. The top level directory is handled specially, so instead of creating trace.h, it creates trace-root.h. This allows sub-directories to include the top level trace-root.h file, without ambiguity wrt to the trace.g file in the current sub-dir. Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170125161417.31949-7-berrange@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* Introduce DEVICE_CATEGORY_CPU for CPU devicesThomas Huth2017-01-271-0/+1
| | | | | | | | | | Now that CPUs show up in the help text of "-device ?", we should group them into an appropriate category. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1484917276-7107-1-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>