The reg_ptr and offset_ptr outputs are universally unused.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Always perform a sign-extending load. In the extremely unlikely
case that we've used an 0x66 prefix, the extension to 64-bits is
unnecessary but not wrong; the store will still examine only 16 bits.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
We can use the MO_SIGN bit to tidy the reg-reg switch statement
as well as pass it on to gen_op_ld_v, eliminating one call.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
By inspection, obviously we should be storing T[1] not T[0].
This could only happen for x86_64 in 64-bit mode with 0x66
prefix to call insn -- i.e. never.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Too many places have the same test vs OR_TMP0 to indicate
a write back to memory. Hoist that to a subroutine.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Replace its users by gen_op_ld_v with the MO_SIGN bit set.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
The MO_8/16/32/64 constants have the same encoding and meaning
as the OT_BYTE/WORD/LONG/QUAD. Since we rely on them being the
same, for the qemu_ld/st helpers, standardize on the common names.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
In preference to the older helpers. Stores only in this patch.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
In preference to the older helpers. Loads only in this patch.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Now that we don't combine mem_index with operand size info,
we don't need to encode it. Which tidies many places that
access it.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Rather than add s->mem_index into a combined size+mem_index
argument, pass the context down. This will allow cleaning
up s->mem_index later.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Replace an assert_no_error() usage with the error_abort system.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Features family, model, stepping, level, hv_spinlocks are treated similarly
when passed from command line, so it's not necessary to handle each of them
individually. Collapse them to one catch-all branch which will treat
any not explicitly handled feature in format 'foo=val'.
Any unknown feature will be rejected by property setter so there is no
need to check for unknown feature in cpu_x86_parse_featurestr(), therefore
it's replaced by above mentioned catch-all handler.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Features check, enforce, hv_relaxed and hv_vapic are treated as boolean
set to 'on' when passed from command line, so it's not necessary to
handle each of them separately. Collapse them to one catch-all branch
which will treat any feature in format 'foo' as boolean set to 'on'.
Any unknown feature will be rejected by CPU property setter so there is no
need to check for unknown feature in cpu_x86_parse_featurestr(), therefore
it's replaced by above mentioned catch-all handler.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
* Additionally convert check_cpuid & enforce_cpuid to bool and make them
members of X86CPU
* Make 'enforce' feature independent from 'check'
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This motion is preparing for refactoring vCPU APIC subsequently.
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
When we're running in non-64bit mode with qemu-system-x86_64 we can
still end up with virtual addresses that are above the 32bit boundary
if a segment offset is set up.
GNU Hurd does exactly that. It sets the segment offset to 0x80000000 and
puts its EIP value to 0x8xxxxxxx to access low memory.
This doesn't hit us when we enable paging, as there we just mask away the
unused bits. But with real mode, we assume that vaddr == paddr which is
wrong in this case. Real hardware wraps the virtual address around at the
32bit boundary. So let's do the same.
This fixes booting GNU Hurd in qemu-system-x86_64 for me.
Reported-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
If the guest is running in nested mode on system reset, clearing the
feature MSR signals the kernel to leave this mode. Recent kernels
processes this properly, but leave the VCPU state undefined behind. It
is the job of userspace to bring it to a proper shape. Therefore, write
this specific MSR first so that no state transfer gets lost.
This allows to cleanly reset a guest with VMX in use.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
VCPU TSC is not cleared by a warm reset (*), which leaves some types of Linux
guests (non-pvops guests and those with the kernel parameter no-kvmclock set)
vulnerable to the overflow in cyc2ns_offset fixed by upstream commit
9993bc635d01a6ee7f6b833b4ee65ce7c06350b1 ("sched/x86: Fix overflow in
cyc2ns_offset").
To put it in a nutshell, if such a Linux guest without the patch above applied
has been up more than 208 days and attempts a warm reset chances are that
the newly booted kernel will panic or hang.
(*) Intel Xeon E5 processors show the same broken behavior due to
the errata "TSC is Not Affected by Warm Reset" (Intel® Xeon®
Processor E5 Family Specification Update - August 2013): "The
TSC (Time Stamp Counter MSR 10H) should be cleared on
reset. Due to this erratum the TSC is not affected by warm
reset."
Cc: Will Auld <will.auld@intel.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Fernando Luis Vazquez Cao <fernando@oss.ntt.co.jp>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Fernando Luis Vázquez Cao <fernando_b1@lab.ntt.co.jp>
Newer kernels are capable of synchronizing TSC values of multiple VCPUs
on writeback, but we were excluding the power up case, which is not needed
anymore.
Signed-off-by: Fernando Luis Vazquez Cao <fernando@oss.ntt.co.jp>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Fernando Luis Vázquez Cao <fernando_b1@lab.ntt.co.jp>
Add some MPX related definiation, and hardcode sizes and offsets
of xsave features 3 and 4. It also add corresponding part to
kvm_get/put_xsave, and vmstate.
Signed-off-by: Liu Jinsong <jinsong.liu@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
# By Alex Williamson (1) and others
# Via Paolo Bonzini
* qemu-kvm/uq/master:
target-i386: fix cpuid leaf 0x0d
qemu: mempath: prefault pages manually (v4)
kvm: Query KVM for available memory slots
Message-id: 1386345276-9803-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
Fix cpuid leaf 0x0d which incorrectly parsed eax and ebx.
However, before this patch the CPUID worked fine -- the .offset
field contained the size _and_ was stored in the register that
is supposed to hold the size (eax), and likewise the .size field
contained the offset _and_ was stored in the register trhat is
supposed to hold the offset (ebx).
Signed-off-by: Liu Jinsong <jinsong.liu@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
were getting forgotten or that did not have a clear maintainer responsible
for making a pull request.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABAgAGBQJSjjebAAoJEBvWZb6bTYbySaYP/RgDcAK/+VTEwM9kLa3OlWA+
kp0RNu+8fV9I5ocWDOlh19svZ/KS81D2o3TA4Fv3PBe3d4Mcjqcw1qxk+2Vh+Plt
omN5ysM0jnTxsAgvszS/WaHGzS1Xpge9zazpynCoDYYPTC3JVoD96zYTut62frnk
4i3t5wZwW64Al7f8l4UkWMnneEJW66pHDDI7QgHXhb3YkGX6RYGqTA6hFp+AKV75
IppGVpO46LbzQnGENa7myhnoQrOu1jDlHjhogIuLRwCLZqdqMI+JiPuMACrFb+34
QfcF8lHj9T+RmZj9X1Boq7ZfdveNBmXasDaV+L97uUVBcHHr8t6hniHVXDa07QFL
pGhLz58W/S0PD8UJ5MfKLHqMROiZ7OUCF6uu77sKG4Xnli842lnxJHqy0NYiJ7OL
JA/bYOMb2p+xFLmDJylRdkyDowAk/WZiMRI6QG8oE+nm3Bl4ERH4zlYhAz7nH2KA
K3wsZzV4hZ7IUYrq2H2zDXUCMLUJgA1T+pLSusLeQxGuTcfRLxacFzZSjzlFhlBr
5/qJvzce5AMz/jTbv0ygq2jacKP8aq/dOgUOjaenzinC/G7aaW2m7dEyt+eMYUjj
EiqM1rX2w0ATS1iR2nQdxMNvFBBqLe8VPEuajg3wal+f7Js0ZegsBjrTKUULsPwq
kIuZaZviKLGYnK1zrnYR
=c4Hz
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'bonzini/tags/for-anthony' into staging
Here are a bunch of 1.7-tagged patches that I was afraid
were getting forgotten or that did not have a clear maintainer responsible
for making a pull request.
# gpg: Signature made Thu 21 Nov 2013 08:40:59 AM PST using RSA key ID 9B4D86F2
# gpg: Can't check signature: public key not found
# By Peter Maydell (3) and others
# Via Paolo Bonzini
* bonzini/tags/for-anthony:
qga: Fix compiler warnings (missing format attribute, wrong format strings)
mips jazz: do not raise data bus exception when accessing invalid addresses
target-i386: yield to another VCPU on PAUSE
rng-egd: offset the point when repeatedly read from the buffer
rng-egd: remove redundant free
target-i386: Fix build by providing stub kvm_arch_get_supported_cpuid()
vfio-pci: Fix multifunction=on
atomic.h: Fix build with clang
pc: get rid of builtin pvpanic for "-M pc-1.5"
configure: Explicitly set ARFLAGS so we can build with GNU Make 4.0
sun4m: Add FCode ROM for TCX framebuffer
Message-id: 1385052578-32352-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
After commit b1bbfe7 (aio / timers: On timer modification, qemu_notify
or aio_notify, 2013-08-21) FreeBSD guests report a huge slowdown.
The problem shows up as soon as FreeBSD turns out its periodic (~1 ms)
tick, but the timers are only the trigger for a pre-existing problem.
Before the offending patch, setting a timer did a timer_settime system call.
After, setting the timer exits the event loop (which uses poll) and
reenters it with a new deadline. This does not cause any slowdown; the
difference is between one system call (timer_settime and a signal
delivery (SIGALRM) before the patch, and two system calls afterwards
(write to a pipe or eventfd + calling poll again when re-entering the
event loop).
Unfortunately, the exit/enter causes the main loop to grab the iothread
lock, which in turns kicks the VCPU thread out of execution. This
causes TCG to execute the next VCPU in its round-robin scheduling of
VCPUS. When the second VCPU is mostly unused, FreeBSD runs a "pause"
instruction in its idle loop which only burns cycles without any
progress. As soon as the timer tick expires, the first VCPU runs
the interrupt handler but very soon it sets it again---and QEMU
then goes back doing nothing in the second VCPU.
The fix is to make the pause instruction do "cpu_loop_exit".
Reported-by: Luigi Rizzo <rizzo@iet.unipi.it>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fix build failures with clang when KVM is not enabled by
providing a stub version of kvm_arch_get_supported_cpuid().
We retain the compile time check that this function isn't
called when CONFIG_KVM is not set by guarding the stub with
ifndef __OPTIMIZE__ (we assume that an optimizing build will
do sufficient constant folding and dead code elimination to
remove the calls before linking).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit 787aaf5 (target-i386: forward CPUID cache leaves when -cpu host is
used, 2013-09-02) brings bits 31..26 of CPUID leaf 04h out of sync with
the APIC IDs that QEMU reserves for each package. This number must come
from "-smp" options rather than from the host CPUID.
It also turns out that this unsyncing makes Windows Server 2012R2 fail
to boot.
Tested-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-id: 1384879786-6721-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
After commit b1bbfe7 (aio / timers: On timer modification, qemu_notify
or aio_notify, 2013-08-21) FreeBSD guests report a huge slowdown.
The problem shows up as soon as FreeBSD turns out its periodic (~1 ms)
tick, but the timers are only the trigger for a pre-existing problem.
Before the offending patch, setting a timer did a timer_settime system call.
After, setting the timer exits the event loop (which uses poll) and
reenters it with a new deadline. This does not cause any slowdown; the
difference is between one system call (timer_settime and a signal
delivery (SIGALRM) before the patch, and two system calls afterwards
(write to a pipe or eventfd + calling poll again when re-entering the
event loop).
Unfortunately, the exit/enter causes the main loop to grab the iothread
lock, which in turns kicks the VCPU thread out of execution. This
causes TCG to execute the next VCPU in its round-robin scheduling of
VCPUS. When the second VCPU is mostly unused, FreeBSD runs a "pause"
instruction in its idle loop which only burns cycles without any
progress. As soon as the timer tick expires, the first VCPU runs
the interrupt handler but very soon it sets it again---and QEMU
then goes back doing nothing in the second VCPU.
The fix is to make the pause instruction do "cpu_loop_exit".
Cc: Richard Henderson <rth@twiddle.net>
Reported-by: Luigi Rizzo <rizzo@iet.unipi.it>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1384948442-24217-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
This error was reported by valgrind when running qemu-system-x86_64
with kvm:
==975== Conditional jump or move depends on uninitialised value(s)
==975== at 0x521C38: cpuid_find_entry (kvm.c:176)
==975== by 0x5235BA: kvm_arch_init_vcpu (kvm.c:686)
==975== by 0x4D5175: kvm_init_vcpu (kvm-all.c:267)
==975== by 0x45035B: qemu_kvm_cpu_thread_fn (cpus.c:858)
==975== by 0xD361E0D: start_thread (pthread_create.c:311)
==975== by 0xD65E9EC: clone (clone.S:113)
==975== Uninitialised value was created by a stack allocation
==975== at 0x5226E4: kvm_arch_init_vcpu (kvm.c:446)
Instead of adding more memset calls for parts of cpuid_data, the existing
calls were removed and cpuid_data is now initialized completely in one
call.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Only the first item of the array was ever looked at. No
practical effect, but still worth fixing.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
# By Paolo Bonzini (2) and Jan Kiszka (1)
# Via Gleb Natapov
* qemu-kvm/uq/master:
kvmvapic: Prevent reading beyond the end of guest RAM
x86: cpuid: reconstruct leaf 0Dh data
x86: fix migration from pre-version 12
Message-id: 1382108641-4862-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
# By Peter Maydell (3) and Ákos Kovács (2)
# Via Paolo Bonzini
* bonzini/configure:
ui/Makefile.objs: delete unnecessary cocoa.o dependency
default-configs/: CONFIG_GDBSTUB_XML removed
Makefile.target: CONFIG_NO_* variables removed
rules.mak: New string testing functions
rules.mak: New logical functions for handling y/n values
CONFIG_NO_* variables replaced with the lnot logical function
Signed-off-by: Ákos Kovács <akoskovacs@gmx.com>
[PMM: fixed a few CONFIG_NO_* uses that were missed]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
# By Richard Henderson
# Via Richard Henderson
* rth/tcg-pull:
exec: Add both big- and little-endian memory helpers
tcg: Add qemu_ld_st_i32/64
tcg: Add TCGMemOp
configure: Remove CONFIG_QEMU_LDST_OPTIMIZATION
tcg: Add tcg-be-ldst.h
tcg: Add tcg-be-null.h
exec: Delete is_tcg_gen_code and GETRA_EXT
tcg-aarch64: Update to helper_ret_*_mmu routines
tcg: Merge tcg_register_helper into tcg_context_init
tcg: Add tcg-runtime.c helpers to all_helpers
tcg: Put target helper data into an array.
tcg: Remove stray semi-colons from target-*/helper.h
tcg: Move helper registration into tcg_context_init
target-m68k: Rename helpers.h to helper.h
tcg: Use a GHashTable for tcg_find_helper
tcg: Delete tcg_helper_get_name declaration
tcg-hppa: Remove tcg backend
Message-id: 1381440525-6666-1-git-send-email-rth@twiddle.net
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
* Fix for X86CPU model field of qemu32/qemu64 CPU models
* Bug fix for longjmp on FreeBSD
* Removal of unused function
* Confinement of clone syscall infrastructure to linux-user
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iQIcBAABAgAGBQJSVTKzAAoJEPou0S0+fgE/7tYP/i5dgm6q7jSnhJcwzgHlCHDE
c0BTwnvFjdBdkuAARYb/soo0m9QWfsW/dgC4bG3rO5j3o84PLstMjiZSQch0pqM1
YhA0hYSiFjHrMcRk9FOwIECPIe+QcHZ79iNML+9G4K13D7qg36aJWISbVOWy24Dp
kj5D0wBBDNw032Oh/3z3EAK4U+vLc/+i4s8XjfwtbuBCCn7GMCE3mRnEqnf8ZX3o
H3Il3h/o+I3XQSzIJKXXyJZ5ZVXTtlj0z/0ShQXe8o8u1hINXE2Nf9lB6WG/6sh0
Y43d0uU/e9fWDer25j9yis9KfDNErgYyxlBMUA2X1+Rny5P0twjnnBr5GTAeKgSq
Kcux8Ov7W8cbVoM/px03rnynF9rbFbgmGlx82L+QsNMKWhjnEsfs6unpccpGhHR5
UuZX3ZPrmeHfjv0AZD/U2ya3jfrp0v+9gsTqy3QV1rCPbqPDcJ6jg8jzbPZYjEfa
/Zy0e/0O3sytSyiaAfBg3MzVPBxdzPcn0JjExJQV9BHsUlkZIVCZVMfePw1oIaf+
coyV4cT3hCe8LrSCzPZlRYP+1hIg41W4NicLbDxtS8lqgfRbcglvqw6NFdAM+NcB
z3heQ7IFstQ+pEINXQNy6bS8orv8F1VVvCtZaV+2pzB4TZzjPYuGsrqygre4QkLU
mtpN9BTfmSIjzyo6iYBv
=hQfy
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'afaerber/tags/qom-cpu-for-anthony' into staging
QOM CPUState refactorings / X86CPU
* Fix for X86CPU model field of qemu32/qemu64 CPU models
* Bug fix for longjmp on FreeBSD
* Removal of unused function
* Confinement of clone syscall infrastructure to linux-user
# gpg: Signature made Wed 09 Oct 2013 03:40:51 AM PDT using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found
# By Andreas Färber (2) and others
# Via Andreas Färber
* afaerber/tags/qom-cpu-for-anthony:
cpu: Drop cpu_model_str from CPU_COMMON
cpu: Move cpu_copy() into linux-user
cputlb: Remove dead function tlb_update_dirty()
cpu-exec: Also reload CPUClass *cc after longjmp return in cpu_exec()
target-i386: Set model=6 on qemu64 & qemu32 CPU models
Since this is only read in cpu_copy() and linux-user has a global
cpu_model, drop the field from generic code.
Signed-off-by: Andreas Färber <afaerber@suse.de>
From buildbot default_i386_rhel61:
CC i386-softmmu/target-i386/arch_memory_mapping.o
target-i386/arch_memory_mapping.c: In function 'walk_pde':
target-i386/arch_memory_mapping.c:110: warning:
integer constant is too large for 'long' type
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The data in leaf 0Dh depends on information from other feature bits.
Instead of passing it blindly from the host, compute it based on
whether these feature bits are enabled.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
On KVM, the KVM_SET_XSAVE would be executed with a 0 xstate_bv,
and not restore anything.
Since FP and SSE data are always valid, set them in xstate_bv at reset
time. In fact, that value is the same that KVM_GET_XSAVE returns on
pre-XSAVE hosts.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gleb Natapov <gleb@redhat.com>
