git.osdn.net Git - qmiga/qemu.git/log

plugins/cache: make L2 emulation optional through args

By default L2 is not enabled and is enabled by either using the
newly-introduced "l2" boolean argument, or by setting any of the L2
cache parameters using args. On specifying "l2=on", the default cache
configuration is used.

Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210810134844.166490-5-ma.mandourr@gmail.com>
Message-Id: <20211026102234.3961636-17-alex.bennee@linaro.org>

plugins/cache: split command line arguments into name and value

This way of handling args is more lenient and sets a better framework to
parse boolean command line arguments.

Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210810134844.166490-4-ma.mandourr@gmail.com>
Message-Id: <20211026102234.3961636-16-alex.bennee@linaro.org>

plugins/cache: implement unified L2 cache emulation

This adds an implementation of a simple L2 configuration, in which a
unified L2 cache (stores both blocks of instructions and data) is
maintained for each core separately, with no inter-core interaction
taken in account. The L2 cache is used as a backup for L1 and is only
accessed if the wanted block does not exist in L1.

In terms of multi-threaded user-space emulation, the same approximation
of L1 is done, a static number of caches is maintained, and each and
every memory access initiated by a thread will have to go through one of
the available caches.

An atomic increment is used to maintain the number of L2 misses per
instruction.

The default cache parameters of L2 caches is:

    2MB cache size
    16-way associativity
    64-byte blocks

Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210810134844.166490-3-ma.mandourr@gmail.com>
Message-Id: <20211026102234.3961636-15-alex.bennee@linaro.org>

plugins/cache: freed heap-allocated mutexes

Signed-off-by: Mahmoud Mandour <ma.mandourr@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210810134844.166490-2-ma.mandourr@gmail.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211026102234.3961636-14-alex.bennee@linaro.org>

ebpf: really include it only in system emulators

eBPF libraries are being included in user emulators, which is useless and
also breaks --static compilation if a shared library for libbpf is
present in the system.

Reported-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211012162252.263933-1-pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-bt: Warner Losh <imp@bsdimp.com>
Message-Id: <20211026102234.3961636-13-alex.bennee@linaro.org>

tests/tcg: enable debian-nios2-cross for test building

Now we have a nios2 test image we can start using it to build tests.
However signal handling in nios2 is still broken so we disable the
signals and linux-test tests that trigger the bug.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211026102234.3961636-12-alex.bennee@linaro.org>

tests/docker: split PARTIAL into PARTIAL and VIRTUAL images

This is mostly to ensure we don't include the toolchain and bootstrap
builds in DOCKER_IMAGES which is useful when verifying all images
still build.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211026102234.3961636-10-alex.bennee@linaro.org>

tests/tcg: Fix some targets default cross compiler path

We do not want a shell command substitution, but a parameter
substitution (with assignment). Replace $() -> ${}, otherwise
the expanded command return an empty string and the $cross_cc
variable is not set.

Fixes: 634ef789f8e ("tests/tcg: add more default compilers to configure.sh")
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[AJB: disable sh4 linux-test]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211023164329.328137-1-f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211026102234.3961636-9-alex.bennee@linaro.org>

tests/tcg: Enable container_cross_cc for microblaze

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211014224435.2539547-8-richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211026102234.3961636-8-alex.bennee@linaro.org>

tests/docker: Add debian-microblaze-cross image

Build the entire cross tool chain from source.
For this reason, default to caching.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
[AJB: Update MAINTAINERS]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211014224435.2539547-7-richard.henderson@linaro.org>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211026102234.3961636-7-alex.bennee@linaro.org>

tests/docker: Add debian-nios2-cross image

Build the entire cross tool chain from source.
For this reason, default to caching.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
[AJB: honour NOUSER in cached fetch and build, update MAINTAINERS]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211014224435.2539547-6-richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-Id: <20211026102234.3961636-6-alex.bennee@linaro.org>

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Build system fixes and cleanups
* DMA support in the multiboot option ROM
* Rename default-bus-bypass-iommu
* Deprecate -watchdog and cleanup -watchdog-action
* HVF fix for <PAGE_SIZE regions
* Support TSC scaling for AMD nested virtualization
* Fix for ESP fuzzing bug

# gpg: Signature made Tue 02 Nov 2021 10:57:37 AM EDT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]

* remotes/bonzini/tags/for-upstream: (27 commits)
  configure: fix --audio-drv-list help message
  configure: Remove the check for the __thread keyword
  Move the l2tpv3 test from configure to meson.build
  meson: remove unnecessary coreaudio test program
  meson: remove pointless warnings
  meson.build: Allow to disable OSS again
  meson: bump submodule to 0.59.3
  qtest/am53c974-test: add test for cancelling in-flight requests
  esp: ensure in-flight SCSI requests are always cancelled
  KVM: SVM: add migration support for nested TSC scaling
  hw/i386: fix vmmouse registration
  watchdog: remove select_watchdog_action
  vl: deprecate -watchdog
  watchdog: add information from -watchdog help to -device help
  hw/i386: Rename default_bus_bypass_iommu
  hvf: Avoid mapping regions < PAGE_SIZE as ram
  configure: do not duplicate CPU_CFLAGS into QEMU_LDFLAGS
  configure: remove useless NPTL probe
  target/i386: use DMA-enabled multiboot ROM for new-enough QEMU machine types
  optionrom: add a DMA-enabled multiboot ROM
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/vivier/tags/trivial-branch-for-6.2-pull-request' into staging

Trivial patches branch pull request 20211101 v2

# gpg: Signature made Tue 02 Nov 2021 07:21:44 PM EDT
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]

* remotes/vivier/tags/trivial-branch-for-6.2-pull-request:
  hw/input/lasips2: Fix typos in function names
  MAINTAINERS: Split HPPA TCG vs HPPA machines/hardware
  hw/core/machine: Add the missing delimiter in cpu_slot_to_string()
  monitor: Trim some trailing space from human-readable output

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/rth/tags/pull-arm-20211102-2' into staging

Add nuvoton sd module for NPCM7XX
Add gdb-xml for MVE
More uses of tcg_constant_* in target/arm
Fix parameter naming for default-bus-bypass-iommu
Ignore cache operations to mmio in HVF

# gpg: Signature made Tue 02 Nov 2021 02:23:53 PM EDT
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* remotes/rth/tags/pull-arm-20211102-2:
  hvf: arm: Ignore cache operations on MMIO
  hw/arm/virt: Rename default_bus_bypass_iommu
  target/arm: Use tcg_constant_i32() in gen_rev16()
  target/arm: Use tcg_constant_i64() in do_sat_addsub_64()
  target/arm: Use the constant variant of store_cpu_field() when possible
  target/arm: Introduce store_cpu_field_constant() helper
  target/arm: Use tcg_constant_i32() in op_smlad()
  target/arm: Advertise MVE to gdb when present
  tests/qtest/libqos: add SDHCI commands
  hw/arm: Attach MMC to quanta-gbs-bmc
  hw/arm: Add Nuvoton SD module to board
  hw/sd: add nuvoton MMC

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/berrange/tags/hmp-x-qmp-620-pull-request' into staging

Initial conversion of HMP debugging commands to QMP

This introduces a new policy that all HMP commands will be converted to
have QMP equivalents, marked unstable if no formal QAPI modelling is
intended to be done.

New unstable commands are added as follows:

  - HMP "info roms" => QMP "x-query-roms"
  - HMP "info profile" => QMP "x-query-profile"
  - HMP "info numa" => QMP "x-query-numa"
  - HMP "info usb" => QMP "x-query-usb"
  - HMP "info rdma" => QMP "x-query-rdma"
  - HMP "info ramblock" => QMP "x-query-ramblock"
  - HMP "info irq" => QMP "x-query-irq"
  - HMP "info jit" => QMP "x-query-jit"
  - HMP "info opcount" => QMP "x-query-opcount"

# gpg: Signature made Tue 02 Nov 2021 01:54:28 PM EDT
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]

* remotes/berrange/tags/hmp-x-qmp-620-pull-request:
  qapi: introduce x-query-opcount QMP command
  qapi: introduce x-query-jit QMP command
  qapi: introduce x-query-irq QMP command
  qapi: introduce x-query-ramblock QMP command
  qapi: introduce x-query-rdma QMP command
  qapi: introduce x-query-usb QMP command
  qapi: introduce x-query-numa QMP command
  qapi: introduce x-query-profile QMP command
  qapi: introduce x-query-roms QMP command
  docs/devel: document expectations for HMP commands in the future
  docs/devel: add example of command returning unstructured text
  docs/devel: document expectations for QAPI data modelling for QMP
  monitor: introduce HumanReadableText and HMP support
  docs/devel: update error handling guidance for HMP commands
  docs/devel: tweak headings in monitor command docs
  docs/devel: rename file for writing monitor commands
  monitor: make hmp_handle_error return a boolean
  monitor: remove 'info ioapic' HMP command

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/kraxel/tags/misc-20211102-pull-request' into staging

MAINTAINERS: audio updates
microvm: device tree support
console: chardev fixes
misc: deprecate sga
usb: fix struct usb_msd_csw

# gpg: Signature made Tue 02 Nov 2021 12:26:07 PM EDT
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]

* remotes/kraxel/tags/misc-20211102-pull-request:
  usb-storage: tag usb_msd_csw as packed struct
  hw/misc: deprecate the 'sga' device
  ui/console: remove chardev frontend connected test
  ui/console: replace kbd_timer with chr_accept_input callback
  ui/console: replace QEMUFIFO with Fifo8
  ui/gtk: skip any extra draw of same guest scanout blob res
  ui/gtk: Update the refresh rate for gl-area too
  microvm: add device tree support.
  MAINTAINERS: add myself as partial audio reviewer
  MAINTAINERS: Add myself as a reviewer for SDL audio

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/kwolf/tags/for-upstream' into staging

Block layer patches

- Fail gracefully when blockdev-snapshot creates loops
- ide: Fix IDENTIFY DEVICE for disks > 128 GiB
- file-posix: Fix return value translation for AIO discards
- file-posix: add 'aio-max-batch' option
- rbd: implement bdrv_co_block_status
- Code cleanups and build fixes

# gpg: Signature made Tue 02 Nov 2021 12:04:02 PM EDT
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]

* remotes/kwolf/tags/for-upstream:
  block/nvme: Extract nvme_free_queue() from nvme_free_queue_pair()
  block/nvme: Display CQ/SQ pointer in nvme_free_queue_pair()
  block/nvme: Automatically free qemu_memalign() with QEMU_AUTO_VFREE
  block-backend: Silence clang -m32 compiler warning
  linux-aio: add `dev_max_batch` parameter to laio_io_unplug()
  linux-aio: add `dev_max_batch` parameter to laio_co_submit()
  file-posix: add `aio-max-batch` option
  block/export/fuse.c: fix musl build
  ide: Cap LBA28 capacity announcement to 2^28-1
  block/rbd: implement bdrv_co_block_status
  block: Fail gracefully when blockdev-snapshot creates loops
  block/file-posix: Fix return value translation for AIO discards

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/XanClic/tags/pull-block-2021-11-02' into staging

Block patches:
- Add "toolsversion" creation option for vmdk images
- iotest fix (297, the linting test)
- Added sanity check when opening vpc images
- Doc fix

# gpg: Signature made Tue 02 Nov 2021 10:14:52 AM EDT
# gpg:                using RSA key CB62D7A0EE3829E45F004D34A1FA40D098019CDF
# gpg:                issuer "hreitz@redhat.com"
# gpg: Good signature from "Hanna Reitz <hreitz@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: CB62 D7A0 EE38 29E4 5F00  4D34 A1FA 40D0 9801 9CDF

* remotes/XanClic/tags/pull-block-2021-11-02:
  block/vpc: Add a sanity check that fixed-size images have the right type
  vmdk: allow specification of tools version
  pylint: fix errors and warnings generated by tests/qemu-iotests/297
  qemu-img: Consistent docs for convert -F

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

bsd-user: Add stubs for new signal routines

Until the signal support is merged from the bsd-user fork, we need stubs
for cpu_loop_exit_sigsegv and cpu_loop_exit_sigbus to link. These call
abort after logging a message. Since singals aren't supported here
yet, this is sufficient.

Signed-off-by: Warner Losh <imp@bsdimp.com>
Message-Id: <20211102225248.52999-2-imp@bsdimp.com>
Tested-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pc,pci,virtio: features, fixes

virtio-iommu support for x86/ACPI.
Fixes, cleanups all over the place.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
# gpg: Signature made Mon 01 Nov 2021 07:36:22 PM EDT
# gpg:                using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg:                issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]

* remotes/mst/tags/for_upstream:
  hw/i386: fix vmmouse registration
  pci: Export pci_for_each_device_under_bus*()
  pci: Define pci_bus_dev_fn/pci_bus_fn/pci_bus_ret_fn
  hw/i386/pc: Allow instantiating a virtio-iommu device
  hw/i386/pc: Move IOMMU singleton into PCMachineState
  hw/i386/pc: Remove x86_iommu_get_type()
  hw/acpi: Add VIOT table
  vhost-vdpa: Set discarding of RAM broken when initializing the backend
  qtest: fix 'expression is always false' build failure in qtest_has_accel()

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/philmd/tags/mips-20211102' into staging

MIPS patches queue

- Fine-grained MAINTAINERS sections
- Fix MSA MADDV.B / MSUBV.B opcodes
- Convert MSA opcodes to decodetree
- Correct Loongson-3A4000 MSAIR register
- Do not accept ELF nanoMIPS binaries on linux-user
- Use ISA instead of PCI interrupts in VT82C686 PCI device

# gpg: Signature made Tue 02 Nov 2021 09:41:04 AM EDT
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]

* remotes/philmd/tags/mips-20211102: (41 commits)
  Revert "elf: Relax MIPS' elf_check_arch() to accept EM_NANOMIPS too"
  hw/usb/vt82c686-uhci-pci: Use ISA instead of PCI interrupts
  usb/uhci: Replace pci_set_irq with qemu_set_irq
  usb/uhci: Disallow user creating a vt82c686-uhci-pci device
  usb/uhci: Misc clean up
  target/mips: Remove obsolete FCR0_HAS2008 comment on P5600 CPU
  target/mips: Fix Loongson-3A4000 MSAIR config register
  target/mips: Remove one MSA unnecessary decodetree overlap group
  target/mips: Remove generic MSA opcode
  target/mips: Convert CTCMSA opcode to decodetree
  target/mips: Convert CFCMSA opcode to decodetree
  target/mips: Convert MSA MOVE.V opcode to decodetree
  target/mips: Convert MSA COPY_S and INSERT opcodes to decodetree
  target/mips: Convert MSA COPY_U opcode to decodetree
  target/mips: Convert MSA ELM instruction format to decodetree
  target/mips: Convert MSA 3R instruction format to decodetree (part 4/4)
  target/mips: Convert MSA 3R instruction format to decodetree (part 3/4)
  target/mips: Convert MSA 3R instruction format to decodetree (part 2/4)
  target/mips: Convert MSA 3R instruction format to decodetree (part 1/4)
  target/mips: Convert MSA 3RF instruction format to decodetree (DF_WORD)
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

hvf: arm: Ignore cache operations on MMIO

Apple's Hypervisor.Framework forwards cache operations as MMIO traps
into user space. For MMIO however, these have no meaning: There is no
cache attached to them.

So let's just treat cache data exits as nops.

This fixes OpenBSD booting as guest.

Reported-by: AJ Barris <AwlsomeAlex@github.com>
Signed-off-by: Alexander Graf <agraf@csgraf.de>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Reference: https://github.com/utmapp/UTM/issues/3197
Message-Id: <20211026071241.74889-1-agraf@csgraf.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

hw/arm/virt: Rename default_bus_bypass_iommu

Since commit d8fb7d0969d5 ("vl: switch -M parsing to keyval"), machine
parameter definitions cannot use underscores, because keyval_dashify()
transforms them to dashes and the parser doesn't find the parameter.

This affects option default_bus_bypass_iommu which was introduced in the
same release:

$ qemu-system-aarch64 -M virt,default_bus_bypass_iommu=on
qemu-system-aarch64: Property 'virt-6.1-machine.default-bus-bypass-iommu' not found

Rename the parameter to "default-bus-bypass-iommu". Passing
"default_bus_bypass_iommu" is still valid since the underscore are
transformed automatically.

Fixes: 6d7a85483a06 ("hw/arm/virt: Add default_bus_bypass_iommu machine option")
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Tested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211026093733.2144161-1-jean-philippe@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

target/arm: Use tcg_constant_i32() in gen_rev16()

Since the mask is a constant value, use tcg_constant_i32()
instead of a TCG temporary.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211029231834.2476117-6-f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

target/arm: Use tcg_constant_i64() in do_sat_addsub_64()

The immediate value used for comparison is constant and
read-only. Move it to the constant pool. This frees a
TCG temporary for unsigned saturation opcodes.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211029231834.2476117-5-f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

target/arm: Use the constant variant of store_cpu_field() when possible

When using a constant variable, we can replace the store_cpu_field()
call by store_cpu_field_constant() which avoid using TCG temporaries.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211029231834.2476117-4-f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

target/arm: Introduce store_cpu_field_constant() helper

Similarly to the store_cpu_field() helper which takes a TCG
temporary, store its value to the CPUState, introduce the
store_cpu_field_constant() helper which store a constant to
CPUState (without using any TCG temporary).

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211029231834.2476117-3-f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

target/arm: Use tcg_constant_i32() in op_smlad()

Avoid using a TCG temporary for a read-only constant.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211029231834.2476117-2-f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

target/arm: Advertise MVE to gdb when present

Cortex-M CPUs with MVE should advertise this fact to gdb, using the
org.gnu.gdb.arm.m-profile-mve XML feature, which defines the VPR
register. Presence of this feature also tells gdb to create
pseudo-registers Q0..Q7, so we do not need to tell gdb about them
separately.

Note that unless you have a very recent GDB that includes this fix:
http://patches-tcwg.linaro.org/patch/58133/ gdb will mis-print the
individual fields of the VPR register as zero (but showing the whole
thing as hex, eg with "print /x $vpr" will give the correct value).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211101160814.5103-1-peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

tests/qtest/libqos: add SDHCI commands

Signed-off-by: Shengtan Mao <stmao@google.com>
Signed-off-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Chris Rauer <crauer@google.com>
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20211008002628.1958285-5-wuhaotsh@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

hw/arm: Attach MMC to quanta-gbs-bmc

Signed-off-by: Shengtan Mao <stmao@google.com>
Signed-off-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20211008002628.1958285-4-wuhaotsh@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

hw/arm: Add Nuvoton SD module to board

Signed-off-by: Shengtan Mao <stmao@google.com>
Signed-off-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Chris Rauer <crauer@google.com>
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20211008002628.1958285-3-wuhaotsh@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

hw/sd: add nuvoton MMC

Signed-off-by: Shengtan Mao <stmao@google.com>
Signed-off-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Chris Rauer <crauer@google.com>
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20211008002628.1958285-2-wuhaotsh@google.com>
[rth: Fix typos of "nonexistent"]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20211102' into staging

- Split out host signal handing from accel/tcg/user-exec.c
  to linux-user/host/arch/host-signal.h
- Replace TCGCPUOps.tlb_fill with TCGCPUOps.record_sigsegv for user-only
- Add TCGCPUOps.record_sigbus for user-only
- Remove a lot of target-specific cpu_loop handling for signals,
  now accomplished with generic code.

# gpg: Signature made Tue 02 Nov 2021 07:06:14 AM EDT
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* remotes/rth/tags/pull-tcg-20211102: (60 commits)
  linux-user: Handle BUS_ADRALN in host_signal_handler
  tcg: Add helper_unaligned_{ld,st} for user-only sigbus
  accel/tcg: Report unaligned load/store for user-only
  accel/tcg: Report unaligned atomics for user-only
  target/sparc: Set fault address in sparc_cpu_do_unaligned_access
  target/sparc: Split out build_sfsr
  target/sparc: Remove DEBUG_UNALIGNED
  target/sh4: Set fault address in superh_cpu_do_unaligned_access
  target/s390x: Implement s390x_cpu_record_sigbus
  linux-user/ppc: Remove POWERPC_EXCP_ALIGN handling
  target/ppc: Restrict ppc_cpu_do_unaligned_access to sysemu
  target/ppc: Set fault address in ppc_cpu_do_unaligned_access
  target/ppc: Move SPR_DSISR setting to powerpc_excp
  target/microblaze: Do not set MO_ALIGN for user-only
  linux-user/hppa: Remove EXCP_UNALIGN handling
  target/arm: Implement arm_cpu_record_sigbus
  target/alpha: Implement alpha_cpu_record_sigbus
  linux-user: Add cpu_loop_exit_sigbus
  hw/core: Add TCGCPUOps.record_sigbus
  accel/tcg: Restrict TCGCPUOps::tlb_fill() to sysemu
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

usb-storage: tag usb_msd_csw as packed struct

Without this the struct has the wrong size: sizeof() evaluates
to 16 instead of 13. In most cases the bug is hidden by the
fact that guests submits a buffer which is exactly 13 bytes
long, so the padding added by the compiler is simply ignored.

But sometimes guests submit a larger buffer and expect a short
transfer, which does not work properly with the wrong struct
size.

Cc: vintagepc404@protonmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Fixes: a917d384ac0 ("SCSI TCQ support.")
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210906045523.1259629-1-kraxel@redhat.com>

hw/misc: deprecate the 'sga' device

This is obsolete since SeaBIOS 1.11.0 introduced native support for
sending messages to the serial console. The new support can be
activated using -machine graphics=off on x86 targets.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20210909123219.862652-1-berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

ui/console: remove chardev frontend connected test

The test if the chardev frontend is connected in
kbd_put_keysym_console() is redundant, because the call
to qemu_chr_be_can_write() in kbd_send_chars() tests
the connected condition again.

Remove the redundant test whether the chardev frontend
is connected.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20210916192239.18742-3-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

ui/console: replace kbd_timer with chr_accept_input callback

There's a ChardevClass chr_accept_input() callback function that
can replace the write retry timer.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20210916192239.18742-2-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

ui/console: replace QEMUFIFO with Fifo8

One of the two FIFO implementations QEMUFIFO and Fifo8 is
redundant. Replace QEMUFIFO with Fifo8.

Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20210916192239.18742-1-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

ui/gtk: skip any extra draw of same guest scanout blob res

Any extra draw call for the same blob resource representing guest scanout
before the previous drawing is not finished can break synchronous draw
sequence. To prevent this, drawing is now done only once for each draw
submission (when draw_submitted == true).

v2:
- removed mutex
- updated commit msg

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Vivek Kasireddy <vivek.kasireddy@intel.com>
Signed-off-by: Dongwon Kim <dongwon.kim@intel.com>
Message-Id: <20210924225105.24930-1-dongwon.kim@intel.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

ui/gtk: Update the refresh rate for gl-area too

This is a bugfix that stretches all the way back to January 2020,
where I initially introduced this problem and potential solutions.

A quick recap of the issue: QEMU did not sync up with the monitors
refresh rate causing the VM to render frames that were NOT displayed
to the user. That "fix" allowed QEMU to obtain the screen refreshrate
information from the system using GDK API's and was for GTK only.

Well, I'm back with the same issue again. But this time on Wayland.

And I did NOT realize there was YET another screen refresh rate
function, this time for Wayland specifically. Thankfully the fix was
simple and without much hassle.

Thanks,
Nikola

PS: It seems that my patch has gone missing from the mailing list,
hence I'm sending it again. Sorry for any inconveniences.

Signed-off-by: Nikola Pavlica <pavlica.nikola@gmail.com>
Message-Id: <20211024143110.704296-1-pavlica.nikola@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

microvm: add device tree support.

Allows edk2 detect virtio-mmio devices and pcie ecam.
See comment in hw/i386/microvm-dt.c for more details.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Message-Id: <20211014193617.2475578-1-kraxel@redhat.com>

MAINTAINERS: add myself as partial audio reviewer

Volunteering as reviewer for some of the audio backends; namely
ALSA, CoreAudio and JACK.

Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <E1mMVca-0005ZJ-Lo@lizzy.crudebyte.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

MAINTAINERS: Add myself as a reviewer for SDL audio

I've got some experience with the SDL library, so I can help
reviewing patches here.

Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211030062106.46024-1-huth@tuxfamily.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

qapi: introduce x-query-opcount QMP command

This is a counterpart to the HMP "info opcount" command. It is being
added with an "x-" prefix because this QMP command is intended as an
ad hoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-jit QMP command

This is a counterpart to the HMP "info jit" command. It is being
added with an "x-" prefix because this QMP command is intended as an
ad hoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-irq QMP command

This is a counterpart to the HMP "info irq" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-ramblock QMP command

This is a counterpart to the HMP "info ramblock" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-rdma QMP command

This is a counterpart to the HMP "info rdma" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-usb QMP command

This is a counterpart to the HMP "info usb" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-numa QMP command

This is a counterpart to the HMP "info numa" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-profile QMP command

This is a counterpart to the HMP "info profile" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

qapi: introduce x-query-roms QMP command

This is a counterpart to the HMP "info roms" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/devel: document expectations for HMP commands in the future

We no longer wish to have commands implemented in HMP only. All commands
should start with a QMP implementation and the HMP merely be a shim
around this. To reduce the burden of implementing QMP commands where
there is low expectation of machine usage, requirements for QAPI
modelling are relaxed provided the command is under the "x-" name
prefix.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/devel: add example of command returning unstructured text

This illustrates how to add a QMP command returning unstructured text,
following the guidelines added in the previous patch. The example uses
a simplified version of 'info roms'.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/devel: document expectations for QAPI data modelling for QMP

Traditionally we have required that newly added QMP commands will model
any returned data using fine grained QAPI types. This is good for
commands that are intended to be consumed by machines, where clear data
representation is very important. Commands that don't satisfy this have
generally been added to HMP only.

In effect the decision of whether to add a new command to QMP vs HMP has
been used as a proxy for the decision of whether the cost of designing a
fine grained QAPI type is justified by the potential benefits.

As a result the commands present in QMP and HMP are non-overlapping
sets, although HMP comamnds can be accessed indirectly via the QMP
command 'human-monitor-command'.

One of the downsides of 'human-monitor-command' is that the QEMU monitor
APIs remain tied into various internal parts of the QEMU code. For
example any exclusively HMP command will need to use 'monitor_printf'
to get data out. It would be desirable to be able to fully isolate the
monitor implementation from QEMU internals, however, this is only
possible if all commands are exclusively based on QAPI with direct
QMP exposure.

The way to achieve this desired end goal is to finese the requirements
for QMP command design. For cases where the output of a command is only
intended for human consumption, it is reasonable to want to simplify
the implementation by returning a plain string containing formatted
data instead of designing a fine grained QAPI data type. This can be
permitted if-and-only-if the command is exposed under the 'x-' name
prefix. This indicates that the command data format is liable to
future change and that it is not following QAPI design best practice.

The poster child example for this would be the 'info registers' HMP
command which returns printf formatted data representing CPU state.
This information varies enourmously across target architectures and
changes relatively frequently as new CPU features are implemented.
It is there as debugging data for human operators, and any machine
usage would treat it as an opaque blob. It is thus reasonable to
expose this in QMP as 'x-query-registers' returning a 'str' field.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

monitor: introduce HumanReadableText and HMP support

This provides a foundation on which to convert simple HMP commands to
use QMP. The QMP implementation will generate formatted text targeted
for human consumption, returning it in the HumanReadableText data type.

The HMP command handler will simply print out the formatted string
within the HumanReadableText data type. Since this will be an entirely
formulaic action in the case of HMP commands taking no arguments, a
custom command handler is provided.

Thus instead of registering a 'cmd' callback for the HMP command, a
'cmd_info_hrt' callback is provided, which will simply be a pointer
to the QMP implementation.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/devel: update error handling guidance for HMP commands

Best practice is to use the 'hmp_handle_error' function, not
'monitor_printf' or 'error_report_err'. This ensures that the
message always gets an 'Error: ' prefix, distinguishing it
from normal command output.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/devel: tweak headings in monitor command docs

The new headings reflect the intended structure of the document and will
better suit additions that follow.

Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/devel: rename file for writing monitor commands

The file already covers writing HMP commands, in addition to
the QMP commands, so it deserves a more general name.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

monitor: make hmp_handle_error return a boolean

This turns the pattern

  if (err) {
     hmp_handle_error(mon, err);
     return;
  }

into

  if (hmp_handle_error(mon, err)) {
     return;
  }

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

monitor: remove 'info ioapic' HMP command

This command was turned into a no-op four years ago in

  commit 0c8465440d50c18a7bb13d0a866748f0593e193a
  Author: Peter Xu <peterx@redhat.com>
  Date:   Fri Dec 29 15:31:04 2017 +0800

    hmp: obsolete "info ioapic"

Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

configure: fix --audio-drv-list help message

--audio-drv-list is now establishing which audio drivers to try if -audiodev
is not used; drivers for -audiodev are configured with --enable/--disable
options or possibly --without-default-features. Adjust the help message
for --audio-drv-list.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure: Remove the check for the __thread keyword

We recently bumped our minimum required version of GCC to 7.4
and Clang to 6.0, and those compiler versions should support
the __thread keyword already.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211028185910.1729744-2-thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Move the l2tpv3 test from configure to meson.build

And while we're at it, also provide a proper entry for this feature
in meson_options.txt, so that people who don't need it have a knob
to disable this feature.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211028185910.1729744-3-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

meson: remove unnecessary coreaudio test program

AudioGetCurrentHostTime has been present forever, so the test is not
enforcing a specific version of macOS. In fact the test was broken
since it was not linking against the coreaudio dependency; just remove it.

Fixes: 87430d5b13 ("configure, meson: move audio driver detection to Meson", 2021-10-14)
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

meson: remove pointless warnings

Meson tests sometimes warn if the required libraries and headers are present but
a test program fails to link. In the case of DirectSound and OSS, however, there
is no test program so there is no need to warn.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

meson.build: Allow to disable OSS again

If sys/soundcard.h is available, it is currently not possible to
disable OSS with the --disable-oss or --without-default-features
configure switches. Improve the check in meson.build to fix this.

Fixes: 87430d5b13 ("configure, meson: move audio driver detection to Meson")
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211102105822.773131-1-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

meson: bump submodule to 0.59.3

This gains some bugfixes, especially:

- it fixes the introspection of array options.  While technically we
still support Meson 0.58.2, this issue only appears when adding a new
option and not if the user is just building QEMU.  In the relatively
rare case of a contributor using --meson to point to a 0.58 version,
review can catch spurious changes to scripts/meson-buildoptions.sh
easily.

- it fixes "meson test" when it is not the process group leader.  Make is
the process group leader when "make check" invokes "meson test", so this
is a requirement for using it as a test harness.

Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

qtest/am53c974-test: add test for cancelling in-flight requests

Based upon the qtest reproducer posted to Gitlab issue #663 at
https://gitlab.com/qemu-project/qemu/-/issues/663.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20211101183516.8455-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

esp: ensure in-flight SCSI requests are always cancelled

There is currently a check in esp_select() to cancel any in-flight SCSI requests
to ensure that issuing multiple select commands without continuing through the
rest of the ESP state machine ignores all but the last SCSI request. This is
also enforced through the addition of assert()s in esp_transfer_data() and
scsi_read_data().

The get_cmd() function does not call esp_select() when TC == 0 which means it is
possible for a fuzzer to trigger these assert()s by sending a select command when
TC == 0 immediately after a valid SCSI CDB has been submitted.

Since esp_select() is only called from get_cmd(), hoist the check to cancel
in-flight SCSI requests from esp_select() into get_cmd() to ensure it is always
called when executing a select command to initiate a new SCSI request.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Closes: https://gitlab.com/qemu-project/qemu/-/issues/662
Closes: https://gitlab.com/qemu-project/qemu/-/issues/663
Message-Id: <20211101183516.8455-2-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

KVM: SVM: add migration support for nested TSC scaling

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20211101132300.192584-4-mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

hw/i386: fix vmmouse registration

According to the logic of vmmouse_update_handler function,
vmmouse should be registered as an event handler when
it's status is zero.
vmmouse_read_id resets the status but does not register
the handler.
This patch adds vmmouse registration and activation when
status is reset.

Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
Message-Id: <163524204515.1914131.16465061981774791228.stgit@pasha-ThinkPad-X280>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

watchdog: remove select_watchdog_action

Instead of invoking select_watchdog_action from both HMP and command line,
go directly from HMP to QMP and use QemuOpts as the intermediary for the
command line.

This makes -watchdog-action explicitly a shortcut for "-action watchdog",
so that "-watchdog-action" and "-action watchdog" override each other
based on the position on the command line; previously, "-action watchdog"
always won.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

vl: deprecate -watchdog

-watchdog is the same as -device except that it is case insensitive (and it
allows only watchdog devices of course). Now that "-device help" can list
as such the available watchdog devices, we can deprecate it.

Note that even though -watchdog tries to be case insensitive, it fails
at that: "-watchdog i6300xyz" fails with "Unknown -watchdog device",
but "-watchdog i6300ESB" also fails (when the generated -device option
is processed) with an error "'i6300ESB' is not a valid device model name".
For this reason, the documentation update does not mention the case
insensitivity of -watchdog.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

watchdog: add information from -watchdog help to -device help

List all watchdog devices in a separate category, and populate
their descriptions.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

hw/i386: Rename default_bus_bypass_iommu

Since commit d8fb7d0969d5 ("vl: switch -M parsing to keyval"), machine
parameter definitions cannot use underscores, because keyval_dashify()
transforms them to dashes and the parser doesn't find the parameter.

This affects option default_bus_bypass_iommu which was introduced in the
same release:

$ qemu-system-x86_64 -M q35,default_bus_bypass_iommu=on
qemu-system-x86_64: Property 'pc-q35-6.1-machine.default-bus-bypass-iommu' not found

Rename the parameter to "default-bus-bypass-iommu". Passing
"default_bus_bypass_iommu" is still valid since the underscore are
transformed automatically.

Fixes: c9e96b04fc19 ("hw/i386: Add a default_bus_bypass_iommu pc machine option")
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-Id: <20211025104737.1560274-1-jean-philippe@linaro.org>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

hvf: Avoid mapping regions < PAGE_SIZE as ram

HVF has generic memory listener code that adds all RAM regions as HVF RAM
regions. However, HVF can only handle page aligned, page granule regions.

So let's ignore regions that are not page aligned and sized. They will be
trapped as MMIO instead.

Signed-off-by: Alexander Graf <agraf@csgraf.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211025132147.28308-1-agraf@csgraf.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure: do not duplicate CPU_CFLAGS into QEMU_LDFLAGS

Since commit 4dba2789084 ("configure, meson: move CPU_CFLAGS out of
QEMU_CFLAGS"), CPU_CFLAGS is included in the link commands both during
configure and (via config-meson.cross) during meson. It need not be
added separately to QEMU_LDFLAGS.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure: remove useless NPTL probe

Using a linuxthreads system with a recent QEMU will have bigger problems
than just not having NPTL. Remove the unnecessary check.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

target/i386: use DMA-enabled multiboot ROM for new-enough QEMU machine types

As long as fw_cfg supports DMA, the new ROM can be used also on older
machine types because it has the same size as the existing one.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

optionrom: add a DMA-enabled multiboot ROM

Add a new option rom for the multiboot loader, using DMA transfers to copy
data instead of "rep insb".

This significantly lowers QEMU's startup latency by a factor of about 40,
for example, going from 30sec to 0.8sec when loading modules of 120MB
in size.

Signed-off-by: Marcus Hähnel <marcus.haehnel@kernkonzept.com>
Signed-off-by: Adam Lackorzynski <adam@l4re.org>
[Modified to keep the non-DMA code depending on #ifdef USE_FW_CFG_DMA;
do not write below stack. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

target/i386: move linuxboot_dma_enabled to X86MachineState

This removes a parameter from x86_load_linux, and will avoid code
duplication between the linux and multiboot cases once multiboot
starts to support DMA.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

MAINTAINERS: update location of microvm docs

Fixes: e8eee8d3d9 ("docs: Move microvm.rst into the system manual")

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20211012151447.4147923-1-alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

util: Make some iova_tree parameters const

As qemu guidelines:
Unless a pointer is used to modify the pointed-to storage, give it the
"const" attribute.

In the particular case of iova_tree_find it allows to enforce what is
requested by its comment, since the compiler would shout in case of
modifying or freeing the const-qualified returned pointer.

Signed-off-by: Eugenio Pérez <eperezma@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211013182713.888753-2-eperezma@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

configure/optionrom: Fix MSYS2 multiboot.bin issue

This patch enables native builds on MSYS2 with symlinks disabled.

Signed-off-by: Helge Konetzka <hk@zapateado.de>
Message-Id: <2b5ab039-8495-b55f-03f1-ecfd996907a9@zapateado.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Partially revert "build: -no-pie is no functional linker flag"

This partially reverts commit bbd2d5a8120771ec59b86a80a1f51884e0a26e53.

This commit was misguided and broke using --disable-pie on any distro
that enables PIE by default in their compiler driver, including Debian
and its derivatives. Whilst -no-pie is not a linker flag, it is a
compiler driver flag that ensures -pie is not automatically passed by it
to the linker. Without it, all compile_prog checks will fail as any code
built with the explicit -fno-pie will fail to link with the implicit
default -pie due to trying to use position-dependent relocations. The
only bug that needed fixing was LDFLAGS_NOPIE being used as a flag for
the linker itself in pc-bios/optionrom/Makefile.

Note this does not reinstate exporting LDFLAGS_NOPIE, as it is unused,
since the only previous use was the one that should not have existed. I
have also updated the comment for the -fno-pie and -no-pie checks to
reflect what they're actually needed for.

Fixes: bbd2d5a8120771ec59b86a80a1f51884e0a26e53
Cc: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Jessica Clarke <jrtc27@jrtc27.com>
Message-Id: <20210805192545.38279-1-jrtc27@jrtc27.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Makefile: Fix cscope issues on MacOS and soft links

This patch fixes actually two issues with 'make cscope'.

Firstly, it fixes the command for MacOS "find" command as MacOS will append the
full path of "$(SRC_PATH)/" before each found entry, then after the final "./"
replacement trick it'll look like (e.g., "qapi/qmp-dispatch.c"):

/qapi/qmp-dispatch.c

Which will point to the root directory instead.

Fix it by simply remove the "/" in "$(SRC_PATH)/" of "find-src-path", then
it'll work for at least both Linux and MacOS.

The other OS-independent issue is to start proactively ignoring soft links when
generating tags, otherwise by default on master branch we'll see this error
when "make cscope":

cscope: cannot find file subprojects/libvhost-user/include/atomic.h

This patch should fix the two issues altogether.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210804132328.41353-3-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Makefile: Fix gtags generation

We should use "-print" or otherwise all "-prone" is ignored.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210804132328.41353-2-peterx@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

block/nvme: Extract nvme_free_queue() from nvme_free_queue_pair()

Instead of duplicating code, extract the common helper to free
a single queue.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211006164931.172349-4-philmd@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block/nvme: Display CQ/SQ pointer in nvme_free_queue_pair()

For debugging purpose it is helpful to know the CQ/SQ pointers.
We already have a trace event in nvme_free_queue_pair(), extend
it to report these pointer addresses.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211006164931.172349-3-philmd@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

block/nvme: Automatically free qemu_memalign() with QEMU_AUTO_VFREE

Since commit 4d324c0bf65 ("introduce QEMU_AUTO_VFREE") buffers
allocated by qemu_memalign() can automatically freed when using
the QEMU_AUTO_VFREE macro. Use it to simplify a bit.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211006164931.172349-2-philmd@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Merge remote-tracking branch 'remotes/juanquintela/tags/migration-20211031-pull-request' into staging

Migration Pull request

Hi

this includes pending bits of migration patches.

- virtio-mem support by David Hildenbrand
- dirtyrate improvements by Hyman Huang
- fix rdma wrid by Li Zhijian
- dump-guest-memory fixes by Peter Xu

Pleas apply.

Thanks, Juan.

# gpg: Signature made Mon 01 Nov 2021 06:03:44 PM EDT
# gpg:                using RSA key 1899FF8EDEBF58CCEE034B82F487EF185872D723
# gpg: Good signature from "Juan Quintela <quintela@redhat.com>" [full]
# gpg:                 aka "Juan Quintela <quintela@trasno.org>" [full]

* remotes/juanquintela/tags/migration-20211031-pull-request:
  migration/dirtyrate: implement dirty-bitmap dirtyrate calculation
  memory: introduce total_dirty_pages to stat dirty pages
  migration/ram: Handle RAMBlocks with a RamDiscardManager on background snapshots
  migration/ram: Factor out populating pages readable in ram_block_populate_pages()
  migration: Simplify alignment and alignment checks
  migration/postcopy: Handle RAMBlocks with a RamDiscardManager on the destination
  virtio-mem: Drop precopy notifier
  migration/ram: Handle RAMBlocks with a RamDiscardManager on the migration source
  virtio-mem: Implement replay_discarded RamDiscardManager callback
  memory: Introduce replay_discarded callback for RamDiscardManager
  dump-guest-memory: Block live migration
  migration: Add migrate_add_blocker_internal()
  migration: Make migration blocker work for snapshots too
  migration/dirtyrate: implement dirty-ring dirtyrate calculation
  migration/dirtyrate: move init step of calculation to main thread
  migration/dirtyrate: adjust order of registering thread
  migration/dirtyrate: introduce struct and adjust DirtyRateStat
  memory: make global_dirty_tracking a bitmask
  KVM: introduce dirty_pages and kvm_dirty_ring_enabled
  migration/rdma: Fix out of order wrid

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Revert "elf: Relax MIPS' elf_check_arch() to accept EM_NANOMIPS too"

Per the "P32 Porting Guide" (rev 1.2) [1], chapter 2:

  p32 ABI Overview
  ----------------

  The Application Binary Interface, or ABI, is the set of rules
  that all binaries must follow in order to run on a nanoMIPS
  system. This includes, for example, object file format,
  instruction set, data layout, subroutine calling convention,
  and system call numbers. The ABI is one part of the mechanism
  that maintains binary compatibility across all nanoMIPS platforms.

  p32 improves on o32 to provide an ABI that is efficient in both
  code density and performance. p32 is required for the nanoMIPS
  architecture.

So far QEMU only support the MIPS o32 / n32 / n64 ABIs. The p32 ABI
is not implemented, therefore we can not run any nanoMIPS binary.

Revert commit f72541f3a59 ("elf: Relax MIPS' elf_check_arch() to
accept EM_NANOMIPS too").

See also the "ELF ABI Supplement" [2].

[1] http://codescape.mips.com/components/toolchain/nanomips/2019.03-01/docs/MIPS_nanoMIPS_p32_ABI_Porting_Guide_01_02_DN00184.pdf
[2] http://codescape.mips.com/components/toolchain/nanomips/2019.03-01/docs/MIPS_nanoMIPS_ABI_supplement_01_03_DN00179.pdf

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211101114800.2692157-1-f4bug@amsat.org>

hw/usb/vt82c686-uhci-pci: Use ISA instead of PCI interrupts

This device is part of a superio/ISA bridge chip and IRQs from it are
routed to an ISA interrupt set by the Interrupt Line PCI config
register. Implement this in a vt82c686-uhci-pci specific irq handler
Using via_isa_set_irq().

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <8d7ed385e33a847d8ddc669163a68b5ca57f82ce.1635161629.git.balaton@eik.bme.hu>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

usb/uhci: Replace pci_set_irq with qemu_set_irq

Instead of using pci_set_irq, store the irq in the device state and
use it explicitly so variants having different interrupt handling can
use their own.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <b39066e03c8731f4197d50bc79b403f797599999.1635161629.git.balaton@eik.bme.hu>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

usb/uhci: Disallow user creating a vt82c686-uhci-pci device

Because this device only works as part of VIA superio chips set user
creatable to false. Since the class init method is common for UHCI
variants introduce a flag in UHCIInfo for this.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <e6abf1f19ca72bbc2d8a5a6aa941edbf87a9845f.1635161629.git.balaton@eik.bme.hu>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

usb/uhci: Misc clean up

Fix a comment for coding style so subsequent patch will not get
checkpatch error and simplify and shorten uhci_update_irq().

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <b68a57dfcf181e73272b4dc951f8cc6e76b0d182.1635161629.git.balaton@eik.bme.hu>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

target/mips: Remove obsolete FCR0_HAS2008 comment on P5600 CPU

FCR0_HAS2008 flag has been enabled in commit ba5c79f2622
("target-mips: indicate presence of IEEE 754-2008 FPU in
R6/R5+MSA CPUs"), so remove the obsolete FIXME comment.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211028212103.2126176-1-f4bug@amsat.org>

target/mips: Fix Loongson-3A4000 MSAIR config register

When using the Loongson-3A4000 CPU, the MSAIR is returned with a
zero value (because unimplemented). Checking on real hardware,
this value appears incorrect:

  $ cat /proc/cpuinfo
  system type     : generic-loongson-machine
  machine         : loongson,generic
  cpu model       : Loongson-3 V0.4  FPU V0.1
  model name      : Loongson-3A R4 (Loongson-3A4000) @ 1800MHz
  isa             : mips1 mips2 mips3 mips4 mips5 mips32r1 mips32r2 mips64r1 mips64r2
  ASEs implemented        : vz msa loongson-mmi loongson-cam loongson-ext loongson-ext2
  ...

Checking the CFCMSA opcode result with gdb we get 0x60140:

  Breakpoint 1, 0x00000001200037c4 in main ()
  1: x/i $pc
  => 0x1200037c4 <main+52>:  cfcmsa       v0,msa_ir
  (gdb) si
  0x00000001200037c8 in main ()
  (gdb) i r v0
  v0: 0x60140

MSAIR bits 17 and 18 are "reserved" per the spec revision 1.12,
so mask them out, and set MSAIR=0x0140 for the Loongson-3A4000
CPU model added in commit af868995e1b.

Cc: Huacai Chen <chenhuacai@kernel.org>
Reviewed-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20211026180920.1085516-1-f4bug@amsat.org>