OSDN Git Service
Richard Henderson [Fri, 29 Jul 2022 20:19:42 +0000 (13:19 -0700)]
linux-user/riscv: Align signal frame to 16 bytes
Follow the kernel's alignment, as we already noted.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1093
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <
20220729201942.30738-1-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Richard Henderson [Mon, 1 Aug 2022 19:00:08 +0000 (12:00 -0700)]
Merge tag 'pull-target-arm-
20220801' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* Fix KVM SVE ID register probe code
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmLn8rwZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3seqD/sE4YU3qpovlyPhJJWsEFyH
# JRheAwddoj8P/ufOeJVPh85PqGH8zR6MSLSJqzz32ADrN56CFA56c0TRAoL7F6Ru
# iTibwP7hFloDxBCJIYVMZdbSw959LYADYHhdIN7UBkSryCoOC74AraUCwuYqzr9l
# jgh3lnvaH2kj5460XQQYPX4Pkf1jZIV83nhs9kh6GohhuHWtyz9UucDe8VcgMyl2
# 9jn7aobLWXI1LJyWTNYJHxQacGn4HK4HbVHczDRgf9PzmjliiTltGvol+T1XGyha
# TGHXMNnMTRbWFz7LCENfEYhup5ScuZbBr5fWh4sBveodczgOActNwmFuy1sempWo
# Cnzy/rwcNREj6EXoKvUkpATKuls9rtH9U4927mesxrk9S3bRJXU4C/EgpAn3qIBZ
# 1iFTgSq7eqX+BaYmG1/dtEK+vFX6mhpmKCMhQyRtSFHHibovvlANaNhOHgnPnS0m
# +Bb1pioolo31LLLxBpByOX/MxnXbG+GBnn2kmqX9MLkqamrYQq4g+ITUZcrLReId
# HmvBtYENoiXfReuvT/zRH1nBax97dKrluOgejco2bJrhiYaDgJ94jDMegdoR9mSl
# W/G3QHq18PJ5YOkrjmTn6IFjYNozLEvVqn5VwGXr6QZFxBuivAUoxOELrGULSlba
# OPTBWo2kAbJ8FvKOr3RzhQ==
# =hkV8
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 01 Aug 2022 08:35:24 AM PDT
# gpg: using RSA key
E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
* tag 'pull-target-arm-
20220801' of https://git.linaro.org/people/pmaydell/qemu-arm:
target/arm: Move sve probe inside kvm >= 4.15 branch
target/arm: Set KVM_ARM_VCPU_SVE while probing the host
target/arm: Use kvm_arm_sve_supported in kvm_arm_get_host_cpu_features
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Mon, 1 Aug 2022 17:22:00 +0000 (10:22 -0700)]
Merge tag 'pull-request-2022-08-01' of https://gitlab.com/thuth/qemu into staging
- Some fixes for various tests
- Improve wordings in some files
# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmLn6aYRHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbWekg/+NVIT1jp3tcbfPIE6pB0vI/AhqN3i2hUd
# zfJ4V3rSe5tg54JpmuuSt542mp4BDM9bPfYcY/DYESWEtW0c9wv80iP/5LFdJF0G
# GYtk7Q4pRXvB32kF0v9OxjCEGPUeEqSRrDrsI/Ify5evEIhr55oHPnDjN/US1Bx+
# TIuVfmyz8jhSPHsUvZzfVyFxkHre1+BWDxgM3zxoHFIaWEscIPE1KhwRILbKIxWx
# MHpL8JLAneGFwljQoUAMCl7GzHkVna59RhqkbBJ+8iTaNGipQj9FhHZBo2CulO0J
# SR7scWowYN8Jt2FNMe3tcKM2xQn/2Fg2TEK4sp6q+hCXhJuvFfWFHBiFYTNpagFA
# LGgZmPfDr4uZtMEqY4AdEZdL14YZcoM9E/RpW7GhSvMHy73wOj16O8luH1bU0jtG
# 6X1VvAZlw8/Son1Tbq2CC6WejlMfJFXSzF6Fy6M7SflMPW44vJOs5uKdW405MYjE
# Pksbfz1rwoNfK+1qBNQop7SccgDRvPtlLf3lDAU9V/JHWVEITs1KTfyS+46U8jKA
# 9SVBzKuTpVd+aXvMgvMAmmqnyvUBPHJ9KcFq4vHNbIETsGaQsXu0Q6waBmpcK8YB
# KUL/g0EsdfhkpVVgKYZ4Bzj7shG6SKTdwc/lUcOt+wQuDrZZzaC+A2cu/6ReQN6T
# BIHtoaxTz8E=
# =K6RW
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 01 Aug 2022 07:56:38 AM PDT
# gpg: using RSA key
27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [undefined]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [undefined]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* tag 'pull-request-2022-08-01' of https://gitlab.com/thuth/qemu:
tests/qtest/migration-test: Run the dirty ring tests only with the x86 target
trivial: Fix duplicated words
misc: fix commonly doubled up words
tests/unit/test-qga: Replace the word 'blacklist' in the guest agent unit test
migration-test: Allow test to run without uffd
migration-test: Use migrate_ensure_converge() for auto-converge
tests/tcg/linux-test: Fix random hangs in test_socket
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Mon, 1 Aug 2022 15:50:54 +0000 (08:50 -0700)]
Merge tag 'for-qemu-2022-08-01' of github.com:cminyard/qemu into staging
Add a change to make Coverity happy.
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEE/Q1c5nzg9ZpmiCaGYfOMkJGb/4EFAmLn2woACgkQYfOMkJGb
# /4HDxA/9EvFQCSHLrbfp5rR44PQOcLnFOPt5Gq9JUcGZ+6JfsKkEmLMhj004hLlK
# pby6b+dvSPgZr+vzzTeSViQFZqlEv5xK4ItH4Kv9jwigFDxzeiHbygxGdHGjO2so
# eMGhGawCN0/7ElDOMIp7guRdxfy/vv+zK+u6Yod5wbduzQbYz/rVeGF5N6hb7Nkn
# lM8+W+Uz1StatOj83m1K0YNWZSvQ3zKG2Oc0zSJAjvDCZr89ifJRJkp+U+GrM/Hw
# 1gFI5Jtm7THPfuzUm5popnOtD5sae6lx0r1JNFSmX+5/IpcTu+7UqJQi0ANLiJeq
# 2Fm4SOv6CqmDBtZY6KIfXkdZouKhunlUv/wEfAc2geZHSMNzn7LDAMNcLfjDZG1A
# PFTKyv1Spn1d7BI5aqnLvY39yojYYg8SY6uiRRLPd6xNIivsywg9fZN7XRRY7L6h
# VeIYxo65z4kjfTpx2tdspdUngKGheH/IOARLkkR/Xvx7acV9LC9Af0HEJz/IJxXY
# WYdsmzsDCVtphBRVUIxiWIgR5qk73rnDzYEkjevK8JzZUFf6qoTUlLcL0zpJqP1A
# 1J56MoHBzmsVZLuJl+jf6UrBfyDPFAsarERKlfh1H0/DySz1JutqVascPnh2ZPQz
# hx+Ye3xj69cg7a35Vb4cEjAu96ngeYE5a7isamyaYuBQ/ixmYTE=
# =97ZM
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 01 Aug 2022 06:54:18 AM PDT
# gpg: using RSA key
FD0D5CE67CE0F59A6688268661F38C90919BFF81
# gpg: Good signature from "Corey Minyard <cminyard@mvista.com>" [unknown]
# gpg: aka "Corey Minyard <minyard@acm.org>" [unknown]
# gpg: aka "Corey Minyard <corey@minyard.net>" [unknown]
# gpg: aka "Corey Minyard <minyard@mvista.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FD0D 5CE6 7CE0 F59A 6688 2686 61F3 8C90 919B FF81
* tag 'for-qemu-2022-08-01' of github.com:cminyard/qemu:
ipmi:smbus: Add a check around a memcpy
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Mon, 1 Aug 2022 15:21:18 +0000 (16:21 +0100)]
target/arm: Move sve probe inside kvm >= 4.15 branch
The test for the IF block indicates no ID registers are exposed, much
less host support for SVE. Move the SVE probe into the ELSE block.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20220726045828.53697-4-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Mon, 1 Aug 2022 15:21:18 +0000 (16:21 +0100)]
target/arm: Set KVM_ARM_VCPU_SVE while probing the host
Because we weren't setting this flag, our probe of ID_AA64ZFR0
was always returning zero. This also obviates the adjustment
of ID_AA64PFR0, which had sanitized the SVE field.
The effects of the bug are not visible, because the only thing that
ID_AA64ZFR0 is used for within qemu at present is tcg translation.
The other tests for SVE within KVM are via ID_AA64PFR0.SVE.
Reported-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20220726045828.53697-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Richard Henderson [Mon, 1 Aug 2022 15:21:17 +0000 (16:21 +0100)]
target/arm: Use kvm_arm_sve_supported in kvm_arm_get_host_cpu_features
Indication for support for SVE will not depend on whether we
perform the query on the main kvm_state or the temp vcpu.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20220726045828.53697-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Thomas Huth [Mon, 1 Aug 2022 11:17:46 +0000 (13:17 +0200)]
tests/qtest/migration-test: Run the dirty ring tests only with the x86 target
kvm_dirty_ring_supported() only checks whether the dirty ring support
is available on the x86 host, but it ignores whether the target QEMU
architecture is x86 or not. Thus the test_vcpu_dirty_limit() test
currently fails with the assert((strcmp(arch, "x86_64") == 0)) statement
in dirtylimit_start_vm() if the users run e.g. "make check-qtest-aarch64"
on their x86 host. Fix it by only executing the tests when we're running
with a x86_64 target QEMU binary with KVM.
Message-Id: <
20220801114644.208197-1-thuth@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Richard Henderson [Mon, 1 Aug 2022 13:29:49 +0000 (06:29 -0700)]
Merge tag 'nvme-next-pull-request' of git://git.infradead.org/qemu-nvme into staging
hw/nvme fixes
Some fixes for hw/nvme ioeventfd support.
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmLnpQ4ACgkQTeGvMW1P
# Delnywf/fM7Qp5WMR0ExHqVuKfpN1EBK8C6wa3xp7EI0pCDP50ZwJfcMmeZOhDAe
# 3KXdNTXV43cxygkdzG/uxh7j26Zq8zGzcf1RVLAIUqzL9wTkoFcJ4+aIuzlV4wjU
# oS1jK+pItJ9/Kb9SeavVGOzTzyBzs2G9odRvjyjGrwrEfpEBEtncwfXAK7mPqt1V
# TNDR0M0qJ9Bheaoqs7miqa4zOevtKKp3pPeG0n2BOhWromGx6MbeHwTuNg96zR0+
# VXuEmUyj8r6ezKmQdgnJPoqFCwEJI0iBGPSKhpIp3EGrkAww2IuBAN8C4bo03Bzq
# Fj3pne5Sr9iBV/nhz9vN267STQzdsw==
# =AL7y
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 01 Aug 2022 03:03:58 AM PDT
# gpg: using RSA key
522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg: aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468 4272 63D5 6FC5 E55D A838
# Subkey fingerprint: 5228 33AA 75E2 DCE6 A247 66C0 4DE1 AF31 6D4F 0DE9
* tag 'nvme-next-pull-request' of git://git.infradead.org/qemu-nvme:
hw/nvme: do not enable ioeventfd by default
hw/nvme: unregister the event notifier handler on the main loop
hw/nvme: skip queue processing if notifier is cleared
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Corey Minyard [Sun, 31 Jul 2022 22:58:09 +0000 (17:58 -0500)]
ipmi:smbus: Add a check around a memcpy
In one case:
memcpy(sid->inmsg + sid->inlen, buf, len);
if len == 0 then sid->inmsg + sig->inlen can point to one past the inmsg
array if the array is full. We have to allow len == 0 due to some
vagueness in the spec, but we don't have to call memcpy.
Found by Coverity. This is not a problem in practice, but the results
are technically (maybe) undefined. So make Coverity happy.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Klaus Jensen [Thu, 28 Jul 2022 06:34:21 +0000 (08:34 +0200)]
hw/nvme: do not enable ioeventfd by default
Do not enable ioeventfd by default. Let the feature mature a bit before
we consider enabling it by default.
Fixes:
2e53b0b45024 ("hw/nvme: Use ioeventfd to handle doorbell updates")
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Jinhao Fan <fanjinhao21s@ict.ac.cn>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Klaus Jensen [Thu, 28 Jul 2022 06:48:51 +0000 (08:48 +0200)]
hw/nvme: unregister the event notifier handler on the main loop
Make sure the notifier handler is unregistered in the main loop prior to
cleaning it up.
Fixes:
2e53b0b45024 ("hw/nvme: Use ioeventfd to handle doorbell updates")
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Jinhao Fan <fanjinhao21s@ict.ac.cn>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Klaus Jensen [Thu, 28 Jul 2022 06:36:07 +0000 (08:36 +0200)]
hw/nvme: skip queue processing if notifier is cleared
While it is safe to process the queues when they are empty, skip it if
the event notifier callback was invoked spuriously.
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Jinhao Fan <fanjinhao21s@ict.ac.cn>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Thomas Huth [Fri, 22 Jul 2022 14:35:21 +0000 (16:35 +0200)]
trivial: Fix duplicated words
Some files wrongly contain the same word twice in a row.
One of them should be removed or replaced.
Message-Id: <
20220722145859.
1952732-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Daniel P. Berrangé [Thu, 7 Jul 2022 16:37:15 +0000 (17:37 +0100)]
misc: fix commonly doubled up words
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <
20220707163720.
1421716-5-berrange@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Wed, 27 Jul 2022 08:39:13 +0000 (10:39 +0200)]
tests/unit/test-qga: Replace the word 'blacklist' in the guest agent unit test
Let's use better, more inclusive wording here.
Message-Id: <
20220727092135.302915-4-thuth@redhat.com>
Reviewed-by: Konstantin Kostiuk <kkostiuk@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Peter Xu [Thu, 28 Jul 2022 13:35:16 +0000 (09:35 -0400)]
migration-test: Allow test to run without uffd
We used to stop running all tests if uffd is not detected. However
logically that's only needed for postcopy not the rest of tests.
Keep running the rest when still possible.
Signed-off-by: Peter Xu <peterx@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-Id: <
20220728133516.92061-3-peterx@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Peter Xu [Thu, 28 Jul 2022 13:35:15 +0000 (09:35 -0400)]
migration-test: Use migrate_ensure_converge() for auto-converge
Thomas reported that auto-converge test will timeout on MacOS CI gatings.
Use the migrate_ensure_converge() helper too in the auto-converge as when
Daniel reworked the other test cases.
Since both max_bandwidth / downtime_limit will not be used for converge
calculations, make it simple by removing the remaining check, then we can
completely remove both variables altogether, since migrate_ensure_converge
is used the remaining check won't make much sense anyway.
Reported-by: Thomas Huth <thuth@redhat.com>
Suggested-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <
20220728133516.92061-2-peterx@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Ilya Leoshkevich [Mon, 25 Jul 2022 14:42:51 +0000 (16:42 +0200)]
tests/tcg/linux-test: Fix random hangs in test_socket
test_socket hangs randomly in connect(), especially when run without
qemu. Apparently the reason is that linux started treating backlog
value of 0 literally instead of rounding it up since v4.4 (commit
ef547f2ac16b).
So set it to 1 instead.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <
20220725144251.192720-1-iii@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Richard Henderson [Mon, 1 Aug 2022 04:38:53 +0000 (21:38 -0700)]
Merge tag 'pull-hex-
20220731' of https://github.com/quic/qemu into staging
Hexagon bug fixes and test improvements
1) Fixes a bug in qemu-hexagon
2) Fixes a bug in a test case
3) Adds reference file for float_convd test case
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEENjXHiM5iuR/UxZq0ewJE+xLeRCIFAmLnDw8ACgkQewJE+xLe
# RCIwVgf/bPvX2cbmAECNJ5y/Galy5n1sMttwyrlwR4VVf8jQbCESDritIiWVn5gw
# zvM1Ba4MGH6YSkr/1Om7kBkEp+hqX5eDpUW1Q1qFa6SyF3oIu25MVBq8fkrrU1+f
# kJcTKdW7eQ2TfGupUW6Dj/QdoVknBnoIPk7T9lkT/qtmn9YwDyrqDSFnJTgVbrAv
# W/gGFzT4HskKuJ5Fy0wzeca7BfR9fl8rencuqyUfDehLk5hbjiR9vGG9Xt1mJyae
# LRFaqdy4/OsZHAVad4fnSOvYJp7EN4fR7zmkRfPi7kTNwnQ6ewBOZnUUoK3VQ0bk
# TViBl7kNjxdcO4DFjBeLYJUGxVUoww==
# =a+hi
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 31 Jul 2022 04:23:59 PM PDT
# gpg: using RSA key
3635C788CE62B91FD4C59AB47B0244FB12DE4422
# gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3635 C788 CE62 B91F D4C5 9AB4 7B02 44FB 12DE 4422
* tag 'pull-hex-
20220731' of https://github.com/quic/qemu:
Hexagon (tests/tcg/hexagon) reference file for float_convd
Hexagon (tests/tcg/hexagon) Fix alignment in load_unpack.c
Hexagon (target/hexagon) make VyV operands use a unique temp
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Taylor Simpson [Mon, 18 Jul 2022 23:03:20 +0000 (16:03 -0700)]
Hexagon (tests/tcg/hexagon) reference file for float_convd
The test is in tests/tcg/multiarch/float_convd.c
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220718230320.24444-4-tsimpson@quicinc.com>
Taylor Simpson [Mon, 18 Jul 2022 23:03:19 +0000 (16:03 -0700)]
Hexagon (tests/tcg/hexagon) Fix alignment in load_unpack.c
The increment used in :brev tests was causing unaligned addresses
Change the increment and the relevant expected values
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220718230320.24444-3-tsimpson@quicinc.com>
Taylor Simpson [Mon, 18 Jul 2022 23:03:18 +0000 (16:03 -0700)]
Hexagon (target/hexagon) make VyV operands use a unique temp
VyV operand is only used in the vshuff and vdeal instructions. These
instructions write to both VyV and VxV operands. In the case where
both operands are the same register, we need a separate location for
VyV. We use the existing vtmp field in CPUHexagonState.
Test case added in tests/tcg/hexagon/hvx_misc.c
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220718230320.24444-2-tsimpson@quicinc.com>
Richard Henderson [Sat, 30 Jul 2022 00:39:17 +0000 (17:39 -0700)]
Merge tag 'pull-la-
20220729' of https://gitlab.com/rth7680/qemu into staging
Rename ls7a to virt, when it's board not chipset related.
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmLkfO8dHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9UvAgAud1jhWBalaON0be6
# tC3UMB2Xe5Dzgm5yiLC7EspHci/HB/kSqbeXY436/hbU9iBXGEZkuTeQ1BX41Aq8
# D8LBzFAr35uySD5wfZbDdpefCvuBiDcb1SMpNXLC4I3zJj0Euj96j/IewIeJfGrc
# 0ZkJSq4jAOuPaU0NB1+Wmb9UsoMWhHQQOcIdz8ZpR0hjuU8yz7xAEGQosJNh/Acq
# Fdm6jDCOH4KY+uw/6dKF9poeSqpBDz3rCLicNNk6D+btDQybb2NzaVHE5ApLGRbW
# T0MnOf1ERoWTubAbJasKR/ODCt6Jby3kC9lZFsfOAqKjRXMYL/HexdJcM2UqKE9W
# E0aFjQ==
# =c3v3
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 29 Jul 2022 05:35:59 PM PDT
# gpg: using RSA key
7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]
* tag 'pull-la-
20220729' of https://gitlab.com/rth7680/qemu:
hw/loongarch: Change macro name 'LS7A_XXX' to 'VIRT_XXX'
hw/loongarch: Rename file 'loongson3.XXX' to 'virt.XXX'
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Xiaojuan Yang [Fri, 29 Jul 2022 07:30:18 +0000 (15:30 +0800)]
hw/loongarch: Change macro name 'LS7A_XXX' to 'VIRT_XXX'
Change macro name 'LS7A_XXX' to 'VIRT_XXX', as the loongarch
virt machinue use the GPEX bridge instead of LS7A bridge. So
the macro name should keep consistency.
Signed-off-by: Xiaojuan Yang <yangxiaojuan@loongson.cn>
Message-Id: <
20220729073018.27037-3-yangxiaojuan@loongson.cn>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Xiaojuan Yang [Fri, 29 Jul 2022 07:30:17 +0000 (15:30 +0800)]
hw/loongarch: Rename file 'loongson3.XXX' to 'virt.XXX'
1. Rename 'loongson3.c' to 'virt.c' and change the meson.build file.
2. Rename 'loongson3.rst' to 'virt.rst'.
Signed-off-by: Xiaojuan Yang <yangxiaojuan@loongson.cn>
Message-Id: <
20220729073018.27037-2-yangxiaojuan@loongson.cn>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Yonggang Luo [Thu, 28 Jul 2022 20:04:22 +0000 (04:04 +0800)]
ci: Upgrade msys2 release to
20220603
Signed-off-by: Yonggang Luo <luoyonggang@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Message-Id: <
20220728200422.1502-1-luoyonggang@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Fri, 29 Jul 2022 15:38:45 +0000 (08:38 -0700)]
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* Misc build system bugfixes
* Fix CGA 2-color graphics
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmLj1BYUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroO1nQgAoKoT4oiRrHGRPRav5FVHedeVoLgn
# QXqdiB90xB4uoxeCqqEWWdQ/yuGkCrhrBYqlJynM7BLj0ujqsxw5MHsmcN4MKwVH
# 9hQQDegpzRcN8yY9/t4vBqxS66Z6Pj8zVTq58FkyTsE5yusayoT2gXINb/Y6iEnm
# sff46kgnXmx0+QiEVkzfuQk4Q4orih554GquOiUUrT0QfVgkTmZr3EIjU0x6urU9
# 9Pnr20GB4iK4IdqcDT1y/7viHhRLwzONO/6+7dmod82cxWVwIR3WZlonqOsWBS/F
# Vw6iVWquC7vMm7eS9mh2bZZSkXkczcdegKVE5O4WgpdqXmad4sJtWBgT5g==
# =q27Q
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 29 Jul 2022 05:35:34 AM PDT
# gpg: using RSA key
F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [undefined]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
configure: pass correct cflags to container-based cross compilers
kvm: don't use perror() without useful errno
configure: Fix ppc container_cross_cc substitution
stubs: update replay-tools to match replay.h types
vga: fix incorrect line height in 640x200x2 mode
ui: dbus-display requires CONFIG_GBM
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Fri, 29 Jul 2022 12:13:59 +0000 (05:13 -0700)]
Merge tag 'pull-testing-next-290722-1' of https://github.com/stsquad/qemu into staging
Testing, semihosting and doc fixes:
- update to latest libvirt-ci
- echo testlog.txt on failed cirrus runs
- drop containers-layer2 stage
- update handling of symlinks on windows builds
- return 0 for failure of semihosting console write
- don't copy unused buffer after semihost operation
- check for errors in semihosting args
- fix buffer handling for semihosting TMPNAM
- add qapi exit-failure PanicAction
- add lowcore unaligned access test to s390x
- fix documentation of OBJECT_DECLARE_SIMPLE_TYPE
- expand documentation on booting code
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmLjoIQACgkQ+9DbCVqe
# KkSLyAf7Byt1jeIHCYYYqOPj8+Zx+kJXgWr59wMRSDFLwd0wWeFkgQhxriSlSUAl
# oVOTP8fkczeaMKPhp7CJnqpcQuZzD6iaK9hg/hNzKy0gTQbJgFRtTSP7c0E0iak5
# ZfDX5h+BRSAoeDo3I+ulj/bLKlj+KbxRWGf+y4K9rRGHKcTJUbcpkZ7aQlK5J6UD
# nqjkrvgnNWslxhdRSI6+2KPzkYaOmbiyPIVGOiBvmyv0N+NuazPvFMp2mFGH25kB
# XGsU5zxmm8IskxLGHHFvlwIM19SwB/2vArLtyaTVEPbLDhvdENePrPSL1Lr2BA/A
# yStVAvAnyy7Cdr8YmRCAGm3qnY61dg==
# =57ZK
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 29 Jul 2022 01:55:32 AM PDT
# gpg: using RSA key
6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-testing-next-290722-1' of https://github.com/stsquad/qemu:
qemu-options: bring the kernel and image options together
docs/devel: fix description of OBJECT_DECLARE_SIMPLE_TYPE
tests/tcg/s390x: Test unaligned accesses to lowcore
qapi: Add exit-failure PanicAction
semihosting: Fix handling of buffer in TARGET_SYS_TMPNAM
semihosting: Check for errors on SET_ARG()
semihosting: Don't copy buffer after console_write()
semihosting: Don't return negative values on qemu_semihosting_console_write() failure
.gitlab-ci.d/windows.yml: Enable native Windows symlink
.cirrus.yml: Change winsymlinks to 'native'
gitlab: drop 'containers-layer2' stage
gitlab: show testlog.txt contents when cirrus/custom-runner jobs fail
tests: refresh to latest libvirt-ci module
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Alex Bennée [Mon, 25 Jul 2022 14:05:20 +0000 (15:05 +0100)]
qemu-options: bring the kernel and image options together
How to control the booting of QEMU is often a source of confusion for
users. Bring the options that control this together in the manual
pages and add some verbiage to describe when each option is
appropriate. This attempts to codify some of the knowledge expressed
in:
https://stackoverflow.com/questions/
58420670/qemu-bios-vs-kernel-vs-device-loader-file/
58434837#
58434837
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <
20220725140520.515340-14-alex.bennee@linaro.org>
Alex Bennée [Mon, 25 Jul 2022 14:05:19 +0000 (15:05 +0100)]
docs/devel: fix description of OBJECT_DECLARE_SIMPLE_TYPE
Since
30b5707c26 (qom: Remove module_obj_name parameter from
OBJECT_DECLARE* macros) we don't need the additional two parameters.
Fix the documentation.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <
20220725140520.515340-13-alex.bennee@linaro.org>
Ilya Leoshkevich [Mon, 25 Jul 2022 22:37:46 +0000 (00:37 +0200)]
tests/tcg/s390x: Test unaligned accesses to lowcore
Add a small test to avoid regressions.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <
20220725223746.227063-3-iii@linux.ibm.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Ilya Leoshkevich [Mon, 25 Jul 2022 22:37:45 +0000 (00:37 +0200)]
qapi: Add exit-failure PanicAction
Currently QEMU exits with code 0 on both panic an shutdown. For tests
it is useful to return 1 on panic, so that it counts as a test
failure.
Introduce a new exit-failure PanicAction that makes main() return
EXIT_FAILURE. Tests can use -action panic=exit-failure option to
activate this behavior.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <
20220725223746.227063-2-iii@linux.ibm.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Peter Maydell [Mon, 25 Jul 2022 14:05:16 +0000 (15:05 +0100)]
semihosting: Fix handling of buffer in TARGET_SYS_TMPNAM
The TARGET_SYS_TMPNAM implementation has two bugs spotted by
Coverity:
* confusion about whether 'len' has the length of the string
including or excluding the terminating NUL means we
lock_user() len bytes of memory but memcpy() len + 1 bytes
* In the error-exit cases we forget to free() the buffer
that asprintf() returned to us
Resolves: Coverity CID
1490285,
1490289
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220719121110.225657-5-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20220725140520.515340-10-alex.bennee@linaro.org>
Peter Maydell [Mon, 25 Jul 2022 14:05:15 +0000 (15:05 +0100)]
semihosting: Check for errors on SET_ARG()
The SET_ARG() macro returns an error indication; we check this in the
TARGET_SYS_GET_CMDLINE case but not when we use it in implementing
TARGET_SYS_ELAPSED. Check for and handle the errors via the do_fault
codepath, and update the comment documenting the SET_ARG() and
GET_ARG() macros to note how they handle memory access errors.
Resolves: Coverity CID
1490287
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220719121110.225657-4-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20220725140520.515340-9-alex.bennee@linaro.org>
Peter Maydell [Mon, 25 Jul 2022 14:05:14 +0000 (15:05 +0100)]
semihosting: Don't copy buffer after console_write()
The console_write() semihosting function outputs guest data from a
buffer; it doesn't update that buffer. It therefore doesn't need to
pass a length value to unlock_user(), but can pass 0, meaning "do not
copy any data back to the guest memory".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220719121110.225657-3-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20220725140520.515340-8-alex.bennee@linaro.org>
Peter Maydell [Mon, 25 Jul 2022 14:05:13 +0000 (15:05 +0100)]
semihosting: Don't return negative values on qemu_semihosting_console_write() failure
The documentation comment for qemu_semihosting_console_write() says
* Returns: number of bytes written -- this should only ever be short
* on some sort of i/o error.
and the callsites rely on this. However, the implementation code
path which sends console output to a chardev doesn't honour this,
and will return negative values on error. Bring it into line with
the other implementation codepaths and the documentation, so that
it returns 0 on error.
Spotted by Coverity, because console_write() passes the return value
to unlock_user(), which doesn't accept a negative length.
Resolves: Coverity CID
1490288
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220719121110.225657-2-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <
20220725140520.515340-7-alex.bennee@linaro.org>
Bin Meng [Mon, 25 Jul 2022 14:05:12 +0000 (15:05 +0100)]
.gitlab-ci.d/windows.yml: Enable native Windows symlink
The following error message was seen during the configure:
"ln: failed to create symbolic link
'x86_64-softmmu/qemu-system-x86_64.exe': No such file or directory"
By default the MSYS environment variable is not defined, so the runtime
behavior of winsymlinks is: if <target> does not exist, 'ln -s' fails.
At the configure phase, the qemu-system-x86_64.exe has not been built
so creation of the symbolic link fails hence the error message.
Set winsymlinks to 'native' whose behavior is most similar to the
behavior of 'ln -s' on *nix, that is:
a) if native symlinks are enabled, and whether <target> exists
or not, creates <destination> as a native Windows symlink;
b) else if native symlinks are not enabled, and whether <target>
exists or not, 'ln -s' creates as a Windows shortcut file.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20220725123000.807608-1-bmeng.cn@gmail.com>
Message-Id: <
20220725140520.515340-6-alex.bennee@linaro.org>
Bin Meng [Mon, 25 Jul 2022 14:05:11 +0000 (15:05 +0100)]
.cirrus.yml: Change winsymlinks to 'native'
At present winsymlinks is set to 'nativestrict', and its behavior is:
a) if native symlinks are enabled and <target> exists, creates
<destination> as a native Windows symlink;
b) else if native symlinks are not enabled or if <target> does
not exist, 'ln -s' fails.
This causes the following error message was seen during the configure:
"ln: failed to create symbolic link
'x86_64-softmmu/qemu-system-x86_64.exe': No such file or directory"
Change winsymlinks to 'native' whose behavior is most similar to the
behavior of 'ln -s' on *nix, that is:
a) if native symlinks are enabled, and whether <target> exists
or not, creates <destination> as a native Windows symlink;
b) else if native symlinks are not enabled, and whether <target>
exists or not, 'ln -s' creates as a Windows shortcut file.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Yonggang Luo <luoyonggang@gmail.com>
Message-Id: <
20220719161230.766063-1-bmeng.cn@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20220725140520.515340-5-alex.bennee@linaro.org>
Daniel P. Berrangé [Mon, 25 Jul 2022 14:05:10 +0000 (15:05 +0100)]
gitlab: drop 'containers-layer2' stage
Since we express dependencies via a 'needs' clause, we don't need to
split container builds into separate stages. GitLab happily lets jobs
depend on other jobs in the same stage and will run them when possible.
Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <
20220722130431.
2319019-4-berrange@redhat.com>
[AJB: fix typo]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <
20220725140520.515340-4-alex.bennee@linaro.org>
Daniel P. Berrangé [Mon, 25 Jul 2022 14:05:09 +0000 (15:05 +0100)]
gitlab: show testlog.txt contents when cirrus/custom-runner jobs fail
When tests fail meson just displays a summary and tells you to look at
the testlog.txt file for details. The native jobs on shared runners
publish testlog.txt as an artifact. For the Cirrus jobs and custom
runner jobs this is not currently possible. The best we can do is cat
the log contents on failure, to give maintainers a fighting chance
of diagnosing the problem.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <
20220722130431.
2319019-3-berrange@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <
20220725140520.515340-3-alex.bennee@linaro.org>
Daniel P. Berrangé [Mon, 25 Jul 2022 14:05:08 +0000 (15:05 +0100)]
tests: refresh to latest libvirt-ci module
Notable changes:
- libvirt-ci source tree was re-arranged, so the script we
run now lives in a bin/ sub-dir
- opensuse 15.2 is replaced by opensuse 15.3
- libslirp is temporarily dropped on opensuse as the
libslirp-version.h is broken
https://bugzilla.opensuse.org/show_bug.cgi?id=
1201551
- The incorrectly named python3-virtualenv module was
changed to python3-venv, but most distros don't need
any package as 'venv' is a standard part of python
- glibc-static was renamed to libc-static, to reflect
fact that it isn't going to be glibc on all distros
- The cmocka/json-c deps that were manually added to
the centos dockerfile and are now consistently added
to all targets
Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <
20220722130431.
2319019-2-berrange@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220725140520.515340-2-alex.bennee@linaro.org>
Paolo Bonzini [Thu, 28 Jul 2022 22:21:32 +0000 (00:21 +0200)]
configure: pass correct cflags to container-based cross compilers
probe_target_compiler returns nonempty $target_cc for installed toolchains
and $container_cross_cc for container-based toolchains. In both cases
however the flags (coming from $cross_cc_cflags_${target_arch}) must be
in $target_cflags.
Therefore, do not clear them prior to returning from probe_target_compiler.
Reported-by: Taylor Simpson <tsimpson@quicinc.com>
Fixes:
92e288fcfb ("build: try both native and cross compilers", 2022-07-08)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cornelia Huck [Thu, 28 Jul 2022 14:24:46 +0000 (16:24 +0200)]
kvm: don't use perror() without useful errno
perror() is designed to append the decoded errno value to a
string. This, however, only makes sense if we called something that
actually sets errno prior to that.
For the callers that check for split irqchip support that is not the
case, and we end up with confusing error messages that end in
"success". Use error_report() instead.
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <
20220728142446.438177-1-cohuck@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Richard Henderson [Thu, 28 Jul 2022 18:39:01 +0000 (11:39 -0700)]
configure: Fix ppc container_cross_cc substitution
When moving this code out of probe_target_compiler(), we failed to adjust
the variable in which the target is located, resulting in e.g.
powerpc64-linux-user-linux-gnu-gcc-10
Fixes:
cd362defbbd ("tests/tcg: merge configure.sh back into main configure script")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220728183901.
1290113-1-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Richard Henderson [Thu, 28 Jul 2022 22:06:42 +0000 (15:06 -0700)]
Merge tag 'pull-ppc-
20220728' of https://gitlab.com/danielhb/qemu into staging
ppc patch queue for 2022-07-28:
Short queue with 2 Coverity fixes and one fix of the
'wait' insns that is causing hangs if the guest kernel uses
the most up to date wait opcode.
- target/ppc:
- implement new wait variants to fix guest hang when using the new opcode
- ppc440_uc: initialize length passed to cpu_physical_memory_map()
- spapr_nvdimm: check if spapr_drc_index() returns NULL
# -----BEGIN PGP SIGNATURE-----
#
# iHUEABYKAB0WIQQX6/+ZI9AYAK8oOBk82cqW3gMxZAUCYuK8VgAKCRA82cqW3gMx
# ZOc7AQDPMsFY9NHNqJ3O0MiX4Qoy8IGUreZ9dzZSS3zT1nxtEAD+Lwl0/aGO+dk+
# +NiIO80A5Agy/0g8PHie4qR3EqHEnwA=
# =Q4eR
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 28 Jul 2022 09:41:58 AM PDT
# gpg: using EDDSA key
17EBFF9923D01800AF2838193CD9CA96DE033164
# gpg: Good signature from "Daniel Henrique Barboza <danielhb413@gmail.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 17EB FF99 23D0 1800 AF28 3819 3CD9 CA96 DE03 3164
* tag 'pull-ppc-
20220728' of https://gitlab.com/danielhb/qemu:
target/ppc: Implement new wait variants
hw/ppc/ppc440_uc: Initialize length passed to cpu_physical_memory_map()
hw/ppc: check if spapr_drc_index() returns NULL in spapr_nvdimm.c
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Nicholas Piggin [Wed, 20 Jul 2022 13:33:52 +0000 (23:33 +1000)]
target/ppc: Implement new wait variants
ISA v2.06 adds new variations of wait, specified by the WC field. These
are not all compatible with the prior wait implementation, because they
add additional conditions that cause the processor to resume, which can
cause software to hang or run very slowly.
At this moment, with the current wait implementation and a pseries guest
using mainline kernel with new wait upcodes [1], QEMU hangs during boot if
more than one CPU is present:
qemu-system-ppc64 -M pseries,x-vof=on -cpu POWER10 -smp 2 -nographic
-kernel zImage.pseries -no-reboot
QEMU will exit (as there's no filesystem) if the test "passes", or hang
during boot if it hits the bug.
ISA v3.0 changed the wait opcode and removed the new variants (retaining
the WC field but making non-zero values reserved).
ISA v3.1 added new WC values to the new wait opcode, and added a PL
field.
This patch implements the new wait encoding and supports WC variants
with no-op implementations, which provides basic correctness as
explained in comments.
[1] https://lore.kernel.org/all/
20220720132132.903462-1-npiggin@gmail.com/
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Víctor Colombo <victor.colombo@eldorado.org.br>
Tested-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <
20220720133352.904263-1-npiggin@gmail.com>
[danielhb: added information about the bug being fixed]
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Claudio Fontana [Mon, 4 Jul 2022 07:58:32 +0000 (09:58 +0200)]
stubs: update replay-tools to match replay.h types
detected with GCC 13 [-Werror=enum-int-mismatch]
Solves Issue #1096.
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Cc: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <
20220704075832.31537-1-cfontana@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Thu, 28 Jul 2022 13:32:18 +0000 (15:32 +0200)]
vga: fix incorrect line height in 640x200x2 mode
When in CGA modes, QEMU wants to ignore the maximum scan field (bits 0..4) of
the maximum scan length register in the CRTC. It is not clear why this is
needed---for example, Bochs ignores bit 7 instead. The issue is that the
CGA modes are not detected correctly, and in particular mode 6 results in
multi_scan==3 according to how SeaBIOS programs it. The right way to check
for CGA graphics modes is to check whether bit 13 of the address is special
cased by the CRT controller to achieve line interleaving, i.e. whether bit 0
of the CRTC mode control register is clear.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1020
Reported-by: Korneliusz Osmenda <korneliuszo@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Peter Maydell [Tue, 26 Jul 2022 18:23:40 +0000 (19:23 +0100)]
hw/ppc/ppc440_uc: Initialize length passed to cpu_physical_memory_map()
In dcr_write_dma(), there is code that uses cpu_physical_memory_map()
to implement a DMA transfer. That function takes a 'plen' argument,
which points to a hwaddr which is used for both input and output: the
caller must set it to the size of the range it wants to map, and on
return it is updated to the actual length mapped. The dcr_write_dma()
code fails to initialize rlen and wlen, so will end up mapping an
unpredictable amount of memory.
Initialize the length values correctly, and check that we managed to
map the entire range before using the fast-path memmove().
This was spotted by Coverity, which points out that we never
initialized the variables before using them.
Fixes: Coverity CID
1487137,
1487150
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <
20220726182341.
1888115-2-peter.maydell@linaro.org>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Daniel Henrique Barboza [Sat, 9 Apr 2022 20:08:56 +0000 (17:08 -0300)]
hw/ppc: check if spapr_drc_index() returns NULL in spapr_nvdimm.c
spapr_nvdimm_flush_completion_cb() and flush_worker_cb() are using the
DRC object returned by spapr_drc_index() without checking it for NULL.
In this case we would be dereferencing a NULL pointer when doing
SPAPR_NVDIMM(drc->dev) and PC_DIMM(drc->dev).
This can happen if, during a scm_flush(), the DRC object is wrongly
freed/released (e.g. a bug in another part of the code).
spapr_drc_index() would then return NULL in the callbacks.
Fixes: Coverity CID
1487108,
1487178
Reviewed-by: Greg Kurz <groug@kaod.org>
Message-Id: <
20220409200856.283076-2-danielhb413@gmail.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Richard Henderson [Thu, 28 Jul 2022 11:40:26 +0000 (04:40 -0700)]
Merge tag 'pull-riscv-to-apply-
20220728' of github.com:alistair23/qemu into staging
Sixth RISC-V PR for QEMU 7.1
This is a PR to go in for RC1. It fixes a segfault that occurs
when using multiple sockets on the RISC-V virt board. It also
includes a small fix to allow both Zmmul and M extensions.
* Allow both Zmmul and M extension
* Fix multi-socket plic configuraiton
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAmLh33AACgkQIeENKd+X
# cFROBQf/QFxHsIX9clpAkHmK220efQ3rjHZtdCqQoCeRZp2EytFS9KZ6iae/BM9r
# 3Z8cZci38kxjqTzsYJLj46yNO3AxHoFsDH41yWTMOsxjVWVlno/06R/C1B4Ek37N
# kZXWKHzqfQvZRJIUAjKfVxaLtw9xRI9xYqWxVngdYSoW3HWHHz5UmA6fFoJ29QiZ
# SKEgxhakrqhvN9GMm1aWGkLN10uD5lFWOBMYdqMVcWq48XSP3Df5FU2Xk0sfegXq
# EqbIYKJL/Q6koyvmdpQz7VmtMAGjMTcmozEH8oN/MuCk7MCLmbloWVl+LF39SeTH
# 3amapiJBtYBOwaNZUpb5TZkv/bEDIw==
# =ip1R
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 27 Jul 2022 05:59:28 PM PDT
# gpg: using RSA key
F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054
* tag 'pull-riscv-to-apply-
20220728' of github.com:alistair23/qemu:
hw/intc: sifive_plic: Fix multi-socket plic configuraiton
RISC-V: Allow both Zmmul and M
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Paolo Bonzini [Thu, 28 Jul 2022 06:41:28 +0000 (08:41 +0200)]
ui: dbus-display requires CONFIG_GBM
Without CONFIG_GBM, compiling dbus-display fails with
../ui/dbus.c: In function ‘dbus_create_context’:
../ui/dbus.c:47:20: error: ‘qemu_egl_rn_ctx’ undeclared (first use in this function); did you mean ‘qemu_egl_init_ctx’?
47 | qemu_egl_rn_ctx);
| ^~~~~~~~~~~~~~~
| qemu_egl_init_ctx
../ui/dbus.c:47:20: note: each undeclared identifier is reported only once for each function it appears in
and many other similar errors, because include/ui/egl-helpers.h only has
these declaration if gbm is found on the system.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1108
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Richard Henderson [Thu, 28 Jul 2022 03:10:15 +0000 (20:10 -0700)]
Merge tag 'pull-block-2022-07-27' of https://gitlab.com/vsementsov/qemu into staging
Block: fix parallels block driver
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEi5wmzbL9FHyIDoahVh8kwfGfefsFAmLhi0cACgkQVh8kwfGf
# efs1Dg/7BwbaJu5uZEGhz3+KBRPk5kdYKX60bOojac27pBTVo4OyiP7QFzBt4c6+
# 4yftT2vD7yTyzKANlmIYBvmjoIEw6eB09gJ5/mnUKgxTAS+thKo0e2v1zdncliy+
# h9SEYRT3RhlePJYSssZx8lW4gfCG2JZi5xSjfqbG50X7I8RgDtMmcj7EUwkvCkaI
# WL3iZIuYPxkfFwbQ/6xVmwc6uE97tWom9Z0iyEgFIhtFGlrgV3zJrDJ2CbOXIbi+
# 9c2j4zmnMUZLwtdT2CFwyvO03iU8eMJxqnt4aSyByOAd/rqko+ugHeE53eZkND0Q
# ci4bFq9XjgxOSsIqHXemIEUnuExhMuw5i7dtwR8w7K5Kwc88/44GTUgCZrPnBLx2
# smGX0g7BiCpNYXA8DkquOsUQf8cS67M3rjdTB6SiMo0KuQHe5O0RDQAwu7f+hnTw
# vEyo8dk4xGqUvqYcOpLLBHDis1lghWwseC5gB/M6Q+KqvDF4WDpIWwPLfR1phJ0L
# kA1M9QO+NAcUtLEuT7N22QU8LMTxAX/hSYpR5Jrt5g3R26h7w7VZEvJbpQaytXTY
# VhDVWAGg9Xn3oxGTEyVqGP3Avik9OeoK9gCFiIyTEOL1jfEXqOsX8V6QkpaKP6c+
# WXWiWfV9A9D7O556Z92hUeDuWhQKb2w1dry2e7DPeSWiUmgHtyY=
# =QfFj
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 27 Jul 2022 12:00:23 PM PDT
# gpg: using RSA key
8B9C26CDB2FD147C880E86A1561F24C1F19F79FB
# gpg: Good signature from "Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>" [unknown]
# gpg: aka "Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8B9C 26CD B2FD 147C 880E 86A1 561F 24C1 F19F 79FB
* tag 'pull-block-2022-07-27' of https://gitlab.com/vsementsov/qemu:
iotests/131: Add parallels regression test
block/parallels: Fix buffer-based write call
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Atish Patra [Sat, 23 Jul 2022 09:03:35 +0000 (02:03 -0700)]
hw/intc: sifive_plic: Fix multi-socket plic configuraiton
Since commit
40244040a7ac, multi-socket configuration with plic is
broken as the hartid for second socket is calculated incorrectly.
The hartid stored in addr_config already includes the offset
for the base hartid for that socket. Adding it again would lead
to segfault while creating the plic device for the virt machine.
qdev_connect_gpio_out was also invoked with incorrect number of gpio
lines.
Fixes:
40244040a7ac (hw/intc: sifive_plic: Avoid overflowing the addr_config buffer)
Signed-off-by: Atish Patra <atishp@rivosinc.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <
20220723090335.671105-1-atishp@rivosinc.com>
[ Changes by AF:
- Change the qdev_connect_gpio_out() numbering
]
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Palmer Dabbelt [Thu, 14 Jul 2022 18:00:33 +0000 (11:00 -0700)]
RISC-V: Allow both Zmmul and M
We got to talking about how Zmmul and M interact with each other
https://github.com/riscv/riscv-isa-manual/issues/869 , and it turns out
that QEMU's behavior is slightly wrong: having Zmmul and M is a legal
combination, it just means that the multiplication instructions are
supported even when M is disabled at runtime via misa.
This just stops overriding M from Zmmul, with that the other checks for
the multiplication instructions work as per the ISA.
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <
20220714180033.22385-1-palmer@rivosinc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Richard Henderson [Wed, 27 Jul 2022 01:03:16 +0000 (18:03 -0700)]
Update version for v7.1.0-rc0 release
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 26 Jul 2022 19:57:20 +0000 (12:57 -0700)]
Merge tag 'for_upstream' of git://git./virt/kvm/mst/qemu into staging
pc,virtio: fixes
Several fixes. From now on, regression fixes only.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# -----BEGIN PGP SIGNATURE-----
#
# iQFDBAABCAAtFiEEXQn9CHHI+FuUyooNKB8NuNKNVGkFAmLgQr8PHG1zdEByZWRo
# YXQuY29tAAoJECgfDbjSjVRpGUUIAKtNhrnKopGm4LlRpx8zN3Jc1Jo0nb648gaM
# Oyi+Pl8+hpESUhaWN10XDk38/QuPQfIFeR2ZhfYjFTRlZE+n3X9LVlwL8ejjP8KH
# AcWm78Ff/SLA45aMKMmw74pvEDNsoPYTp7TrfeIej5ub8BIXr8+8pqDdIR9WwtWO
# PbhLNXkTT2yLEs6jCVT4/dyh7zivSkrY7G/RVmtUaFe3PgY8fdW2z3+Txz7UIMgw
# CQoGuAucCO5ToBbs2CbT0V5yxY6G5VO6Qd8g0PzDW4M6GsY/Xr5QCnyJe0jTW0d6
# Dcc7UZFAzGNzyQCxHCic9xwTO+ZcJPJlH5TwknunxOb9xwCx4Qs=
# =zN41
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 26 Jul 2022 12:38:39 PM PDT
# gpg: using RSA key
5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg: issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [undefined]
# gpg: aka "Michael S. Tsirkin <mst@redhat.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67
# Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469
* tag 'for_upstream' of git://git.kernel.org/pub/scm/virt/kvm/mst/qemu:
hw/virtio/virtio-iommu: Enforce power-of-two notify for both MAP and UNMAP
i386/pc: restrict AMD only enforcing of 1Tb hole to new machine type
i386/pc: relocate 4g start to 1T where applicable
i386/pc: bounds check phys-bits against max used GPA
i386/pc: factor out device_memory base/size to helper
i386/pc: handle unitialized mr in pc_get_cxl_range_end()
i386/pc: factor out cxl range start to helper
i386/pc: factor out cxl range end to helper
i386/pc: factor out above-4g end to an helper
i386/pc: pass pci_hole64_size to pc_memory_init()
i386/pc: create pci-host qdev prior to pc_memory_init()
hw/i386: add 4g boundary start to X86MachineState
hw/cxl: Fix size of constant in interleave granularity function.
hw/i386/pc: Always place CXL Memory Regions after device_memory
hw/machine: Clear out left over CXL related pointer from move of state handling to machines.
acpi/nvdimm: Define trace events for NVDIMM and substitute nvdimm_debug()
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Jean-Philippe Brucker [Mon, 18 Jul 2022 13:56:37 +0000 (14:56 +0100)]
hw/virtio/virtio-iommu: Enforce power-of-two notify for both MAP and UNMAP
Currently we only enforce power-of-two mappings (required by the QEMU
notifier) for UNMAP requests. A MAP request not aligned on a
power-of-two may be successfully handled by VFIO, and then the
corresponding UNMAP notify will fail because it will attempt to split
that mapping. Ensure MAP and UNMAP notifications are consistent.
Fixes:
dde3f08b5cab ("virtio-iommu: Handle non power of 2 range invalidations")
Reported-by: Tina Zhang <tina.zhang@intel.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-Id: <
20220718135636.338264-1-jean-philippe@linaro.org>
Tested-by: Tina Zhang <tina.zhang@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Hanna Reitz [Thu, 14 Jul 2022 13:28:01 +0000 (15:28 +0200)]
iotests/131: Add parallels regression test
Test an allocating write to a parallels image that has a backing node.
Before HEAD^, doing so used to give me a failed assertion (when the
backing node contains only `42` bytes; the results varies with the value
chosen, for `0` bytes, for example, all I get is EIO).
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-Id: <
20220714132801.72464-3-hreitz@redhat.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Hanna Reitz [Thu, 14 Jul 2022 13:28:00 +0000 (15:28 +0200)]
block/parallels: Fix buffer-based write call
Commit
a4072543ccdddbd241d5962d9237b8b41fd006bf has changed the I/O here
from working on a local one-element I/O vector to just using the buffer
directly (using the bdrv_co_pread()/bdrv_co_pwrite() helper functions
introduced shortly before).
However, it only changed the bdrv_co_preadv() call to bdrv_co_pread() -
the subsequent bdrv_co_pwritev() call stayed this way, and so still
expects a QEMUIOVector pointer instead of a plain buffer. We must
change that to be a bdrv_co_pwrite() call.
Fixes:
a4072543ccdddbd241d5962d ("block/parallels: use buffer-based io")
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-Id: <
20220714132801.72464-2-hreitz@redhat.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Richard Henderson [Tue, 26 Jul 2022 15:32:01 +0000 (08:32 -0700)]
Merge tag 'pull-target-arm-
20220726' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* Update Coverity component definitions
* target/arm: Add MO_128 entry to pred_esz_masks[]
* configure: Fix portability issues
* hw/display/bcm2835_fb: Fix framebuffer allocation address
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmLgBfkZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3vFdD/wLVC2gJ4Uxt2Ri5vutF6fl
# RKTNiIhcE/XQNUogQiVIERYJJ9CUOALtg3q/SPCItq0nFgNG4h+sB7Ms+VcYVmNd
# iphbYBF4nFXYsAGlYIiAPU4I5SVnL4ORLMovRmlqMGYO/xlWe4LMIIOI+Iky4z9G
# pgho7n0yuKNPwikFdX1nKH2lYvoh9pn/p8buwre4qg6z/p4XssV295NAWeGvynab
# Sj9cmBvQC9ijKADvWXrfaGbHWQCAOwjRI7su/Ky0QGHjEprBpyCC8QtKEPP0flTh
# ffWCPX/pATwkbOH6m7rVFhIpI0r+6UQaDX/5SWruMNRto6WocNbX3JYT4XzdNln9
# nkVTgqn5PTzfd801RmfhJ/iGV2zf3ZE/Entj3n1RrpxI1gb56Q2tFghJNVgnL4Mq
# eBeODhPUJRqOd2dIcFKQbRhQs4Uaonu4V6QM+F7SekdV7VbU5VbJzB/9IvCkpNJo
# TqHDLp3makEabonal2gucmhxon7+C+4NXv+YMzTQbG2g/lVa4kmXehEA5BDcFScE
# XYKBEXkWsabV2IRVaZybu+0qkD+2PNtWQP3iAqOX8RPCGKieu4fbDTbzaPJAPNTb
# OBgDnzO3tukwI1upHQDIuO06poGfwMjJGKR4IZgCphTzNO7AtzUBFR96wmoaJGfq
# t7VO2lnKf5tGPifFTi/egg==
# =SWMq
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 26 Jul 2022 08:19:21 AM PDT
# gpg: using RSA key
E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
* tag 'pull-target-arm-
20220726' of https://git.linaro.org/people/pmaydell/qemu-arm:
hw/display/bcm2835_fb: Fix framebuffer allocation address
configure: Avoid '==' bashism
configure: Drop dead code attempting to use -msmall-data on alpha hosts
configure: Don't use bash-specific string-replacement syntax
configure: Add braces to clarify intent of $emu[[:space:]]
configure: Add missing POSIX-required space
target/arm: Add MO_128 entry to pred_esz_masks[]
scripts/coverity-scan/COMPONENTS.md: Update slirp component info
scripts/coverity-scan/COMPONENTS.md: Add loongarch component
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Joao Martins [Tue, 19 Jul 2022 17:00:14 +0000 (18:00 +0100)]
i386/pc: restrict AMD only enforcing of 1Tb hole to new machine type
The added enforcing is only relevant in the case of AMD where the
range right before the 1TB is restricted and cannot be DMA mapped
by the kernel consequently leading to IOMMU INVALID_DEVICE_REQUEST
or possibly other kinds of IOMMU events in the AMD IOMMU.
Although, there's a case where it may make sense to disable the
IOVA relocation/validation when migrating from a
non-amd-1tb-aware qemu to one that supports it.
Relocating RAM regions to after the 1Tb hole has consequences for
guest ABI because we are changing the memory mapping, so make
sure that only new machine enforce but not older ones.
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-12-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:13 +0000 (18:00 +0100)]
i386/pc: relocate 4g start to 1T where applicable
It is assumed that the whole GPA space is available to be DMA
addressable, within a given address space limit, except for a
tiny region before the 4G. Since Linux v5.4, VFIO validates
whether the selected GPA is indeed valid i.e. not reserved by
IOMMU on behalf of some specific devices or platform-defined
restrictions, and thus failing the ioctl(VFIO_DMA_MAP) with
-EINVAL.
AMD systems with an IOMMU are examples of such platforms and
particularly may only have these ranges as allowed:
0000000000000000 -
00000000fedfffff (0 .. 3.982G)
00000000fef00000 -
000000fcffffffff (3.983G .. 1011.9G)
0000010000000000 -
ffffffffffffffff (1Tb .. 16Pb[*])
We already account for the 4G hole, albeit if the guest is big
enough we will fail to allocate a guest with >1010G due to the
~12G hole at the 1Tb boundary, reserved for HyperTransport (HT).
[*] there is another reserved region unrelated to HT that exists
in the 256T boundary in Fam 17h according to Errata #1286,
documeted also in "Open-Source Register Reference for AMD Family
17h Processors (PUB)"
When creating the region above 4G, take into account that on AMD
platforms the HyperTransport range is reserved and hence it
cannot be used either as GPAs. On those cases rather than
establishing the start of ram-above-4g to be 4G, relocate instead
to 1Tb. See AMD IOMMU spec, section 2.1.2 "IOMMU Logical
Topology", for more information on the underlying restriction of
IOVAs.
After accounting for the 1Tb hole on AMD hosts, mtree should
look like:
0000000000000000-
000000007fffffff (prio 0, i/o):
alias ram-below-4g @pc.ram
0000000000000000-
000000007fffffff
0000010000000000-
000001ff7fffffff (prio 0, i/o):
alias ram-above-4g @pc.ram
0000000080000000-
000000ffffffffff
If the relocation is done or the address space covers it, we
also add the the reserved HT e820 range as reserved.
Default phys-bits on Qemu is TCG_PHYS_ADDR_BITS (40) which is enough
to address 1Tb (0xff ffff ffff). On AMD platforms, if a
ram-above-4g relocation is attempted and the CPU wasn't configured
with a big enough phys-bits, an error message will be printed
due to the maxphysaddr vs maxusedaddr check previously added.
Suggested-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-11-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:12 +0000 (18:00 +0100)]
i386/pc: bounds check phys-bits against max used GPA
Calculate max *used* GPA against the CPU maximum possible address
and error out if the former surprasses the latter. This ensures
max used GPA is reacheable by configured phys-bits. Default phys-bits
on Qemu is TCG_PHYS_ADDR_BITS (40) which is enough for the CPU to
address 1Tb (0xff ffff ffff) or 1010G (0xfc ffff ffff) in AMD hosts
with IOMMU.
This is preparation for AMD guests with >1010G, where it will want relocate
ram-above-4g to be after 1Tb instead of 4G.
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-10-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:11 +0000 (18:00 +0100)]
i386/pc: factor out device_memory base/size to helper
Move obtaining hole64_start from device_memory memory region base/size
into an helper alongside correspondent getters in pc_memory_init() when
the hotplug range is unitialized. While doing that remove the memory
region based logic from this newly added helper.
This is the final step that allows pc_pci_hole64_start() to be callable
at the beginning of pc_memory_init() before any memory regions are
initialized.
Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-9-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:10 +0000 (18:00 +0100)]
i386/pc: handle unitialized mr in pc_get_cxl_range_end()
Remove pc_get_cxl_range_end() dependency on the CXL memory region,
and replace with one that does not require the CXL host_mr to determine
the start of CXL start.
This in preparation to allow pc_pci_hole64_start() to be called early
in pc_memory_init(), handle CXL memory region end when its underlying
memory region isn't yet initialized.
Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Message-Id: <
20220719170014.27028-8-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:09 +0000 (18:00 +0100)]
i386/pc: factor out cxl range start to helper
Factor out the calculation of the base address of the memory region.
It will be used later on for the cxl range end counterpart calculation
and as well in pc_memory_init() CXL memory region initialization, thus
avoiding duplication.
Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-7-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:08 +0000 (18:00 +0100)]
i386/pc: factor out cxl range end to helper
Move calculation of CXL memory region end to separate helper.
This is in preparation to a future change that removes CXL range
dependency on the CXL memory region, with the goal of allowing
pc_pci_hole64_start() to be called before any memory region are
initialized.
Cc: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-6-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:07 +0000 (18:00 +0100)]
i386/pc: factor out above-4g end to an helper
There's a couple of places that seem to duplicate this calculation
of RAM size above the 4G boundary. Move all those to a helper function.
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-5-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:06 +0000 (18:00 +0100)]
i386/pc: pass pci_hole64_size to pc_memory_init()
Use the pre-initialized pci-host qdev and fetch the
pci-hole64-size into pc_memory_init() newly added argument.
Use PCI_HOST_PROP_PCI_HOLE64_SIZE pci-host property for
fetching pci-hole64-size.
This is in preparation to determine that host-phys-bits are
enough and for pci-hole64-size to be considered to relocate
ram-above-4g to be at 1T (on AMD platforms).
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-4-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:05 +0000 (18:00 +0100)]
i386/pc: create pci-host qdev prior to pc_memory_init()
At the start of pc_memory_init() we usually pass a range of
0..UINT64_MAX as pci_memory, when really its 2G (i440fx) or
32G (q35). To get the real user value, we need to get pci-host
passed property for default pci_hole64_size. Thus to get that,
create the qdev prior to memory init to better make estimations
on max used/phys addr.
This is in preparation to determine that host-phys-bits are
enough and also for pci-hole64-size to be considered to relocate
ram-above-4g to be at 1T (on AMD platforms).
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-3-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Joao Martins [Tue, 19 Jul 2022 17:00:04 +0000 (18:00 +0100)]
hw/i386: add 4g boundary start to X86MachineState
Rather than hardcoding the 4G boundary everywhere, introduce a
X86MachineState field @above_4g_mem_start and use it
accordingly.
This is in preparation for relocating ram-above-4g to be
dynamically start at 1T on AMD platforms.
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <
20220719170014.27028-2-joao.m.martins@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Jonathan Cameron [Fri, 1 Jul 2022 13:23:00 +0000 (14:23 +0100)]
hw/cxl: Fix size of constant in interleave granularity function.
Whilst the interleave granularity is always small enough that this isn't
a real problem (much less than 4GiB) let's change the constant
to ULL to fix the coverity warning.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Fixes:
829de299d1 ("hw/cxl/component: Add utils for interleave parameter encoding/decoding")
Fixes: Coverity CID
1488868
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <
20220701132300.2264-4-Jonathan.Cameron@huawei.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Jonathan Cameron [Fri, 1 Jul 2022 13:22:59 +0000 (14:22 +0100)]
hw/i386/pc: Always place CXL Memory Regions after device_memory
Previously broken_reserved_end was taken into account, but Igor Mammedov
identified that this could lead to a clash between potential RAM being
mapped in the region and CXL usage. Hence always add the size of the
device_memory memory region. This only affects the case where the
broken_reserved_end flag was set.
Fixes:
6e4e3ae936e6 ("hw/cxl/component: Implement host bridge MMIO (8.2.5, table 142)")
Reported-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <
20220701132300.2264-3-Jonathan.Cameron@huawei.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Jonathan Cameron [Fri, 1 Jul 2022 13:22:58 +0000 (14:22 +0100)]
hw/machine: Clear out left over CXL related pointer from move of state handling to machines.
This got left behind in the move of the CXL setup code from core
files to the machines that support it.
Link: https://gitlab.com/qemu-project/qemu/-/commit/1ebf9001fb2701e3c00b401334c8f3900a46adaa
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <
20220701132300.2264-2-Jonathan.Cameron@huawei.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Robert Hoo [Mon, 4 Jul 2022 08:58:52 +0000 (16:58 +0800)]
acpi/nvdimm: Define trace events for NVDIMM and substitute nvdimm_debug()
Signed-off-by: Robert Hoo <robert.hu@linux.intel.com>
Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
Message-Id: <
20220704085852.330005-1-robert.hu@linux.intel.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Alan Jian [Mon, 25 Jul 2022 14:58:39 +0000 (22:58 +0800)]
hw/display/bcm2835_fb: Fix framebuffer allocation address
This patch fixes the dedicated framebuffer mailbox interface by
removing an unneeded offset. This means that we pick the framebuffer
address in the same way that we do if the guest code uses the buffer
allocate mechanism of the bcm2835_property interface (case
0x00040001: /* Allocate buffer */ in bcm2835_property.c).
The documentation of this mailbox interface doesn't say anything
about using parts of the request buffer address to affect the
chosen framebuffer address:
https://github.com/raspberrypi/firmware/wiki/Mailbox-framebuffer-interface
Some baremetal applications like the Screen01/Screen02 examples from
Baking Pi tutorial[1] didn't work before this patch.
[1] https://www.cl.cam.ac.uk/projects/raspberrypi/tutorials/os/screen01.html
Signed-off-by: Alan Jian <alanjian85@outlook.com>
Message-id:
20220725145838.8412-1-alanjian85@outlook.com
[PMM: tweaked commit message]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 20 Jul 2022 15:26:31 +0000 (16:26 +0100)]
configure: Avoid '==' bashism
The '==' operator to test is a bashism; the standard way to copmare
strings is '='. This causes dash to complain:
../../configure: 681: test: linux: unexpected operator
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id:
20220720152631.450903-6-peter.maydell@linaro.org
Peter Maydell [Wed, 20 Jul 2022 15:26:30 +0000 (16:26 +0100)]
configure: Drop dead code attempting to use -msmall-data on alpha hosts
In commit
823eb013452e93d we moved the setting of ARCH from configure
to meson.build, but we accidentally left behind one attempt to use
$ARCH in configure, which was trying to add -msmall-data to the
compiler flags on Alpha hosts. Since ARCH is now never set, the test
always fails and we never add the flag.
There isn't actually any need to use this compiler flag on Alpha:
the original intent was that it would allow us to simplify our TCG
codegen on that platform, but we never actually made the TCG changes
that would rely on -msmall-data.
Drop the effectively-dead code from configure, as we don't need it.
This was spotted by shellcheck:
In ./configure line 2254:
case "$ARCH" in
^---^ SC2153: Possible misspelling: ARCH may not be assigned, but arch is.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id:
20220720152631.450903-5-peter.maydell@linaro.org
Peter Maydell [Wed, 20 Jul 2022 15:26:29 +0000 (16:26 +0100)]
configure: Don't use bash-specific string-replacement syntax
The variable string-replacement syntax ${var/old/new} is a bashism
(though it is also supported by some other shells), and for instance
does not work with the NetBSD /bin/sh, which complains:
../src/configure: 687: Syntax error: Bad substitution
Replace it with a more portable sed-based approach, similar to
what we already do in quote_sh().
Note that shellcheck also diagnoses this:
In ./configure line 687:
e=${e/'\'/'\\'}
^-----------^ SC2039: In POSIX sh, string replacement is undefined.
^-- SC1003: Want to escape a single quote? echo 'This is how it'\''s done'.
^-- SC1003: Want to escape a single quote? echo 'This is how it'\''s done'.
In ./configure line 688:
e=${e/\"/'\"'}
^----------^ SC2039: In POSIX sh, string replacement is undefined.
Fixes:
8154f5e64b0cf ("meson: Prefix each element of firmware path")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-id:
20220720152631.450903-4-peter.maydell@linaro.org
Peter Maydell [Wed, 20 Jul 2022 15:26:28 +0000 (16:26 +0100)]
configure: Add braces to clarify intent of $emu[[:space:]]
In shell script syntax, $var[something] is not special for variable
expansion: $var is expanded. However, as it can look as if it were
intended to be an array element access (the correct syntax for which
is ${var[something]}), shellcheck recommends using explicit braces
around ${var} to clarify the intended expansion.
This fixes the warning:
In ./configure line 2346:
if "$target_ld" -verbose 2>&1 | grep -q "^[[:space:]]*$emu[[:space:]]*$"; then
^-- SC1087: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id:
20220720152631.450903-3-peter.maydell@linaro.org
Peter Maydell [Wed, 20 Jul 2022 15:26:27 +0000 (16:26 +0100)]
configure: Add missing POSIX-required space
In commit
7d7dbf9dc15be6e1 we added a line to the configure script
which is not valid POSIX shell syntax, because it is missing a space
after a '!' character. shellcheck diagnoses this:
if !(GIT="$git" "$source_path/scripts/git-submodule.sh" "$git_submodules_action" "$git_submodules"); then
^-- SC1035: You are missing a required space after the !.
and the OpenBSD shell will not correctly handle this without the space.
Fixes:
7d7dbf9dc15be6e1 ("configure: replace --enable/disable-git-update with --with-git-submodules")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-id:
20220720152631.450903-2-peter.maydell@linaro.org
Peter Maydell [Mon, 18 Jul 2022 10:01:44 +0000 (11:01 +0100)]
target/arm: Add MO_128 entry to pred_esz_masks[]
In commit
7390e0e9ab8475, we added support for SME loads and stores.
Unlike SVE loads and stores, these include handling of 128-bit
elements. The SME load/store functions call down into the existing
sve_cont_ldst_elements() function, which uses the element size MO_*
value as an index into the pred_esz_masks[] array. Because this code
path now has to handle MO_128, we need to add an extra element to the
array.
This bug was spotted by Coverity because it meant we were reading off
the end of the array.
Resolves: Coverity CID
1490539,
1490541,
1490543,
1490544,
1490545,
1490546,
1490548,
1490549,
1490550,
1490551,
1490555,
1490557,
1490558,
1490560,
1490561,
1490563
Fixes:
7390e0e9ab8475 ("target/arm: Implement SME LD1, ST1")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id:
20220718100144.
3248052-1-peter.maydell@linaro.org
Peter Maydell [Mon, 18 Jul 2022 14:23:10 +0000 (15:23 +0100)]
scripts/coverity-scan/COMPONENTS.md: Update slirp component info
Update the regex for the slirp component now that it lives
solely inside /slirp/, and note that it should be ignored in
Coverity analysis (because it's a separate upstream project
now, and they run Coverity on it themselves).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
20220718142310.16013-3-peter.maydell@linaro.org
Peter Maydell [Mon, 18 Jul 2022 14:23:09 +0000 (15:23 +0100)]
scripts/coverity-scan/COMPONENTS.md: Add loongarch component
Add the component regex for the new loongarch target.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id:
20220718142310.16013-2-peter.maydell@linaro.org
Peter Maydell [Tue, 26 Jul 2022 12:29:26 +0000 (13:29 +0100)]
Merge tag 'linux-user-for-7.1-pull-request' of https://gitlab.com/laurent_vivier/qemu into staging
linux-user pull request
20220726
# gpg: Signature made Tue 26 Jul 2022 10:44:29 BST
# gpg: using RSA key
CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg: issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C
* tag 'linux-user-for-7.1-pull-request' of https://gitlab.com/laurent_vivier/qemu:
linux-user: Use target abi_int type for pipefd[1] in pipe()
linux-user: Unconditionally use pipe2() syscall
linux-user/hppa: Fix segfaults on page zero
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 26 Jul 2022 09:31:02 +0000 (10:31 +0100)]
Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging
# gpg: Signature made Tue 26 Jul 2022 09:47:24 BST
# gpg: using RSA key
EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* tag 'net-pull-request' of https://github.com/jasowang/qemu:
vdpa: Fix memory listener deletions of iova tree
vhost: Get vring base from vq, not svq
e1000e: Fix possible interrupt loss when using MSI
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Eugenio Pérez [Fri, 22 Jul 2022 08:26:30 +0000 (10:26 +0200)]
vdpa: Fix memory listener deletions of iova tree
vhost_vdpa_listener_region_del is always deleting the first iova entry
of the tree, since it's using the needle iova instead of the result's
one.
This was detected using a vga virtual device in the VM using vdpa SVQ.
It makes some extra memory adding and deleting, so the wrong one was
mapped / unmapped. This was undetected before since all the memory was
mappend and unmapped totally without that device, but other conditions
could trigger it too:
* mem_region was with .iova = 0, .translated_addr = (correct GPA).
* iova_tree_find_iova returned right result, but does not update
mem_region.
* iova_tree_remove always removed region with .iova = 0. Right iova were
sent to the device.
* Next map will fill the first region with .iova = 0, causing a mapping
with the same iova and device complains, if the next action is a map.
* Next unmap will cause to try to unmap again iova = 0, causing the
device to complain that no region was mapped at iova = 0.
Fixes:
34e3c94edaef ("vdpa: Add custom IOTLB translations to SVQ")
Reported-by: Lei Yang <leiyang@redhat.com>
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Eugenio Pérez [Mon, 18 Jul 2022 12:05:45 +0000 (14:05 +0200)]
vhost: Get vring base from vq, not svq
The SVQ vring used idx usually match with the guest visible one, as long
as all the guest buffers (GPA) maps to exactly one buffer within qemu's
VA. However, as we can see in virtqueue_map_desc, a single guest buffer
could map to many buffers in SVQ vring.
Also, its also a mistake to rewind them at the source of migration.
Since VirtQueue is able to migrate the inflight descriptors, its
responsability of the destination to perform the rewind just in case it
cannot report the inflight descriptors to the device.
This makes easier to migrate between backends or to recover them in
vhost devices that support set in flight descriptors.
Fixes:
6d0b22266633 ("vdpa: Adapt vhost_vdpa_get_vring_base to SVQ")
Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Ake Koomsin [Wed, 20 Jul 2022 11:13:03 +0000 (20:13 +0900)]
e1000e: Fix possible interrupt loss when using MSI
Commit "e1000e: Prevent MSI/MSI-X storms" introduced msi_causes_pending
to prevent interrupt storms problem. It was tested with MSI-X.
In case of MSI, the guest can rely solely on interrupts to clear ICR.
Upon clearing all pending interrupts, msi_causes_pending gets cleared.
However, when e1000e_itr_should_postpone() in e1000e_send_msi() returns
true, MSI never gets fired by e1000e_intrmgr_on_throttling_timer()
because msi_causes_pending is still set. This results in interrupt loss.
To prevent this, we need to clear msi_causes_pending when MSI is going
to get fired by the throttling timer. The guest can then receive
interrupts eventually.
Signed-off-by: Ake Koomsin <ake@igel.co.jp>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Peter Maydell [Mon, 25 Jul 2022 12:49:41 +0000 (13:49 +0100)]
Merge tag 'for-upstream2' of https://gitlab.com/bonzini/qemu into staging
* Bug fixes
* Pass random seed to x86 and other FDT platforms
# gpg: Signature made Fri 22 Jul 2022 18:26:45 BST
# gpg: using RSA key
F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream2' of https://gitlab.com/bonzini/qemu:
hw/i386: pass RNG seed via setup_data entry
hw/rx: pass random seed to fdt
hw/mips: boston: pass random seed to fdt
hw/nios2: virt: pass random seed to fdt
oss-fuzz: ensure base_copy is a generic-fuzzer
oss-fuzz: remove binaries from qemu-bundle tree
accel/kvm: Avoid Coverity warning in query_stats()
docs: Add caveats for Windows as the build platform
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Helge Deller [Sun, 17 Jul 2022 16:21:53 +0000 (18:21 +0200)]
linux-user: Use target abi_int type for pipefd[1] in pipe()
When writing back the fd[1] pipe file handle to emulated userspace
memory, use sizeof(abi_int) as offset insted of the hosts's int type.
There is no functional change in this patch.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <YtQ3Id6z8slpVr7r@p100>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Helge Deller [Tue, 19 Jul 2022 16:20:42 +0000 (18:20 +0200)]
linux-user: Unconditionally use pipe2() syscall
The pipe2() syscall is available on all Linux platforms since kernel
2.6.27, so use it unconditionally to emulate pipe() and pipe2().
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <YtbZ2ojisTnzxN9Y@p100>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Helge Deller [Mon, 18 Jul 2022 16:40:43 +0000 (18:40 +0200)]
linux-user/hppa: Fix segfaults on page zero
This program:
int main(void) { asm("bv %r0(%r0)"); return 0; }
produces on real hppa hardware the expected segfault:
SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x3} ---
killed by SIGSEGV +++
Segmentation fault
But when run on linux-user you get instead internal qemu errors:
ERROR: linux-user/hppa/cpu_loop.c:172:cpu_loop: code should not be reached
Bail out! ERROR: linux-user/hppa/cpu_loop.c:172:cpu_loop: code should not be reached
ERROR: accel/tcg/cpu-exec.c:933:cpu_exec: assertion failed: (cpu == current_cpu)
Bail out! ERROR: accel/tcg/cpu-exec.c:933:cpu_exec: assertion failed: (cpu == current_cpu)
Fix it by adding the missing case for the EXCP_IMP trap in
cpu_loop() and raise a segfault.
Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <YtWNC56seiV6VenA@p100>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Jason A. Donenfeld [Thu, 21 Jul 2022 12:56:36 +0000 (14:56 +0200)]
hw/i386: pass RNG seed via setup_data entry
Tiny machines optimized for fast boot time generally don't use EFI,
which means a random seed has to be supplied some other way. For this
purpose, Linux (≥5.20) supports passing a seed in the setup_data table
with SETUP_RNG_SEED, specially intended for hypervisors, kexec, and
specialized bootloaders. The linked commit shows the upstream kernel
implementation.
At Paolo's request, we don't pass these to versioned machine types ≤7.0.
Link: https://git.kernel.org/tip/tip/c/68b8e9713c8
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Eduardo Habkost <eduardo@habkost.net>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Cc: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <
20220721125636.446842-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jason A. Donenfeld [Tue, 19 Jul 2022 12:20:33 +0000 (14:20 +0200)]
hw/rx: pass random seed to fdt
If the FDT contains /chosen/rng-seed, then the Linux RNG will use it to
initialize early. Set this using the usual guest random number
generation function. This FDT node is part of the DT specification.
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <
20220719122033.135902-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jason A. Donenfeld [Tue, 19 Jul 2022 12:08:43 +0000 (14:08 +0200)]
hw/mips: boston: pass random seed to fdt
If the FDT contains /chosen/rng-seed, then the Linux RNG will use it to
initialize early. Set this using the usual guest random number
generation function. This FDT node is part of the DT specification.
I'd do the same for other MIPS platforms but boston is the only one that
seems to use FDT.
Cc: Paul Burton <paulburton@kernel.org>
Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <
20220719120843.134392-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Jason A. Donenfeld [Tue, 19 Jul 2022 12:01:13 +0000 (14:01 +0200)]
hw/nios2: virt: pass random seed to fdt
If the FDT contains /chosen/rng-seed, then the Linux RNG will use it to
initialize early. Set this using the usual guest random number
generation function. This FDT node is part of the DT specification.
Cc: Chris Wulff <crwulff@gmail.com>
Cc: Marek Vasut <marex@denx.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <
20220719120113.118034-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Alexander Bulekov [Wed, 20 Jul 2022 18:09:46 +0000 (14:09 -0400)]
oss-fuzz: ensure base_copy is a generic-fuzzer
Depending on how the target list is sorted in by qemu, the first target
(used as the base copy of the fuzzer, to which all others are linked)
might not be a generic-fuzzer. Since we are trying to only use
generic-fuzz, on oss-fuzz, fix that, to ensure the base copy is a
generic-fuzzer.
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <
20220720180946.
2264253-1-alxndr@bu.edu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
OSDN Git Service
