qemu

1
/*
2
 * CPU thread main loop - common bits for user and system mode emulation
3
 *
4
 *  Copyright (c) 2003-2005 Fabrice Bellard
5
 *
6
 * This library is free software; you can redistribute it and/or
7
 * modify it under the terms of the GNU Lesser General Public
8
 * License as published by the Free Software Foundation; either
9
 * version 2.1 of the License, or (at your option) any later version.
10
 *
11
 * This library is distributed in the hope that it will be useful,
12
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14
 * Lesser General Public License for more details.
15
 *
16
 * You should have received a copy of the GNU Lesser General Public
17
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18
 */
19

20
#include "qemu/osdep.h"
21
#include "qemu/main-loop.h"
22
#include "exec/cpu-common.h"
23
#include "hw/core/cpu.h"
24
#include "sysemu/cpus.h"
25
#include "qemu/lockable.h"
26
#include "trace/trace-root.h"
27

28
QemuMutex qemu_cpu_list_lock;
29
static QemuCond exclusive_cond;
30
static QemuCond exclusive_resume;
31
static QemuCond qemu_work_cond;
32

33
/* >= 1 if a thread is inside start_exclusive/end_exclusive.  Written
34
 * under qemu_cpu_list_lock, read with atomic operations.
35
 */
36
static int pending_cpus;
37

38
void qemu_init_cpu_list(void)
39
{
40
    /* This is needed because qemu_init_cpu_list is also called by the
41
     * child process in a fork.  */
42
    pending_cpus = 0;
43

44
    qemu_mutex_init(&qemu_cpu_list_lock);
45
    qemu_cond_init(&exclusive_cond);
46
    qemu_cond_init(&exclusive_resume);
47
    qemu_cond_init(&qemu_work_cond);
48
}
49

50
void cpu_list_lock(void)
51
{
52
    qemu_mutex_lock(&qemu_cpu_list_lock);
53
}
54

55
void cpu_list_unlock(void)
56
{
57
    qemu_mutex_unlock(&qemu_cpu_list_lock);
58
}
59

60

61
int cpu_get_free_index(void)
62
{
63
    CPUState *some_cpu;
64
    int max_cpu_index = 0;
65

66
    CPU_FOREACH(some_cpu) {
67
        if (some_cpu->cpu_index >= max_cpu_index) {
68
            max_cpu_index = some_cpu->cpu_index + 1;
69
        }
70
    }
71
    return max_cpu_index;
72
}
73

74
CPUTailQ cpus_queue = QTAILQ_HEAD_INITIALIZER(cpus_queue);
75
static unsigned int cpu_list_generation_id;
76

77
unsigned int cpu_list_generation_id_get(void)
78
{
79
    return cpu_list_generation_id;
80
}
81

82
void cpu_list_add(CPUState *cpu)
83
{
84
    static bool cpu_index_auto_assigned;
85

86
    QEMU_LOCK_GUARD(&qemu_cpu_list_lock);
87
    if (cpu->cpu_index == UNASSIGNED_CPU_INDEX) {
88
        cpu_index_auto_assigned = true;
89
        cpu->cpu_index = cpu_get_free_index();
90
        assert(cpu->cpu_index != UNASSIGNED_CPU_INDEX);
91
    } else {
92
        assert(!cpu_index_auto_assigned);
93
    }
94
    QTAILQ_INSERT_TAIL_RCU(&cpus_queue, cpu, node);
95
    cpu_list_generation_id++;
96
}
97

98
void cpu_list_remove(CPUState *cpu)
99
{
100
    QEMU_LOCK_GUARD(&qemu_cpu_list_lock);
101
    if (!QTAILQ_IN_USE(cpu, node)) {
102
        /* there is nothing to undo since cpu_exec_init() hasn't been called */
103
        return;
104
    }
105

106
    QTAILQ_REMOVE_RCU(&cpus_queue, cpu, node);
107
    cpu->cpu_index = UNASSIGNED_CPU_INDEX;
108
    cpu_list_generation_id++;
109
}
110

111
CPUState *qemu_get_cpu(int index)
112
{
113
    CPUState *cpu;
114

115
    CPU_FOREACH(cpu) {
116
        if (cpu->cpu_index == index) {
117
            return cpu;
118
        }
119
    }
120

121
    return NULL;
122
}
123

124
/* current CPU in the current thread. It is only valid inside cpu_exec() */
125
__thread CPUState *current_cpu;
126

127
struct qemu_work_item {
128
    QSIMPLEQ_ENTRY(qemu_work_item) node;
129
    run_on_cpu_func func;
130
    run_on_cpu_data data;
131
    bool free, exclusive, done;
132
};
133

134
static void queue_work_on_cpu(CPUState *cpu, struct qemu_work_item *wi)
135
{
136
    qemu_mutex_lock(&cpu->work_mutex);
137
    QSIMPLEQ_INSERT_TAIL(&cpu->work_list, wi, node);
138
    wi->done = false;
139
    qemu_mutex_unlock(&cpu->work_mutex);
140

141
    qemu_cpu_kick(cpu);
142
}
143

144
void do_run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data data,
145
                   QemuMutex *mutex)
146
{
147
    struct qemu_work_item wi;
148

149
    if (qemu_cpu_is_self(cpu)) {
150
        func(cpu, data);
151
        return;
152
    }
153

154
    wi.func = func;
155
    wi.data = data;
156
    wi.done = false;
157
    wi.free = false;
158
    wi.exclusive = false;
159

160
    queue_work_on_cpu(cpu, &wi);
161
    while (!qatomic_load_acquire(&wi.done)) {
162
        CPUState *self_cpu = current_cpu;
163

164
        qemu_cond_wait(&qemu_work_cond, mutex);
165
        current_cpu = self_cpu;
166
    }
167
}
168

169
void async_run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data data)
170
{
171
    struct qemu_work_item *wi;
172

173
    wi = g_new0(struct qemu_work_item, 1);
174
    wi->func = func;
175
    wi->data = data;
176
    wi->free = true;
177

178
    queue_work_on_cpu(cpu, wi);
179
}
180

181
/* Wait for pending exclusive operations to complete.  The CPU list lock
182
   must be held.  */
183
static inline void exclusive_idle(void)
184
{
185
    while (pending_cpus) {
186
        qemu_cond_wait(&exclusive_resume, &qemu_cpu_list_lock);
187
    }
188
}
189

190
/* Start an exclusive operation.
191
   Must only be called from outside cpu_exec.  */
192
void start_exclusive(void)
193
{
194
    CPUState *other_cpu;
195
    int running_cpus;
196

197
    if (current_cpu->exclusive_context_count) {
198
        current_cpu->exclusive_context_count++;
199
        return;
200
    }
201

202
    qemu_mutex_lock(&qemu_cpu_list_lock);
203
    exclusive_idle();
204

205
    /* Make all other cpus stop executing.  */
206
    qatomic_set(&pending_cpus, 1);
207

208
    /* Write pending_cpus before reading other_cpu->running.  */
209
    smp_mb();
210
    running_cpus = 0;
211
    CPU_FOREACH(other_cpu) {
212
        if (qatomic_read(&other_cpu->running)) {
213
            other_cpu->has_waiter = true;
214
            running_cpus++;
215
            qemu_cpu_kick(other_cpu);
216
        }
217
    }
218

219
    qatomic_set(&pending_cpus, running_cpus + 1);
220
    while (pending_cpus > 1) {
221
        qemu_cond_wait(&exclusive_cond, &qemu_cpu_list_lock);
222
    }
223

224
    /* Can release mutex, no one will enter another exclusive
225
     * section until end_exclusive resets pending_cpus to 0.
226
     */
227
    qemu_mutex_unlock(&qemu_cpu_list_lock);
228

229
    current_cpu->exclusive_context_count = 1;
230
}
231

232
/* Finish an exclusive operation.  */
233
void end_exclusive(void)
234
{
235
    current_cpu->exclusive_context_count--;
236
    if (current_cpu->exclusive_context_count) {
237
        return;
238
    }
239

240
    qemu_mutex_lock(&qemu_cpu_list_lock);
241
    qatomic_set(&pending_cpus, 0);
242
    qemu_cond_broadcast(&exclusive_resume);
243
    qemu_mutex_unlock(&qemu_cpu_list_lock);
244
}
245

246
/* Wait for exclusive ops to finish, and begin cpu execution.  */
247
void cpu_exec_start(CPUState *cpu)
248
{
249
    qatomic_set(&cpu->running, true);
250

251
    /* Write cpu->running before reading pending_cpus.  */
252
    smp_mb();
253

254
    /* 1. start_exclusive saw cpu->running == true and pending_cpus >= 1.
255
     * After taking the lock we'll see cpu->has_waiter == true and run---not
256
     * for long because start_exclusive kicked us.  cpu_exec_end will
257
     * decrement pending_cpus and signal the waiter.
258
     *
259
     * 2. start_exclusive saw cpu->running == false but pending_cpus >= 1.
260
     * This includes the case when an exclusive item is running now.
261
     * Then we'll see cpu->has_waiter == false and wait for the item to
262
     * complete.
263
     *
264
     * 3. pending_cpus == 0.  Then start_exclusive is definitely going to
265
     * see cpu->running == true, and it will kick the CPU.
266
     */
267
    if (unlikely(qatomic_read(&pending_cpus))) {
268
        QEMU_LOCK_GUARD(&qemu_cpu_list_lock);
269
        if (!cpu->has_waiter) {
270
            /* Not counted in pending_cpus, let the exclusive item
271
             * run.  Since we have the lock, just set cpu->running to true
272
             * while holding it; no need to check pending_cpus again.
273
             */
274
            qatomic_set(&cpu->running, false);
275
            exclusive_idle();
276
            /* Now pending_cpus is zero.  */
277
            qatomic_set(&cpu->running, true);
278
        } else {
279
            /* Counted in pending_cpus, go ahead and release the
280
             * waiter at cpu_exec_end.
281
             */
282
        }
283
    }
284
}
285

286
/* Mark cpu as not executing, and release pending exclusive ops.  */
287
void cpu_exec_end(CPUState *cpu)
288
{
289
    qatomic_set(&cpu->running, false);
290

291
    /* Write cpu->running before reading pending_cpus.  */
292
    smp_mb();
293

294
    /* 1. start_exclusive saw cpu->running == true.  Then it will increment
295
     * pending_cpus and wait for exclusive_cond.  After taking the lock
296
     * we'll see cpu->has_waiter == true.
297
     *
298
     * 2. start_exclusive saw cpu->running == false but here pending_cpus >= 1.
299
     * This includes the case when an exclusive item started after setting
300
     * cpu->running to false and before we read pending_cpus.  Then we'll see
301
     * cpu->has_waiter == false and not touch pending_cpus.  The next call to
302
     * cpu_exec_start will run exclusive_idle if still necessary, thus waiting
303
     * for the item to complete.
304
     *
305
     * 3. pending_cpus == 0.  Then start_exclusive is definitely going to
306
     * see cpu->running == false, and it can ignore this CPU until the
307
     * next cpu_exec_start.
308
     */
309
    if (unlikely(qatomic_read(&pending_cpus))) {
310
        QEMU_LOCK_GUARD(&qemu_cpu_list_lock);
311
        if (cpu->has_waiter) {
312
            cpu->has_waiter = false;
313
            qatomic_set(&pending_cpus, pending_cpus - 1);
314
            if (pending_cpus == 1) {
315
                qemu_cond_signal(&exclusive_cond);
316
            }
317
        }
318
    }
319
}
320

321
void async_safe_run_on_cpu(CPUState *cpu, run_on_cpu_func func,
322
                           run_on_cpu_data data)
323
{
324
    struct qemu_work_item *wi;
325

326
    wi = g_new0(struct qemu_work_item, 1);
327
    wi->func = func;
328
    wi->data = data;
329
    wi->free = true;
330
    wi->exclusive = true;
331

332
    queue_work_on_cpu(cpu, wi);
333
}
334

335
void free_queued_cpu_work(CPUState *cpu)
336
{
337
    while (!QSIMPLEQ_EMPTY(&cpu->work_list)) {
338
        struct qemu_work_item *wi = QSIMPLEQ_FIRST(&cpu->work_list);
339
        QSIMPLEQ_REMOVE_HEAD(&cpu->work_list, node);
340
        if (wi->free) {
341
            g_free(wi);
342
        }
343
    }
344
}
345

346
void process_queued_cpu_work(CPUState *cpu)
347
{
348
    struct qemu_work_item *wi;
349

350
    qemu_mutex_lock(&cpu->work_mutex);
351
    if (QSIMPLEQ_EMPTY(&cpu->work_list)) {
352
        qemu_mutex_unlock(&cpu->work_mutex);
353
        return;
354
    }
355
    while (!QSIMPLEQ_EMPTY(&cpu->work_list)) {
356
        wi = QSIMPLEQ_FIRST(&cpu->work_list);
357
        QSIMPLEQ_REMOVE_HEAD(&cpu->work_list, node);
358
        qemu_mutex_unlock(&cpu->work_mutex);
359
        if (wi->exclusive) {
360
            /* Running work items outside the BQL avoids the following deadlock:
361
             * 1) start_exclusive() is called with the BQL taken while another
362
             * CPU is running; 2) cpu_exec in the other CPU tries to takes the
363
             * BQL, so it goes to sleep; start_exclusive() is sleeping too, so
364
             * neither CPU can proceed.
365
             */
366
            bql_unlock();
367
            start_exclusive();
368
            wi->func(cpu, wi->data);
369
            end_exclusive();
370
            bql_lock();
371
        } else {
372
            wi->func(cpu, wi->data);
373
        }
374
        qemu_mutex_lock(&cpu->work_mutex);
375
        if (wi->free) {
376
            g_free(wi);
377
        } else {
378
            qatomic_store_release(&wi->done, true);
379
        }
380
    }
381
    qemu_mutex_unlock(&cpu->work_mutex);
382
    qemu_cond_broadcast(&qemu_work_cond);
383
}
384

385
/* Add a breakpoint.  */
386
int cpu_breakpoint_insert(CPUState *cpu, vaddr pc, int flags,
387
                          CPUBreakpoint **breakpoint)
388
{
389
    CPUClass *cc = CPU_GET_CLASS(cpu);
390
    CPUBreakpoint *bp;
391

392
    if (cc->gdb_adjust_breakpoint) {
393
        pc = cc->gdb_adjust_breakpoint(cpu, pc);
394
    }
395

396
    bp = g_malloc(sizeof(*bp));
397

398
    bp->pc = pc;
399
    bp->flags = flags;
400

401
    /* keep all GDB-injected breakpoints in front */
402
    if (flags & BP_GDB) {
403
        QTAILQ_INSERT_HEAD(&cpu->breakpoints, bp, entry);
404
    } else {
405
        QTAILQ_INSERT_TAIL(&cpu->breakpoints, bp, entry);
406
    }
407

408
    if (breakpoint) {
409
        *breakpoint = bp;
410
    }
411

412
    trace_breakpoint_insert(cpu->cpu_index, pc, flags);
413
    return 0;
414
}
415

416
/* Remove a specific breakpoint.  */
417
int cpu_breakpoint_remove(CPUState *cpu, vaddr pc, int flags)
418
{
419
    CPUClass *cc = CPU_GET_CLASS(cpu);
420
    CPUBreakpoint *bp;
421

422
    if (cc->gdb_adjust_breakpoint) {
423
        pc = cc->gdb_adjust_breakpoint(cpu, pc);
424
    }
425

426
    QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
427
        if (bp->pc == pc && bp->flags == flags) {
428
            cpu_breakpoint_remove_by_ref(cpu, bp);
429
            return 0;
430
        }
431
    }
432
    return -ENOENT;
433
}
434

435
/* Remove a specific breakpoint by reference.  */
436
void cpu_breakpoint_remove_by_ref(CPUState *cpu, CPUBreakpoint *bp)
437
{
438
    QTAILQ_REMOVE(&cpu->breakpoints, bp, entry);
439

440
    trace_breakpoint_remove(cpu->cpu_index, bp->pc, bp->flags);
441
    g_free(bp);
442
}
443

444
/* Remove all matching breakpoints. */
445
void cpu_breakpoint_remove_all(CPUState *cpu, int mask)
446
{
447
    CPUBreakpoint *bp, *next;
448

449
    QTAILQ_FOREACH_SAFE(bp, &cpu->breakpoints, entry, next) {
450
        if (bp->flags & mask) {
451
            cpu_breakpoint_remove_by_ref(cpu, bp);
452
        }
453
    }
454
}
455