[patch 0/8] add slot deletion, rmap chain tests

[patch 0/8] add slot deletion, rmap chain tests

[Marcelo Tosatti]

[patch 1/8] test: allow functions to execute on non-irq context remotely

[Marcelo Tosatti]

[-- Attachment #1: on-cpu-noipi --]
[-- Type: text/plain, Size: 3438 bytes --]

Which allows code to execute on remote cpus while receiving interrupts.

Also move late smp initialization to common code, and the smp loop
to C code.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/kvm/user/test/lib/x86/smp.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/lib/x86/smp.c
+++ qemu-kvm/kvm/user/test/lib/x86/smp.c
@@ -114,7 +114,7 @@ void on_cpu_async(int cpu, void (*functi
 }
 
 
-void smp_init(void)
+void smp_init_ids(void)
 {
     int i;
     void ipi_entry(void);
@@ -125,4 +125,57 @@ void smp_init(void)
     for (i = 1; i < cpu_count(); ++i)
         on_cpu(i, setup_smp_id, 0);
 
+   printf("detected %d cpus\n", cpu_count());
+}
+
+static void *smp_function(void)
+{
+    void *fn;
+
+    asm ("mov %%gs:8, %0" : "=r"(fn));
+    return fn;
+}
+
+static void setup_smp_function(void *data)
+{
+    asm ("mov %0, %%gs:8" : : "r"(data) : "memory");
+}
+
+static void *smp_data(void)
+{
+    void *fn;
+
+    asm ("mov %%gs:16, %0" : "=r"(fn));
+    return fn;
+}
+
+static void setup_smp_data(void *data)
+{
+    asm ("mov %0, %%gs:16" : : "r"(data) : "memory");
+}
+
+void on_cpu_noipi(int cpu, void (*function)(void *data), void *data)
+{
+    if (cpu == smp_id())
+        function(data);
+    else {
+        on_cpu(cpu, setup_smp_data, data);
+        on_cpu(cpu, setup_smp_function, function);
+    }
+}
+
+void smp_loop(void)
+{
+    void (*fn)(void *data);
+    void *data;
+
+    asm volatile ("hlt");
+    if (smp_id() == 0)
+        return;
+
+    fn = smp_function();
+    if (fn) {
+        fn(smp_data());
+        setup_smp_function(0);
+    }
 }
Index: qemu-kvm/kvm/user/test/lib/x86/smp.h
===================================================================
--- qemu-kvm.orig/kvm/user/test/lib/x86/smp.h
+++ qemu-kvm/kvm/user/test/lib/x86/smp.h
@@ -5,12 +5,11 @@ struct spinlock {
     int v;
 };
 
-void smp_init(void);
-
 int cpu_count(void);
 int smp_id(void);
 void on_cpu(int cpu, void (*function)(void *data), void *data);
 void on_cpu_async(int cpu, void (*function)(void *data), void *data);
+void on_cpu_noipi(int cpu, void (*function)(void *data), void *data);
 void spin_lock(struct spinlock *lock);
 void spin_unlock(struct spinlock *lock);
 
Index: qemu-kvm/kvm/user/test/x86/cstart64.S
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/cstart64.S
+++ qemu-kvm/kvm/user/test/x86/cstart64.S
@@ -165,7 +165,7 @@ ap_start64:
 	nop
 	lock incw cpu_online_count
 
-1:	hlt
+1:	call smp_loop
 	jmp 1b
 
 start64:
@@ -174,6 +174,7 @@ start64:
 	call enable_apic
 	call smp_init
 	call enable_x2apic
+	call smp_init_ids
 	call main
 	mov %eax, %edi
 	call exit
Index: qemu-kvm/kvm/user/test/x86/smptest.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/smptest.c
+++ qemu-kvm/kvm/user/test/x86/smptest.c
@@ -15,8 +15,6 @@ int main()
     int ncpus;
     int i;
 
-    smp_init();
-
     ncpus = cpu_count();
     printf("found %d cpus\n", ncpus);
     for (i = 0; i < ncpus; ++i)
Index: qemu-kvm/kvm/user/test/x86/vmexit.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/vmexit.c
+++ qemu-kvm/kvm/user/test/x86/vmexit.c
@@ -155,8 +155,6 @@ int main(void)
 {
 	int i;
 
-	smp_init();
-
 	for (i = 0; i < ARRAY_SIZE(tests); ++i)
 		do_test(&tests[i]);
 

[patch 2/8] test: add pagefault exception handler

[Marcelo Tosatti]

[-- Attachment #1: pf-vector --]
[-- Type: text/plain, Size: 2018 bytes --]

Which print cr2 and exits.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/kvm/user/test/lib/x86/smp.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/lib/x86/smp.c
+++ qemu-kvm/kvm/user/test/lib/x86/smp.c
@@ -5,6 +5,7 @@
 #include "fwcfg.h"
 
 #define IPI_VECTOR 0x20
+#define PF_VECTOR 0xe
 
 static struct spinlock ipi_lock;
 static void (*ipi_function)(void *data);
@@ -18,6 +19,20 @@ static __attribute__((used)) void ipi()
     ipi_done = 1;
 }
 
+unsigned long read_cr2()
+{
+    unsigned long cr2;
+
+    asm volatile ("mov %%cr2, %0" : "=r"(cr2));
+    return cr2;
+}
+
+static __attribute__((used)) void pf()
+{
+    printf("PF: %lx\n", read_cr2());
+    asm ("call exit");
+}
+
 asm (
      "ipi_entry: \n"
      "   call ipi \n"
@@ -28,21 +43,31 @@ asm (
 #endif
      );
 
+asm (
+     "pf_entry: \n"
+     "   call pf \n"
+#ifndef __x86_64__
+     "   iret"
+#else
+     "   iretq"
+#endif
+     );
+
 
-static void set_ipi_descriptor(void (*ipi_entry)(void))
+static void set_exp_descriptor(void (*entry)(void), unsigned vec)
 {
-    unsigned short *desc = (void *)(IPI_VECTOR * sizeof(long) * 2);
+    unsigned short *desc = (void *)(vec * sizeof(long) * 2);
     unsigned short cs;
-    unsigned long ipi = (unsigned long)ipi_entry;
+    unsigned long fn = (unsigned long)entry;
 
     asm ("mov %%cs, %0" : "=r"(cs));
-    desc[0] = ipi;
+    desc[0] = fn;
     desc[1] = cs;
     desc[2] = 0x8e00;
-    desc[3] = ipi >> 16;
+    desc[3] = fn >> 16;
 #ifdef __x86_64__
-    desc[4] = ipi >> 32;
-    desc[5] = ipi >> 48;
+    desc[4] = fn >> 32;
+    desc[5] = fn >> 48;
     desc[6] = 0;
     desc[7] = 0;
 #endif
@@ -118,8 +143,10 @@ void smp_init_ids(void)
 {
     int i;
     void ipi_entry(void);
+    void pf_entry(void);
 
-    set_ipi_descriptor(ipi_entry);
+    set_exp_descriptor(ipi_entry, IPI_VECTOR);
+    set_exp_descriptor(pf_entry, PF_VECTOR);
 
     setup_smp_id(0);
     for (i = 1; i < cpu_count(); ++i)

[patch 3/8] test: protect fwcfg accesses with lock

[Marcelo Tosatti]

[-- Attachment #1: fwcfg-lock --]
[-- Type: text/plain, Size: 849 bytes --]

So multiple CPU's can access fwcfg safely.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/kvm/user/test/lib/x86/fwcfg.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/lib/x86/fwcfg.c
+++ qemu-kvm/kvm/user/test/lib/x86/fwcfg.c
@@ -1,4 +1,7 @@
 #include "fwcfg.h"
+#include "smp.h"
+
+static struct spinlock lock;
 
 uint64_t fwcfg_get_u(uint16_t index, int bytes)
 {
@@ -6,11 +9,13 @@ uint64_t fwcfg_get_u(uint16_t index, int
     uint8_t b;
     int i;
 
+    spin_lock(&lock);
     asm volatile ("out %0, %1" : : "a"(index), "d"((uint16_t)BIOS_CFG_IOPORT));
     for (i = 0; i < bytes; ++i) {
         asm volatile ("in %1, %0" : "=a"(b) : "d"((uint16_t)(BIOS_CFG_IOPORT + 1)));
         r |= (uint64_t)b << (i * 8);
     }
+    spin_unlock(&lock);
     return r;
 }
 

[patch 4/8] test: export vm helpers

[Marcelo Tosatti]

[-- Attachment #1: vm-export-helpers --]
[-- Type: text/plain, Size: 5203 bytes --]

To be used by next patches. Also make install_pte take an argument 
indicating physical location of pagetable.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
 
Index: qemu-kvm/kvm/user/test/x86/vm.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/vm.c
+++ qemu-kvm/kvm/user/test/x86/vm.c
@@ -3,22 +3,9 @@
 
 void print(const char *s);
 
-#define PAGE_SIZE 4096ul
-#define LARGE_PAGE_SIZE (512 * PAGE_SIZE)
-
 static void *free = 0;
 static void *vfree_top = 0;
 
-static unsigned long virt_to_phys(const void *virt) 
-{ 
-    return (unsigned long)virt;
-}
-
-static void *phys_to_virt(unsigned long phys)
-{
-    return (void *)phys;
-}
-
 void *memset(void *data, int c, unsigned long len)
 {
     char *s = data;
@@ -61,15 +48,11 @@ void free_page(void *page)
 extern char edata;
 static unsigned long end_of_memory;
 
-#define PTE_PRESENT (1ull << 0)
-#define PTE_PSE     (1ull << 7)
-#define PTE_WRITE   (1ull << 1)
-#define PTE_ADDR    (0xffffffffff000ull)
-
-static void install_pte(unsigned long *cr3, 
-			int pte_level, 
+void install_pte(unsigned long *cr3,
+			int pte_level,
 			void *virt,
-			unsigned long pte)
+			unsigned long pte,
+			unsigned long *pt_page)
 {
     int level;
     unsigned long *pt = cr3;
@@ -78,7 +61,11 @@ static void install_pte(unsigned long *c
     for (level = 4; level > pte_level; --level) {
 	offset = ((unsigned long)virt >> ((level-1) * 9 + 12)) & 511;
 	if (!(pt[offset] & PTE_PRESENT)) {
-	    unsigned long *new_pt = alloc_page();
+	    unsigned long *new_pt = pt_page;
+            if (!new_pt)
+                new_pt = alloc_page();
+            else
+                pt_page = 0;
 	    memset(new_pt, 0, PAGE_SIZE);
 	    pt[offset] = virt_to_phys(new_pt) | PTE_PRESENT | PTE_WRITE;
 	}
@@ -108,58 +95,20 @@ static unsigned long get_pte(unsigned lo
     return pte;
 }
 
-static void install_large_page(unsigned long *cr3, 
-			       unsigned long phys,
-			       void *virt)
+void install_large_page(unsigned long *cr3,
+                              unsigned long phys,
+                              void *virt)
 {
-    install_pte(cr3, 2, virt, phys | PTE_PRESENT | PTE_WRITE | PTE_PSE);
+    install_pte(cr3, 2, virt, phys | PTE_PRESENT | PTE_WRITE | PTE_PSE, 0);
 }
 
-static void install_page(unsigned long *cr3, 
-			 unsigned long phys,
-			 void *virt)
+void install_page(unsigned long *cr3,
+                  unsigned long phys,
+                  void *virt)
 {
-    install_pte(cr3, 1, virt, phys | PTE_PRESENT | PTE_WRITE);
-}
-
-static inline void load_cr3(unsigned long cr3)
-{
-    asm ( "mov %0, %%cr3" : : "r"(cr3) );
-}
-
-static inline unsigned long read_cr3()
-{
-    unsigned long cr3;
-
-    asm volatile ( "mov %%cr3, %0" : "=r"(cr3) );
-    return cr3;
+    install_pte(cr3, 1, virt, phys | PTE_PRESENT | PTE_WRITE, 0);
 }
 
-static inline void load_cr0(unsigned long cr0)
-{
-    asm volatile ( "mov %0, %%cr0" : : "r"(cr0) );
-}
-
-static inline unsigned long read_cr0()
-{
-    unsigned long cr0;
-
-    asm volatile ( "mov %%cr0, %0" : "=r"(cr0) );
-    return cr0;
-}
-
-static inline void load_cr4(unsigned long cr4)
-{
-    asm volatile ( "mov %0, %%cr4" : : "r"(cr4) );
-}
-
-static inline unsigned long read_cr4()
-{
-    unsigned long cr4;
-
-    asm volatile ( "mov %%cr4, %0" : "=r"(cr4) );
-    return cr4;
-}
 
 struct gdt_table_descr
 {
Index: qemu-kvm/kvm/user/test/x86/vm.h
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/vm.h
+++ qemu-kvm/kvm/user/test/x86/vm.h
@@ -1,10 +1,72 @@
 #ifndef VM_H
 #define VM_H
 
+#define PAGE_SIZE 4096ul
+#define LARGE_PAGE_SIZE (512 * PAGE_SIZE)
+
+#define PTE_PRESENT (1ull << 0)
+#define PTE_PSE     (1ull << 7)
+#define PTE_WRITE   (1ull << 1)
+#define PTE_ADDR    (0xffffffffff000ull)
+
 void setup_vm();
 
 void *vmalloc(unsigned long size);
 void vfree(void *mem);
 void *vmap(unsigned long long phys, unsigned long size);
 
+void install_pte(unsigned long *cr3,
+                        int pte_level,
+                        void *virt,
+                        unsigned long pte,
+                        unsigned long *pt_page);
+
+void *alloc_page();
+
+void install_large_page(unsigned long *cr3,unsigned long phys,
+                               void *virt);
+void install_page(unsigned long *cr3, unsigned long phys, void *virt);
+
+static inline unsigned long virt_to_phys(const void *virt)
+{
+    return (unsigned long)virt;
+}
+
+static inline void *phys_to_virt(unsigned long phys)
+{
+    return (void *)phys;
+}
+
+
+static inline void load_cr3(unsigned long cr3)
+{
+    asm ( "mov %0, %%cr3" : : "r"(cr3) );
+}
+
+static inline unsigned long read_cr3()
+{
+    unsigned long cr3;
+
+    asm volatile ( "mov %%cr3, %0" : "=r"(cr3) );
+    return cr3;
+}
+
+static inline void load_cr0(unsigned long cr0)
+{
+    asm volatile ( "mov %0, %%cr0" : : "r"(cr0) );
+}
+
+static inline void load_cr4(unsigned long cr4)
+{
+    asm volatile ( "mov %0, %%cr4" : : "r"(cr4) );
+}
+
+static inline unsigned long read_cr4()
+{
+    unsigned long cr4;
+
+    asm volatile ( "mov %%cr4, %0" : "=r"(cr4) );
+    return cr4;
+}
+
 #endif

[patch 5/8] testdev: add port to create/delete memslots

[Marcelo Tosatti]

[-- Attachment #1: qemu-testdev-memslot --]
[-- Type: text/plain, Size: 2333 bytes --]

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/hw/testdev.c
===================================================================
--- qemu-kvm.orig/hw/testdev.c
+++ qemu-kvm/hw/testdev.c
@@ -5,6 +5,10 @@
 struct testdev {
     ISADevice dev;
     CharDriverState *chr;
+    struct memslot {
+        target_phys_addr_t start;
+        target_phys_addr_t end;
+    } memslot;
 };
 
 static void test_device_serial_write(void *opaque, uint32_t addr, uint32_t data)
@@ -90,6 +94,45 @@ static CPUWriteMemoryFunc * const test_i
     test_iomem_writel,
 };
 
+#define CMD_CREATE_SLOT 0x0
+#define CMD_DELETE_SLOT 0x1
+
+static void test_device_memslot_write(void *opaque, uint32_t addr, uint32_t data)
+{
+    uint32_t port = addr - 0x2018;
+    struct testdev *dev = opaque;
+
+    switch(port) {
+    case 0:
+        dev->memslot.start = 0;
+    case 4:
+        dev->memslot.start |= (unsigned long)data << (port * 8);
+        break;
+    case 8:
+        dev->memslot.end = 0;
+    case 12:
+        dev->memslot.end |= (unsigned long)data << ((port-8) * 8);
+        break;
+    case 16:
+        if (data == CMD_CREATE_SLOT) {
+            ram_addr_t ram_addr, size;
+
+            size = dev->memslot.end - dev->memslot.start;
+
+            ram_addr = qemu_ram_alloc(size);
+            cpu_register_physical_memory(dev->memslot.start, size, ram_addr);
+        }
+        else if (data == CMD_DELETE_SLOT) {
+            ram_addr_t size = dev->memslot.end - dev->memslot.start;
+
+            cpu_register_physical_memory(dev->memslot.start, size,
+                                         IO_MEM_UNASSIGNED);
+        }
+    default:
+        break;
+    }
+}
+
 static int init_test_device(ISADevice *isa)
 {
     struct testdev *dev = DO_UPCAST(struct testdev, dev, isa);
@@ -105,6 +148,8 @@ static int init_test_device(ISADevice *i
     register_ioport_read(0xe0, 1, 4, test_device_ioport_read, dev);
     register_ioport_write(0xe0, 1, 4, test_device_ioport_write, dev);
     register_ioport_write(0x2000, 24, 1, test_device_irq_line, NULL);
+    register_ioport_write(0x2018, 20, 4, test_device_memslot_write, dev);
+
     iomem_buf = qemu_mallocz(0x10000);
     iomem = cpu_register_io_memory(test_iomem_read, test_iomem_write, NULL);
     cpu_register_physical_memory(0xff000000, 0x10000, iomem);

[patch 6/8] test: parallel faults vs slot deletion

[Marcelo Tosatti]

[-- Attachment #1: test-slot-deletion --]
[-- Type: text/plain, Size: 4444 bytes --]

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/kvm/user/config-x86-common.mak
===================================================================
--- qemu-kvm.orig/kvm/user/config-x86-common.mak
+++ qemu-kvm/kvm/user/config-x86-common.mak
@@ -42,6 +42,9 @@ $(TEST_DIR)/sieve.flat: $(cstart.o) $(TE
 		$(TEST_DIR)/print.o $(TEST_DIR)/vm.o
  
 $(TEST_DIR)/vmexit.flat: $(cstart.o) $(TEST_DIR)/vmexit.o
+
+$(TEST_DIR)/slot_deletion.flat: $(cstart.o) $(TEST_DIR)/slot_deletion.o \
+		$(TEST_DIR)/print.o $(TEST_DIR)/vm.o
  
 $(TEST_DIR)/test32.flat: $(TEST_DIR)/test32.o
 
Index: qemu-kvm/kvm/user/config-x86_64.mak
===================================================================
--- qemu-kvm.orig/kvm/user/config-x86_64.mak
+++ qemu-kvm/kvm/user/config-x86_64.mak
@@ -7,6 +7,7 @@ CFLAGS += -D__x86_64__
 tests = $(TEST_DIR)/access.flat $(TEST_DIR)/sieve.flat \
       $(TEST_DIR)/simple.flat $(TEST_DIR)/stringio.flat \
       $(TEST_DIR)/memtest1.flat $(TEST_DIR)/emulator.flat \
-      $(TEST_DIR)/hypercall.flat $(TEST_DIR)/apic.flat
+      $(TEST_DIR)/hypercall.flat $(TEST_DIR)/apic.flat \
+      $(TEST_DIR)/slot_deletion.flat
 
 include config-x86-common.mak
Index: qemu-kvm/kvm/user/test/x86/slot_deletion.c
===================================================================
--- /dev/null
+++ qemu-kvm/kvm/user/test/x86/slot_deletion.c
@@ -0,0 +1,130 @@
+/* test parallel faults vs slot deletion */
+
+#include "libcflat.h"
+#include "vm.h"
+#include "smp.h"
+
+static unsigned int inl(unsigned short port)
+{
+    unsigned int val;
+    asm volatile ("inl %w1, %0":"=a" (val):"Nd" (port));
+    return val;
+}
+
+static void outl(unsigned int data, unsigned short port)
+{
+    asm volatile ("outl %0, %1"::"a" (data), "d" (port));
+}
+
+static int write_mem_slot (unsigned long start, unsigned long end)
+{
+    outl(start, 0x2018);
+    outl((unsigned long) start >> 32, 0x201c);
+
+    outl(end, 0x2020);
+    outl((unsigned long) end >> 32, 0x2024);
+    return 0;
+}
+
+#define CMD_CREATE_SLOT 0x0
+#define CMD_DELETE_SLOT 0x1
+
+int create_mem_slot(unsigned long start, unsigned long end)
+{
+    write_mem_slot (start, end);
+    outl(CMD_CREATE_SLOT, 0x2028);
+    return 0;
+}
+
+int delete_mem_slot(unsigned long start, unsigned long end)
+{
+    write_mem_slot (start, end);
+    outl(CMD_DELETE_SLOT, 0x2028);
+    return 0;
+}
+
+void map_addr_with_pte_phys(void *virt_addr, unsigned long pte_phys,
+			    void *target_page)
+{
+    /* 1:1 map the pagetable inside memslot */
+    install_page(phys_to_virt(read_cr3()), pte_phys, (void *)pte_phys);
+    install_pte(phys_to_virt(read_cr3()), 1, virt_addr,
+	        virt_to_phys(target_page) | PTE_PRESENT | PTE_WRITE,
+	        (void *) pte_phys);
+}
+
+#define define_barrier(x) int count_##x = 0;            \
+static void barrier_##x(void) {                         \
+    count_##x++;                                        \
+    while (count_##x < cpu_count());                    \
+}
+
+define_barrier(cr3);
+define_barrier(fault);
+define_barrier(done);
+
+static void fault_vaddr(void *data)
+{
+    unsigned long *target_map = data;
+
+    barrier_fault();
+    *target_map = 0;
+    barrier_done();
+}
+
+void run_test(void)
+{
+    unsigned long start, end, pte_phys;
+    void *target_page, *virt_addr;
+    int i;
+
+    start = inl(0xd1);
+    end = start + (PAGE_SIZE * 1000);
+    create_mem_slot(start, end);
+    target_page = alloc_page();
+
+    pte_phys = start;
+    virt_addr = (void *) 0xfffffa000;
+    for (i = 2; i <= cpu_count(); i++) {
+        map_addr_with_pte_phys(virt_addr, pte_phys, target_page);
+        pte_phys += PAGE_SIZE;
+        virt_addr += PAGE_SIZE * 512;
+    }
+
+    count_fault = 0;
+    count_done = 0;
+    pte_phys = start;
+    virt_addr = (void *)0xfffffa000;
+    for (i = 2; i <= cpu_count(); i++) {
+        on_cpu_noipi(i-1, fault_vaddr, virt_addr);
+        pte_phys += PAGE_SIZE;
+        virt_addr += PAGE_SIZE * 512;
+    }
+
+    barrier_fault();
+    delete_mem_slot(start, end);
+    barrier_done();
+}
+
+static void setup_cr3 (void *cr3)
+{
+    load_cr3(virt_to_phys(cr3));
+    barrier_cr3();
+}
+
+int main (void)
+{
+    int i;
+
+    setup_vm();
+    for (i = 2; i <= cpu_count(); i++)
+        on_cpu_noipi(i-1, setup_cr3, (void *)read_cr3());
+
+    barrier_cr3();
+
+    for (i = 0; i < 100; i++)
+        run_test();
+
+    printf("SUCCESS\n");
+    return 0;
+}

[patch 7/8] test: bump max vcpus to 64

[Marcelo Tosatti]

[-- Attachment #1: bump-max-vcpus --]
[-- Type: text/plain, Size: 349 bytes --]

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/kvm/user/test/x86/cstart64.S
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/cstart64.S
+++ qemu-kvm/kvm/user/test/x86/cstart64.S
@@ -6,7 +6,7 @@ boot_idt = 0
 
 ipi_vector = 0x20
 
-max_cpus = 4
+max_cpus = 64
 
 .bss
 

[patch 8/8] test: long rmap chains

[Marcelo Tosatti]

[-- Attachment #1: test-rmap-chain --]
[-- Type: text/plain, Size: 2572 bytes --]

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/kvm/user/config-x86-common.mak
===================================================================
--- qemu-kvm.orig/kvm/user/config-x86-common.mak
+++ qemu-kvm/kvm/user/config-x86-common.mak
@@ -45,6 +45,9 @@ $(TEST_DIR)/vmexit.flat: $(cstart.o) $(T
 
 $(TEST_DIR)/slot_deletion.flat: $(cstart.o) $(TEST_DIR)/slot_deletion.o \
 		$(TEST_DIR)/print.o $(TEST_DIR)/vm.o
+
+$(TEST_DIR)/rmap_chain.flat: $(cstart.o) $(TEST_DIR)/rmap_chain.o \
+		$(TEST_DIR)/print.o $(TEST_DIR)/vm.o
  
 $(TEST_DIR)/test32.flat: $(TEST_DIR)/test32.o
 
Index: qemu-kvm/kvm/user/config-x86_64.mak
===================================================================
--- qemu-kvm.orig/kvm/user/config-x86_64.mak
+++ qemu-kvm/kvm/user/config-x86_64.mak
@@ -8,6 +8,6 @@ tests = $(TEST_DIR)/access.flat $(TEST_D
       $(TEST_DIR)/simple.flat $(TEST_DIR)/stringio.flat \
       $(TEST_DIR)/memtest1.flat $(TEST_DIR)/emulator.flat \
       $(TEST_DIR)/hypercall.flat $(TEST_DIR)/apic.flat \
-      $(TEST_DIR)/slot_deletion.flat
+      $(TEST_DIR)/slot_deletion.flat $(TEST_DIR)/rmap_chain.flat
 
 include config-x86-common.mak
Index: qemu-kvm/kvm/user/test/x86/rmap_chain.c
===================================================================
--- /dev/null
+++ qemu-kvm/kvm/user/test/x86/rmap_chain.c
@@ -0,0 +1,53 @@
+/* test long rmap chains */
+
+#include "libcflat.h"
+#include "vm.h"
+#include "smp.h"
+
+void print(const char *s);
+
+static unsigned int inl(unsigned short port)
+{
+    unsigned int val;
+    asm volatile ("inl %w1, %0":"=a" (val):"Nd" (port));
+    return val;
+}
+
+int main (void)
+{
+    int i;
+    int nr_pages;
+    void *target_page, *virt_addr;
+
+    setup_vm();
+
+    nr_pages = inl(0xd1) / PAGE_SIZE;
+    nr_pages -= 1000;
+    target_page = alloc_page();
+
+    virt_addr = (void *) 0xfffffa000;
+    for (i = 0; i < nr_pages; i++) {
+        install_page(phys_to_virt(read_cr3()), virt_to_phys(target_page),
+                     virt_addr);
+        virt_addr += PAGE_SIZE;
+    }
+    printf("created %d mappings\n", nr_pages);
+
+    virt_addr = (void *) 0xfffffa000;
+    for (i = 0; i < nr_pages; i++) {
+        unsigned long *touch = virt_addr;
+
+        *touch = 0;
+        virt_addr += PAGE_SIZE;
+    }
+    printf("instantiated mappings\n");
+
+    virt_addr += PAGE_SIZE;
+    install_pte(phys_to_virt(read_cr3()), 1, virt_addr,
+                0 | PTE_PRESENT | PTE_WRITE, target_page);
+
+    *(unsigned long *)virt_addr = 0;
+    printf("SUCCESS\n");
+
+    return 0;
+}

Re: [patch 1/8] test: allow functions to execute on non-irq context remotely

[Avi Kivity]

On 03/24/2010 11:24 PM, Marcelo Tosatti wrote:
> Which allows code to execute on remote cpus while receiving interrupts.
>
> Also move late smp initialization to common code, and the smp loop
> to C code.
>    


> +
> +void smp_loop(void)
> +{
> +    void (*fn)(void *data);
> +    void *data;
> +
> +    asm volatile ("hlt");
>    

Racy.  The interrupt can happen before the hlt, which will kill the 
cpu.  Needs to be

     cli
     while not smp_function():
         sti; hlt
         cli
     sti
     smp_function()(smp_data())

Also need to make sure two on_cpu_noipi()s don't stomp on each other.

-- 
error compiling committee.c: too many arguments to function

Re: [patch 5/8] testdev: add port to create/delete memslots

[Avi Kivity]

On 03/24/2010 11:24 PM, Marcelo Tosatti wrote:
> Signed-off-by: Marcelo Tosatti<mtosatti@redhat.com>
>    

Whoa, memory hotplug.

-- 
error compiling committee.c: too many arguments to function

Re: [patch 1/8] test: allow functions to execute on non-irq context remotely

[Marcelo Tosatti]

On Thu, Mar 25, 2010 at 06:25:56PM +0200, Avi Kivity wrote:
> On 03/24/2010 11:24 PM, Marcelo Tosatti wrote:
> >Which allows code to execute on remote cpus while receiving interrupts.
> >
> >Also move late smp initialization to common code, and the smp loop
> >to C code.
> 
> 
> >+
> >+void smp_loop(void)
> >+{
> >+    void (*fn)(void *data);
> >+    void *data;
> >+
> >+    asm volatile ("hlt");
> 
> Racy.  The interrupt can happen before the hlt, which will kill the
> cpu.  

Why would it kill the cpu? Only miss the event AFAICS. See patch below.

> Needs to be
> 
>     cli
>     while not smp_function():
>         sti; hlt
>         cli
>     sti
>     smp_function()(smp_data())
> 
> Also need to make sure two on_cpu_noipi()s don't stomp on each other.

Only cpu0 requests this ATM, and the IPIs to set function/data are
protected by a spinlock which serializes between cpu0<->target.

Its responsability of the caller to synchronization with termination. 

Are you OK with this:



test: allow functions to execute on non-irq context remotely

Which allows code to execute on remote cpus while receiving interrupts.

Also move late smp initialization to common code, and the smp loop
to C code.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

Index: qemu-kvm/kvm/user/test/lib/x86/smp.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/lib/x86/smp.c
+++ qemu-kvm/kvm/user/test/lib/x86/smp.c
@@ -114,7 +114,7 @@ void on_cpu_async(int cpu, void (*functi
 }
 
 
-void smp_init(void)
+void smp_init_ids(void)
 {
     int i;
     void ipi_entry(void);
@@ -125,4 +125,70 @@ void smp_init(void)
     for (i = 1; i < cpu_count(); ++i)
         on_cpu(i, setup_smp_id, 0);
 
+   printf("detected %d cpus\n", cpu_count());
+}
+
+static void *smp_function(void)
+{
+    void *fn;
+
+    asm ("mov %%gs:8, %0" : "=r"(fn));
+    return fn;
+}
+
+static void setup_smp_function(void *data)
+{
+    asm ("mov %0, %%gs:8" : : "r"(data) : "memory");
+}
+
+static void *smp_data(void)
+{
+    void *fn;
+
+    asm ("mov %%gs:16, %0" : "=r"(fn));
+    return fn;
+}
+
+static void setup_smp_data(void *data)
+{
+    asm ("mov %0, %%gs:16" : : "r"(data) : "memory");
+}
+
+void on_cpu_noipi(int cpu, void (*function)(void *data), void *data)
+{
+    if (cpu == smp_id())
+        function(data);
+    else {
+        on_cpu(cpu, setup_smp_data, data);
+        on_cpu(cpu, setup_smp_function, function);
+    }
+}
+
+static void irq_disable(void)
+{
+    asm volatile("cli");
+}
+
+static void irq_enable(void)
+{
+    asm volatile("sti");
+}
+
+void smp_loop(void)
+{
+    void (*fn)(void *data);
+
+    irq_disable();
+    fn = smp_function();
+    if (fn) {
+        setup_smp_function(0);
+        irq_enable();
+        fn(smp_data());
+        irq_disable();
+    }
+
+    irq_enable();
+    asm volatile ("hlt");
+    irq_disable();
+
 }
Index: qemu-kvm/kvm/user/test/lib/x86/smp.h
===================================================================
--- qemu-kvm.orig/kvm/user/test/lib/x86/smp.h
+++ qemu-kvm/kvm/user/test/lib/x86/smp.h
@@ -5,12 +5,11 @@ struct spinlock {
     int v;
 };
 
-void smp_init(void);
-
 int cpu_count(void);
 int smp_id(void);
 void on_cpu(int cpu, void (*function)(void *data), void *data);
 void on_cpu_async(int cpu, void (*function)(void *data), void *data);
+void on_cpu_noipi(int cpu, void (*function)(void *data), void *data);
 void spin_lock(struct spinlock *lock);
 void spin_unlock(struct spinlock *lock);
 
Index: qemu-kvm/kvm/user/test/x86/cstart64.S
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/cstart64.S
+++ qemu-kvm/kvm/user/test/x86/cstart64.S
@@ -165,7 +165,7 @@ ap_start64:
 	nop
 	lock incw cpu_online_count
 
-1:	hlt
+1:	call smp_loop
 	jmp 1b
 
 start64:
@@ -174,6 +174,7 @@ start64:
 	call enable_apic
 	call smp_init
 	call enable_x2apic
+	call smp_init_ids
 	call main
 	mov %eax, %edi
 	call exit
Index: qemu-kvm/kvm/user/test/x86/smptest.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/smptest.c
+++ qemu-kvm/kvm/user/test/x86/smptest.c
@@ -15,8 +15,6 @@ int main()
     int ncpus;
     int i;
 
-    smp_init();
-
     ncpus = cpu_count();
     printf("found %d cpus\n", ncpus);
     for (i = 0; i < ncpus; ++i)
Index: qemu-kvm/kvm/user/test/x86/vmexit.c
===================================================================
--- qemu-kvm.orig/kvm/user/test/x86/vmexit.c
+++ qemu-kvm/kvm/user/test/x86/vmexit.c
@@ -155,8 +155,6 @@ int main(void)
 {
 	int i;
 
-	smp_init();
-
 	for (i = 0; i < ARRAY_SIZE(tests); ++i)
 		do_test(&tests[i]);
 

Re: [patch 1/8] test: allow functions to execute on non-irq context remotely

[Avi Kivity]

On 03/25/2010 08:07 PM, Marcelo Tosatti wrote:
> On Thu, Mar 25, 2010 at 06:25:56PM +0200, Avi Kivity wrote:
>    
>> On 03/24/2010 11:24 PM, Marcelo Tosatti wrote:
>>      
>>> Which allows code to execute on remote cpus while receiving interrupts.
>>>
>>> Also move late smp initialization to common code, and the smp loop
>>> to C code.
>>>        
>>
>>      
>>> +
>>> +void smp_loop(void)
>>> +{
>>> +    void (*fn)(void *data);
>>> +    void *data;
>>> +
>>> +    asm volatile ("hlt");
>>>        
>> Racy.  The interrupt can happen before the hlt, which will kill the
>> cpu.
>>      
> Why would it kill the cpu? Only miss the event AFAICS. See patch below.
>    

If the other cpu won't send it a new event until this one is completed.


>> Needs to be
>>
>>      cli
>>      while not smp_function():
>>          sti; hlt
>>          cli
>>      sti
>>      smp_function()(smp_data())
>>
>> Also need to make sure two on_cpu_noipi()s don't stomp on each other.
>>      
> Only cpu0 requests this ATM, and the IPIs to set function/data are
> protected by a spinlock which serializes between cpu0<->target.
>
> Its responsability of the caller to synchronization with termination.
>
> Are you OK with this:
>    

> +
> +static void irq_disable(void)
> +{
> +    asm volatile("cli");
> +}
> +
> +static void irq_enable(void)
> +{
> +    asm volatile("sti");
> +}
> +
> +void smp_loop(void)
> +{
> +    void (*fn)(void *data);
> +
> +    irq_disable();
> +    fn = smp_function();
> +    if (fn) {
> +        setup_smp_function(0);
> +        irq_enable();
> +        fn(smp_data());
> +        irq_disable();
> +    }
> +
> +    irq_enable();
> +    asm volatile ("hlt");
> +    irq_disable();
>    

sti; hlt need to be in one asm statement so the compiler does't insert 
anything (for example a call insn) or the race window opens again.

Even then, can't two cpus overwrite a third cpu's smp_function()?

The most worrying bit is that this follows no known model so the reader 
doesn't know what to expect.  on_cpu() follows Linux, but on_cpu_noipi 
has no parallel.

What about switching to a thread model?  Have a single global runqueue, 
round robin threads (no preemption, only on calls to schedule()), use 
cpus_allowed to pin a thread to a cpu.


-- 
Do not meddle in the internals of kernels, for they are subtle and quick to panic.