OSDN Git Service

qmiga/qemu.git
3 years agoMerge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-06-15-v2' into staging
Peter Maydell [Sun, 20 Jun 2021 20:20:13 +0000 (21:20 +0100)]
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-06-15-v2' into staging

nbd patches for 2021-06-15

- bug fixes in coroutine aio context handling
- rework NBD client connection logic to perform more work in coroutine

# gpg: Signature made Fri 18 Jun 2021 18:29:39 BST
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2021-06-15-v2: (34 commits)
  block/nbd: safer transition to receiving request
  block/nbd: add nbd_client_connected() helper
  block/nbd: reuse nbd_co_do_establish_connection() in nbd_open()
  nbd/client-connection: add option for non-blocking connection attempt
  block/nbd: split nbd_co_do_establish_connection out of nbd_reconnect_attempt
  block-coroutine-wrapper: allow non bdrv_ prefix
  nbd/client-connection: return only one io channel
  block/nbd: drop BDRVNBDState::sioc
  block/nbd: don't touch s->sioc in nbd_teardown_connection()
  block/nbd: use negotiation of NBDClientConnection
  block/nbd: split nbd_handle_updated_info out of nbd_client_handshake()
  nbd/client-connection: shutdown connection on release
  nbd/client-connection: implement connection retry
  nbd/client-connection: add possibility of negotiation
  nbd/client-connection: use QEMU_LOCK_GUARD
  nbd: move connection code from block/nbd to nbd/client-connection
  block/nbd: introduce nbd_client_connection_release()
  block/nbd: introduce nbd_client_connection_new()
  block/nbd: rename NBDConnectThread to NBDClientConnection
  block/nbd: make nbd_co_establish_connection_cancel() bs-independent
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoblock/nbd: safer transition to receiving request
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:08:02 +0000 (13:08 +0300)]
block/nbd: safer transition to receiving request

req->receiving is a flag of request being in one concrete yield point
in nbd_co_do_receive_one_chunk().

Such kind of boolean flag is always better to unset before scheduling
the coroutine, to avoid double scheduling. So, let's be more careful.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-33-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: add nbd_client_connected() helper
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:08:01 +0000 (13:08 +0300)]
block/nbd: add nbd_client_connected() helper

We already have two similar helpers for other state. Let's add another
one for convenience.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-32-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: reuse nbd_co_do_establish_connection() in nbd_open()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:08:00 +0000 (13:08 +0300)]
block/nbd: reuse nbd_co_do_establish_connection() in nbd_open()

The only last step we need to reuse the function is coroutine-wrapper.
nbd_open() may be called from non-coroutine context. So, generate the
wrapper and use it.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-31-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agonbd/client-connection: add option for non-blocking connection attempt
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:59 +0000 (13:07 +0300)]
nbd/client-connection: add option for non-blocking connection attempt

We'll need a possibility of non-blocking nbd_co_establish_connection(),
so that it returns immediately, and it returns success only if a
connections was previously established in background.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-30-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: split nbd_co_do_establish_connection out of nbd_reconnect_attempt
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:58 +0000 (13:07 +0300)]
block/nbd: split nbd_co_do_establish_connection out of nbd_reconnect_attempt

Split out the part that we want to reuse for nbd_open().

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-29-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock-coroutine-wrapper: allow non bdrv_ prefix
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:57 +0000 (13:07 +0300)]
block-coroutine-wrapper: allow non bdrv_ prefix

We are going to reuse the script to generate a nbd_ function in
further commit. Prepare the script now.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-28-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agonbd/client-connection: return only one io channel
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:56 +0000 (13:07 +0300)]
nbd/client-connection: return only one io channel

block/nbd doesn't need underlying sioc channel anymore. So, we can
update nbd/client-connection interface to return only one top-most io
channel, which is more straight forward.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-27-vsementsov@virtuozzo.com>
[eblake: squash in Vladimir's fixes for uninit usage caught by clang]
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: drop BDRVNBDState::sioc
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:55 +0000 (13:07 +0300)]
block/nbd: drop BDRVNBDState::sioc

Currently sioc pointer is used just to pass from socket-connection to
nbd negotiation. Drop the field, and use local variables instead. With
next commit we'll update nbd/client-connection.c to behave
appropriately (return only top-most ioc, not two channels).

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-26-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: don't touch s->sioc in nbd_teardown_connection()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:54 +0000 (13:07 +0300)]
block/nbd: don't touch s->sioc in nbd_teardown_connection()

Negotiation during reconnect is now done in a thread, and s->sioc is
not available during negotiation. Negotiation in thread will be
cancelled by nbd_client_connection_release() called from
nbd_clear_bdrvstate().  So, we don't need this code chunk anymore.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-25-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: use negotiation of NBDClientConnection
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:53 +0000 (13:07 +0300)]
block/nbd: use negotiation of NBDClientConnection

Now that we can opt in to negotiation as part of the client connection
thread, use that to simplify connection_co.  This is another step on
the way to moving all reconnect code into NBDClientConnection.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-24-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: split nbd_handle_updated_info out of nbd_client_handshake()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:52 +0000 (13:07 +0300)]
block/nbd: split nbd_handle_updated_info out of nbd_client_handshake()

To be reused in the following patch.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-23-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agonbd/client-connection: shutdown connection on release
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:51 +0000 (13:07 +0300)]
nbd/client-connection: shutdown connection on release

Now, when a thread can do negotiation and retry, it may run relatively
long. We need a mechanism to stop it, when the user is not interested
in a result any more. So, on nbd_client_connection_release() let's
shutdown the socket, and do not retry connection if thread is detached.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-22-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agonbd/client-connection: implement connection retry
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:50 +0000 (13:07 +0300)]
nbd/client-connection: implement connection retry

Add an option for a thread to retry connecting until it succeeds. We'll
use nbd/client-connection both for reconnect and for initial connection
in nbd_open(), so we need a possibility to use same NBDClientConnection
instance to connect once in nbd_open() and then use retry semantics for
reconnect.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-21-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: grammar tweak]
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agonbd/client-connection: add possibility of negotiation
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:49 +0000 (13:07 +0300)]
nbd/client-connection: add possibility of negotiation

Add arguments and logic to support nbd negotiation in the same thread
after successful connection.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-20-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agonbd/client-connection: use QEMU_LOCK_GUARD
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:48 +0000 (13:07 +0300)]
nbd/client-connection: use QEMU_LOCK_GUARD

We don't update connect_thread_func() to use QEMU_LOCK_GUARD, as it
will get more complex critical sections logic in further commit, where
QEMU_LOCK_GUARD doesn't help.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-19-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agonbd: move connection code from block/nbd to nbd/client-connection
Vladimir Sementsov-Ogievskiy [Tue, 15 Jun 2021 19:07:05 +0000 (14:07 -0500)]
nbd: move connection code from block/nbd to nbd/client-connection

We now have bs-independent connection API, which consists of four
functions:

  nbd_client_connection_new()
  nbd_client_connection_release()
  nbd_co_establish_connection()
  nbd_co_establish_connection_cancel()

Move them to a separate file together with NBDClientConnection
structure which becomes private to the new API.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-18-vsementsov@virtuozzo.com>
[eblake: comment tweaks]
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: introduce nbd_client_connection_release()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:46 +0000 (13:07 +0300)]
block/nbd: introduce nbd_client_connection_release()

This is a last step of creating bs-independent nbd connection
interface. With next commit we can finally move it to separate file.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-17-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: introduce nbd_client_connection_new()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:45 +0000 (13:07 +0300)]
block/nbd: introduce nbd_client_connection_new()

This is a step of creating bs-independent nbd connection interface.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-16-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: rename NBDConnectThread to NBDClientConnection
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:44 +0000 (13:07 +0300)]
block/nbd: rename NBDConnectThread to NBDClientConnection

We are going to move the connection code to its own file, and want
clear names and APIs first.

The structure is shared between user and (possibly) several runs of
connect-thread. So it's wrong to call it "thread". Let's rename to
something more generic.

Appropriately rename connect_thread and thr variables to conn.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-15-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: make nbd_co_establish_connection_cancel() bs-independent
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:43 +0000 (13:07 +0300)]
block/nbd: make nbd_co_establish_connection_cancel() bs-independent

nbd_co_establish_connection_cancel() actually needs only pointer to
NBDConnectThread. So, make it clean.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-14-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: bs-independent interface for nbd_co_establish_connection()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:42 +0000 (13:07 +0300)]
block/nbd: bs-independent interface for nbd_co_establish_connection()

We are going to split connection code to a separate file. Now we are
ready to give nbd_co_establish_connection() clean and bs-independent
interface.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-13-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: drop thr->state
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:41 +0000 (13:07 +0300)]
block/nbd: drop thr->state

We don't need all these states. The code refactored to use two boolean
variables looks simpler.

While moving the comment in nbd_co_establish_connection() rework it to
give better information. Also, we are going to move the connection code
to separate file and mentioning drained section would be confusing.

Improve also the comment in NBDConnectThread, while dropping removed
state names from it.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-12-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: comment tweak]
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: simplify waking of nbd_co_establish_connection()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:40 +0000 (13:07 +0300)]
block/nbd: simplify waking of nbd_co_establish_connection()

Instead of managing connect_bh, bh_ctx, and wait_connect fields, we
can use a single link to the waiting coroutine with proper mutex
protection.

So new logic is:

nbd_co_establish_connection() sets wait_co under the mutex, releases
the mutex, then yield()s.  Note that wait_co may be scheduled by the
thread immediately after unlocking the mutex.  Still, the main thread
(or iothread) will not reach the code for entering the coroutine until
the yield(), so we are safe.

connect_thread_func() and nbd_co_establish_connection_cancel() do
the following to handle wait_co:

Under the mutex, if thr->wait_co is not NULL, make it NULL and
schedule it. This way, we avoid scheduling the coroutine twice.

Still scheduling is a bit different:

In connect_thread_func() we can just call aio_co_wake under mutex,
after commit
   [async: the main AioContext is only "current" if under the BQL]
we are sure that aio_co_wake() will not try to acquire the aio context
and do qemu_aio_coroutine_enter() but simply schedule the coroutine by
aio_co_schedule().

nbd_co_establish_connection_cancel() will be called from non-coroutine
context in further patch and will be able to go through
qemu_aio_coroutine_enter() path of aio_co_wake(). So keep current
behavior of waking the coroutine after the critical section.

Also, this commit reduces the dependence of
nbd_co_establish_connection() on the internals of bs (we now use a
generic pointer to the coroutine, instead of direct use of
s->connection_co).  This is a step towards splitting the connection
API out of nbd.c.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-11-vsementsov@virtuozzo.com>
Reviewied-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: BDRVNBDState: drop unused connect_err and connect_status
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:39 +0000 (13:07 +0300)]
block/nbd: BDRVNBDState: drop unused connect_err and connect_status

These fields are write-only. Drop them.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-10-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: nbd_client_handshake(): fix leak of s->ioc
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:38 +0000 (13:07 +0300)]
block/nbd: nbd_client_handshake(): fix leak of s->ioc

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Message-Id: <20210610100802.5888-9-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: ensure ->connection_thread is always valid
Roman Kagan [Thu, 10 Jun 2021 10:07:37 +0000 (13:07 +0300)]
block/nbd: ensure ->connection_thread is always valid

Simplify lifetime management of BDRVNBDState->connect_thread by
delaying the possible cleanup of it until the BDRVNBDState itself goes
away.

This also reverts
 0267101af6 "block/nbd: fix possible use after free of s->connect_thread"
as now s->connect_thread can't be cleared until the very end.

Signed-off-by: Roman Kagan <rvkagan@yandex-team.ru>
 [vsementsov: rebase, revert 0267101af6 changes]
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
 [eblake: tweak comment]
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-8-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: call socket_address_parse_named_fd() in advance
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:36 +0000 (13:07 +0300)]
block/nbd: call socket_address_parse_named_fd() in advance

Detecting monitor by current coroutine works bad when we are not in
coroutine context. And that's exactly so in nbd reconnect code, where
qio_channel_socket_connect_sync() is called from thread.

Monitor is needed only to parse named file descriptor. So, let's just
parse it during nbd_open(), so that all further users of s->saddr don't
need to access monitor.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-7-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoqemu-sockets: introduce socket_address_parse_named_fd()
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:35 +0000 (13:07 +0300)]
qemu-sockets: introduce socket_address_parse_named_fd()

Add function that transforms named fd inside SocketAddress structure
into number representation. This way it may be then used in a context
where current monitor is not available.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-6-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[eblake: comment tweak]
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: connect_thread_func(): do qio_channel_set_delay(false)
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:34 +0000 (13:07 +0300)]
block/nbd: connect_thread_func(): do qio_channel_set_delay(false)

nbd_open() does it (through nbd_establish_connection()).
Actually we lost that call on reconnect path in 1dc4718d849e1a1fe
"block/nbd: use non-blocking connect: fix vm hang on connect()"
when we have introduced reconnect thread.

Fixes: 1dc4718d849e1a1fe665ce5241ed79048cfa2cfc
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-5-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: fix how state is cleared on nbd_open() failure paths
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:33 +0000 (13:07 +0300)]
block/nbd: fix how state is cleared on nbd_open() failure paths

We have two "return error" paths in nbd_open() after
nbd_process_options(). Actually we should call nbd_clear_bdrvstate()
on these paths. Interesting that nbd_process_options() calls
nbd_clear_bdrvstate() by itself.

Let's fix leaks and refactor things to be more obvious:

- intialize yank at top of nbd_open()
- move yank cleanup to nbd_clear_bdrvstate()
- refactor nbd_open() so that all failure paths except for
  yank-register goes through nbd_clear_bdrvstate()

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-4-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoblock/nbd: fix channel object leak
Roman Kagan [Thu, 10 Jun 2021 10:07:32 +0000 (13:07 +0300)]
block/nbd: fix channel object leak

nbd_free_connect_thread leaks the channel object if it hasn't been
stolen.

Unref it and fix the leak.

Signed-off-by: Roman Kagan <rvkagan@yandex-team.ru>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210610100802.5888-3-vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoco-queue: drop extra coroutine_fn marks
Vladimir Sementsov-Ogievskiy [Thu, 10 Jun 2021 10:07:31 +0000 (13:07 +0300)]
co-queue: drop extra coroutine_fn marks

qemu_co_queue_next() and qemu_co_queue_restart_all() just call
aio_co_wake() which works well in non-coroutine context. So these
functions can be called from non-coroutine context as well. And
actually qemu_co_queue_restart_all() is called from
nbd_cancel_in_flight(), which is called from non-coroutine context.

Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210610100802.5888-2-vsementsov@virtuozzo.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agotests: cover aio_co_enter from a worker thread without BQL taken
Paolo Bonzini [Mon, 14 Jun 2021 11:02:14 +0000 (13:02 +0200)]
tests: cover aio_co_enter from a worker thread without BQL taken

Add a testcase for the test fixed by commit 'async: the main AioContext
is only "current" if under the BQL.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210614110214.726722-1-pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoasync: the main AioContext is only "current" if under the BQL
Paolo Bonzini [Wed, 9 Jun 2021 12:22:34 +0000 (14:22 +0200)]
async: the main AioContext is only "current" if under the BQL

If we want to wake up a coroutine from a worker thread, aio_co_wake()
currently does not work.  In that scenario, aio_co_wake() calls
aio_co_enter(), but there is no current AioContext and therefore
qemu_get_current_aio_context() returns the main thread.  aio_co_wake()
then attempts to call aio_context_acquire() instead of going through
aio_co_schedule().

The default case of qemu_get_current_aio_context() was added to cover
synchronous I/O started from the vCPU thread, but the main and vCPU
threads are quite different.  The main thread is an I/O thread itself,
only running a more complicated event loop; the vCPU thread instead
is essentially a worker thread that occasionally calls
qemu_mutex_lock_iothread().  It is only in those critical sections
that it acts as if it were the home thread of the main AioContext.

Therefore, this patch detaches qemu_get_current_aio_context() from
iothreads, which is a useless complication.  The AioContext pointer
is stored directly in the thread-local variable, including for the
main loop.  Worker threads (including vCPU threads) optionally behave
as temporary home threads if they have taken the big QEMU lock,
but if that is not the case they will always schedule coroutines
on remote threads via aio_co_schedule().

With this change, the stub qemu_mutex_iothread_locked() must be changed
from true to false.  The previous value of true was needed because the
main thread did not have an AioContext in the thread-local variable,
but now it does have one.

Reported-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210609122234.544153-1-pbonzini@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Tested-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
[eblake: tweak commit message per Vladimir's review]
Signed-off-by: Eric Blake <eblake@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20210618.0' into...
Peter Maydell [Fri, 18 Jun 2021 15:42:25 +0000 (16:42 +0100)]
Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20210618.0' into staging

VFIO update 2021-06-18

 * VFIO migration documentation (Tarun Gupta)

 * Fix SaveVMHandler de-registration (Kunkun Jiang)

 * Fix vmstate change transition (Kirti Wankhede)

# gpg: Signature made Fri 18 Jun 2021 16:20:34 BST
# gpg:                using RSA key 42F6C04E540BD1A99E7B8A90239B9B6E3BB08B22
# gpg:                issuer "alex.williamson@redhat.com"
# gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>" [full]
# gpg:                 aka "Alex Williamson <alex@shazbot.org>" [full]
# gpg:                 aka "Alex Williamson <alwillia@redhat.com>" [full]
# gpg:                 aka "Alex Williamson <alex.l.williamson@gmail.com>" [full]
# Primary key fingerprint: 42F6 C04E 540B D1A9 9E7B  8A90 239B 9B6E 3BB0 8B22

* remotes/awilliam/tags/vfio-update-20210618.0:
  vfio/migration: Correct device state from vmstate change for savevm case
  vfio: Fix unregister SaveVMHandler in vfio_migration_finalize
  docs/devel: Add VFIO device migration documentation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agovfio/migration: Correct device state from vmstate change for savevm case
Kirti Wankhede [Tue, 8 Jun 2021 18:37:21 +0000 (00:07 +0530)]
vfio/migration: Correct device state from vmstate change for savevm case

Set _SAVING flag for device state from vmstate change handler when it
gets called from savevm.

Currently State transition savevm/suspend is seen as:
    _RUNNING -> _STOP -> Stop-and-copy -> _STOP

State transition savevm/suspend should be:
    _RUNNING -> Stop-and-copy -> _STOP

State transition from _RUNNING to _STOP occurs from
vfio_vmstate_change() where when vmstate changes from running to
!running, _RUNNING flag is reset but at the same time when
vfio_vmstate_change() is called for RUN_STATE_SAVE_VM, _SAVING bit
should be set.

Reported by: Yishai Hadas <yishaih@nvidia.com>
Signed-off-by: Kirti Wankhede <kwankhede@nvidia.com>
Message-Id: <1623177441-27496-1-git-send-email-kwankhede@nvidia.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
3 years agovfio: Fix unregister SaveVMHandler in vfio_migration_finalize
Kunkun Jiang [Thu, 27 May 2021 12:31:01 +0000 (20:31 +0800)]
vfio: Fix unregister SaveVMHandler in vfio_migration_finalize

In the vfio_migration_init(), the SaveVMHandler is registered for
VFIO device. But it lacks the operation of 'unregister'. It will
lead to 'Segmentation fault (core dumped)' in
qemu_savevm_state_setup(), if performing live migration after a
VFIO device is hot deleted.

Fixes: 7c2f5f75f94 (vfio: Register SaveVMHandlers for VFIO device)
Reported-by: Qixin Gan <ganqixin@huawei.com>
Signed-off-by: Kunkun Jiang <jiangkunkun@huawei.com>
Message-Id: <20210527123101.289-1-jiangkunkun@huawei.com>
Reviewed by: Kirti Wankhede <kwankhede@nvidia.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
3 years agodocs/devel: Add VFIO device migration documentation
Tarun Gupta [Sun, 18 Apr 2021 12:22:51 +0000 (17:52 +0530)]
docs/devel: Add VFIO device migration documentation

Document interfaces used for VFIO device migration. Added flow
of state changes during live migration with VFIO device.

Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Co-developed-by: Kirti Wankhede <kwankhede@nvidia.com>
Signed-off-by: Kirti Wankhede <kwankhede@nvidia.com>
Signed-off-by: Tarun Gupta <targupta@nvidia.com>
Message-Id: <20210418122251.88809-1-targupta@nvidia.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/kraxel/tags/audio-20210617-pull-request' into...
Peter Maydell [Fri, 18 Jun 2021 08:54:42 +0000 (09:54 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/audio-20210617-pull-request' into staging

audio: bugfix collection.

# gpg: Signature made Thu 17 Jun 2021 13:40:56 BST
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/audio-20210617-pull-request:
  coreaudio: Fix output stream format settings
  audio: Fix format specifications of debug logs
  hw/audio/sb16: Avoid assertion by restricting I/O sampling rate range
  jackaudio: avoid that the client name contains the word (NULL)
  audio: move code to audio/audio.c
  paaudio: remove unused stream flags
  alsaaudio: remove #ifdef DEBUG to avoid bit rot

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging
Peter Maydell [Thu, 17 Jun 2021 14:43:26 +0000 (15:43 +0100)]
Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

* avoid deprecation warnings for SASL on macOS 10.11 or newer
* fix -readconfig when config blocks have an id (like [chardev "qmp"])
* Error* initialization fixes
* Improvements to ESP emulation (Mark)
* Allow creating noreserve memory backends (David)
* Improvements to query-memdev (David)
* Bump compiler to C11 (Richard)
* First round of SVM fixes from GSoC project (Lara)

# gpg: Signature made Wed 16 Jun 2021 16:37:49 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream: (45 commits)
  configure: Remove probe for _Static_assert
  qemu/compiler: Remove QEMU_GENERIC
  include/qemu/lockable: Use _Generic instead of QEMU_GENERIC
  util: Use unique type for QemuRecMutex in thread-posix.h
  util: Pass file+line to qemu_rec_mutex_unlock_impl
  util: Use real functions for thread-posix QemuRecMutex
  softfloat: Use _Generic instead of QEMU_GENERIC
  configure: Use -std=gnu11
  target/i386: Added Intercept CR0 writes check
  target/i386: Added consistency checks for CR0
  target/i386: Added consistency checks for VMRUN intercept and ASID
  target/i386: Refactored intercept checks into cpu_svm_has_intercept
  configure: map x32 to cpu_family x86_64 for meson
  hmp: Print "reserve" property of memory backends with "info memdev"
  qmp: Include "reserve" property of memory backends
  hmp: Print "share" property of memory backends with "info memdev"
  qmp: Include "share" property of memory backends
  qmp: Clarify memory backend properties returned via query-memdev
  hostmem: Wire up RAM_NORESERVE via "reserve" property
  util/mmap-alloc: Support RAM_NORESERVE via MAP_NORESERVE under Linux
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agocoreaudio: Fix output stream format settings
Akihiko Odaki [Wed, 16 Jun 2021 14:17:21 +0000 (23:17 +0900)]
coreaudio: Fix output stream format settings

Before commit 7d6948cd98cf5ad8a3458a4ce7fdbcb79bcd1212, it was coded to
retrieve the initial output stream format settings, modify the frame
rate, and set again. However, I removed a frame rate modification code by
mistake in the commit. It also assumes the initial output stream format
is consistent with what QEMU expects, but that expectation is not in the
code, which makes it harder to understand and will lead to breakage if
the initial settings change.

This change explicitly sets all of the output stream settings to solve
these problems.

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-Id: <20210616141721.54091-1-akihiko.odaki@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agoaudio: Fix format specifications of debug logs
Akihiko Odaki [Wed, 16 Jun 2021 14:14:11 +0000 (23:14 +0900)]
audio: Fix format specifications of debug logs

Signed-off-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Message-id: 20210616141411.53892-1-akihiko.odaki@gmail.com
Message-Id: <20210616141411.53892-1-akihiko.odaki@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agohw/audio/sb16: Avoid assertion by restricting I/O sampling rate range
Philippe Mathieu-Daudé [Wed, 16 Jun 2021 10:43:49 +0000 (12:43 +0200)]
hw/audio/sb16: Avoid assertion by restricting I/O sampling rate range

While the SB16 seems to work up to 48000 Hz, the "Sound Blaster Series
Hardware Programming Guide" limit the sampling range from 4000 Hz to
44100 Hz (Section 3-9, 3-10: Digitized Sound I/O Programming, tables
3-2 and 3-3).

Later, section 6-15 (DSP Commands) is more specific regarding the 41h /
42h registers (Set digitized sound output sampling rate):

  Valid sampling rates range from 5000 to 45000 Hz inclusive.

There is no comment regarding error handling if the register is filled
with an out-of-range value.  (See also section 3-28 "8-bit or 16-bit
Auto-initialize Transfer"). Assume limits are enforced in hardware.

This fixes triggering an assertion in audio_calloc():

  #1 abort
  #2 audio_bug audio/audio.c:119:9
  #3 audio_calloc audio/audio.c:154:9
  #4 audio_pcm_sw_alloc_resources_out audio/audio_template.h:116:15
  #5 audio_pcm_sw_init_out audio/audio_template.h:175:11
  #6 audio_pcm_create_voice_pair_out audio/audio_template.h:410:9
  #7 AUD_open_out audio/audio_template.h:503:14
  #8 continue_dma8 hw/audio/sb16.c:216:20
  #9 dma_cmd8 hw/audio/sb16.c:276:5
  #10 command hw/audio/sb16.c:0
  #11 dsp_write hw/audio/sb16.c:949:13
  #12 portio_write softmmu/ioport.c:205:13
  #13 memory_region_write_accessor softmmu/memory.c:491:5
  #14 access_with_adjusted_size softmmu/memory.c:552:18
  #15 memory_region_dispatch_write softmmu/memory.c:0:13
  #16 flatview_write_continue softmmu/physmem.c:2759:23
  #17 flatview_write softmmu/physmem.c:2799:14
  #18 address_space_write softmmu/physmem.c:2891:18
  #19 cpu_outw softmmu/ioport.c:70:5

[*] http://www.baudline.com/solutions/full_duplex/sb16_pci/index.html

OSS-Fuzz Report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29174

Fixes: 85571bc7415 ("audio merge (malc)")
Buglink: https://bugs.launchpad.net/bugs/1910603
Tested-by: Qiang Liu <cyruscyliu@gmail.com>
Reviewed-by: Qiang Liu <cyruscyliu@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210616104349.2398060-1-f4bug@amsat.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agojackaudio: avoid that the client name contains the word (NULL)
Volker Rümelin [Mon, 17 May 2021 19:46:04 +0000 (21:46 +0200)]
jackaudio: avoid that the client name contains the word (NULL)

Currently with jackaudio client name and qemu guest name unset,
the JACK client names are out-(NULL) and in-(NULL). These names
are user visible in the patch bay. Replace the function call to
qemu_get_vm_name() with a call to audio_application_name() which
replaces NULL with "qemu" to have more descriptive names.

Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20210517194604.2545-4-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agoaudio: move code to audio/audio.c
Volker Rümelin [Mon, 17 May 2021 19:46:03 +0000 (21:46 +0200)]
audio: move code to audio/audio.c

Move the code to generate the pa_context_new() application name
argument to a function in audio/audio.c. The new function
audio_application_name() will also be used in the jackaudio
backend.

Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20210517194604.2545-3-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agopaaudio: remove unused stream flags
Volker Rümelin [Mon, 17 May 2021 19:46:02 +0000 (21:46 +0200)]
paaudio: remove unused stream flags

In current code there are no calls to pa_stream_get_latency()
or pa_stream_get_time() to receive latency or time information.

Remove the flags PA_STREAM_INTERPOLATE_TIMING and
PA_STREAM_AUTO_TIMING_UPDATE which instruct PulseAudio to
calculate this information in regular intervals.

Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20210517194604.2545-2-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agoalsaaudio: remove #ifdef DEBUG to avoid bit rot
Volker Rümelin [Mon, 17 May 2021 19:46:01 +0000 (21:46 +0200)]
alsaaudio: remove #ifdef DEBUG to avoid bit rot

Merge the #ifdef DEBUG code with the if statement a few lines
above to avoid bit rot.

Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Volker Rümelin <vr_qemu@t-online.de>
Message-Id: <20210517194604.2545-1-vr_qemu@t-online.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
3 years agoMerge remote-tracking branch 'remotes/rth-gitlab/tags/pull-c11-20210615' into staging
Peter Maydell [Thu, 17 Jun 2021 09:42:57 +0000 (10:42 +0100)]
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-c11-20210615' into staging

Change to -std=gnu11.
Replace QEMU_GENERIC with _Generic.
Remove configure detect of _Static_assert.

# gpg: Signature made Wed 16 Jun 2021 02:32:32 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth-gitlab/tags/pull-c11-20210615:
  configure: Remove probe for _Static_assert
  qemu/compiler: Remove QEMU_GENERIC
  include/qemu/lockable: Use _Generic instead of QEMU_GENERIC
  util: Use unique type for QemuRecMutex in thread-posix.h
  util: Pass file+line to qemu_rec_mutex_unlock_impl
  util: Use real functions for thread-posix QemuRecMutex
  softfloat: Use _Generic instead of QEMU_GENERIC
  configure: Use -std=gnu11

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210616' into...
Peter Maydell [Wed, 16 Jun 2021 16:02:30 +0000 (17:02 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210616' into staging

target-arm queue:
 * hw/intc/arm_gicv3_cpuif: Tolerate spurious EOIR writes
 * handle some UNALLOCATED decode cases correctly rather
   than asserting
 * hw: virt: consider hw_compat_6_0
 * hw/arm: add quanta-gbs-bmc machine
 * hw/intc/armv7m_nvic: Remove stale comment
 * target/arm: Fix mte page crossing test
 * hw/arm: quanta-q71l add pca954x muxes
 * target/arm: First few parts of MVE support

# gpg: Signature made Wed 16 Jun 2021 14:34:49 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20210616: (25 commits)
  include/qemu/int128.h: Add function to create Int128 from int64_t
  bitops.h: Provide hswap32(), hswap64(), wswap64() swapping operations
  target/arm: Move expand_pred_b() data to vec_helper.c
  target/arm: Add framework for MVE decode
  target/arm: Implement MVE LETP insn
  target/arm: Implement MVE DLSTP
  target/arm: Implement MVE WLSTP insn
  target/arm: Implement MVE LCTP
  target/arm: Let vfp_access_check() handle late NOCP checks
  target/arm: Add handling for PSR.ECI/ICI
  target/arm: Handle VPR semantics in existing code
  target/arm: Enable FPSCR.QC bit for MVE
  target/arm: Provide and use H8 and H1_8 macros
  hw/arm: quanta-q71l add pca954x muxes
  hw/arm: gsj add pca9548
  hw/arm: gsj add i2c comments
  target/arm: Fix mte page crossing test
  hw/intc/armv7m_nvic: Remove stale comment
  hw/arm: quanta-gbs-bmc add i2c comments
  hw/arm: add quanta-gbs-bmc machine
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoinclude/qemu/int128.h: Add function to create Int128 from int64_t
Peter Maydell [Mon, 14 Jun 2021 15:09:43 +0000 (16:09 +0100)]
include/qemu/int128.h: Add function to create Int128 from int64_t

int128_make64() creates an Int128 from an unsigned 64 bit value; add
a function int128_makes64() creating an Int128 from a signed 64 bit
value.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210614151007.4545-34-peter.maydell@linaro.org

3 years agobitops.h: Provide hswap32(), hswap64(), wswap64() swapping operations
Peter Maydell [Mon, 14 Jun 2021 15:09:26 +0000 (16:09 +0100)]
bitops.h: Provide hswap32(), hswap64(), wswap64() swapping operations

Currently the ARM SVE helper code defines locally some utility
functions for swapping 16-bit halfwords within 32-bit or 64-bit
values and for swapping 32-bit words within 64-bit values,
parallel to the byte-swapping bswap16/32/64 functions.

We want these also for the ARM MVE code, and they're potentially
generally useful for other targets, so move them to bitops.h.
(We don't put them in bswap.h with the bswap* functions because
they are implemented in terms of the rotate operations also
defined in bitops.h, and including bitops.h from bswap.h seems
better avoided.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210614151007.4545-17-peter.maydell@linaro.org

3 years agotarget/arm: Move expand_pred_b() data to vec_helper.c
Peter Maydell [Mon, 14 Jun 2021 15:09:23 +0000 (16:09 +0100)]
target/arm: Move expand_pred_b() data to vec_helper.c

For MVE, we want to re-use the large data table from expand_pred_b().
Move the data table to vec_helper.c so it is no longer in an SVE
specific source file.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-14-peter.maydell@linaro.org

3 years agotarget/arm: Add framework for MVE decode
Peter Maydell [Mon, 14 Jun 2021 15:09:20 +0000 (16:09 +0100)]
target/arm: Add framework for MVE decode

Add the framework for decoding MVE insns, with the necessary new
files and the meson.build rules, but no actual content yet.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-11-peter.maydell@linaro.org

3 years agotarget/arm: Implement MVE LETP insn
Peter Maydell [Mon, 14 Jun 2021 15:09:19 +0000 (16:09 +0100)]
target/arm: Implement MVE LETP insn

Implement the MVE LETP insn.  This is like the existing LE loop-end
insn, but it must perform an FPU-enabled check, and on loop-exit it
resets LTPSIZE to 4.

To accommodate the requirement to do something on loop-exit, we drop
the use of condlabel and instead manage both the TB exits manually,
in the same way we already do in trans_WLS().

The other MVE-specific change to the LE insn is that we must raise an
INVSTATE UsageFault insn if LTPSIZE is not 4.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-10-peter.maydell@linaro.org

3 years agotarget/arm: Implement MVE DLSTP
Peter Maydell [Mon, 14 Jun 2021 15:09:18 +0000 (16:09 +0100)]
target/arm: Implement MVE DLSTP

Implement the MVE DLSTP insn; this is like the existing DLS
insn, except that it must do an FPU access check and it
sets LTPSIZE to the value specified in the insn.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-9-peter.maydell@linaro.org

3 years agotarget/arm: Implement MVE WLSTP insn
Peter Maydell [Mon, 14 Jun 2021 15:09:17 +0000 (16:09 +0100)]
target/arm: Implement MVE WLSTP insn

Implement the MVE WLSTP insn; this is like the existing WLS insn,
except that it specifies a size value which is used to set
FPSCR.LTPSIZE.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-8-peter.maydell@linaro.org

3 years agotarget/arm: Implement MVE LCTP
Peter Maydell [Mon, 14 Jun 2021 15:09:16 +0000 (16:09 +0100)]
target/arm: Implement MVE LCTP

Implement the MVE LCTP instruction.

We put its decode and implementation with the other
low-overhead-branch insns because although it is only present if MVE
is implemented it is logically in the same group as the other LOB
insns.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-7-peter.maydell@linaro.org

3 years agotarget/arm: Let vfp_access_check() handle late NOCP checks
Peter Maydell [Mon, 14 Jun 2021 15:09:15 +0000 (16:09 +0100)]
target/arm: Let vfp_access_check() handle late NOCP checks

In commit a3494d4671797c we reworked the M-profile handling of its
checks for when the NOCP exception should be raised because the FPU
is disabled, so that (in line with the architecture) the NOCP check
is done early over a large range of the encoding space, and takes
precedence over UNDEF exceptions.  As part of this, we removed the
code from full_vfp_access_check() which raised an exception there for
M-profile with the FPU disabled, because it was no longer reachable.

For MVE, some instructions which are outside the "coprocessor space"
region of the encoding space must nonetheless do "is the FPU enabled"
checks and possibly raise a NOCP exception.  (In particular this
covers the MVE-specific low-overhead branch insns LCTP, DLSTP and
WLSTP.) To support these insns, reinstate the code in
full_vfp_access_check(), so that their trans functions can call
vfp_access_check() and get the correct behaviour.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-6-peter.maydell@linaro.org

3 years agotarget/arm: Add handling for PSR.ECI/ICI
Peter Maydell [Mon, 14 Jun 2021 15:09:14 +0000 (16:09 +0100)]
target/arm: Add handling for PSR.ECI/ICI

On A-profile, PSR bits [15:10][26:25] are always the IT state bits.
On M-profile, some of the reserved encodings of the IT state are used
to instead indicate partial progress through instructions that were
interrupted partway through by an exception and can be resumed.

These resumable instructions fall into two categories:

(1) load/store multiple instructions, where these bits are called
"ICI" and specify the register in the ldm/stm list where execution
should resume.  (Specifically: LDM, STM, VLDM, VSTM, VLLDM, VLSTM,
CLRM, VSCCLRM.)

(2) MVE instructions subject to beatwise execution, where these bits
are called "ECI" and specify which beats in this and possibly also
the following MVE insn have been executed.

There are also a few insns (LE, LETP, and BKPT) which do not use the
ICI/ECI bits but must leave them alone.

Otherwise, we should raise an INVSTATE UsageFault for any attempt to
execute an insn with non-zero ICI/ECI bits.

So far we have been able to ignore ECI/ICI, because the architecture
allows the IMPDEF choice of "always restart load/store multiple from
the beginning regardless of ICI state", so the only thing we have
been missing is that we don't raise the INVSTATE fault for bad guest
code.  However, MVE requires that we honour ECI bits and do not
rexecute beats of an insn that have already been executed.

Add the support in the decoder for handling ECI/ICI:
 * identify the ECI/ICI case in the CONDEXEC TB flags
 * when a load/store multiple insn succeeds, it updates the ECI/ICI
   state (both in DisasContext and in the CPU state), and sets a flag
   to say that the ECI/ICI state was handled
 * if we find that the insn we just decoded did not handle the
   ECI/ICI state, we delete all the code that we just generated for
   it and instead emit the code to raise the INVFAULT.  This allows
   us to avoid having to update every non-MVE non-LDM/STM insn to
   make it check for "is ECI/ICI set?".

We continue with our existing IMPDEF choice of not caring about the
ICI state for the load/store multiples and simply restarting them
from the beginning.  Because we don't allow interrupts in the middle
of an insn, the only way we would see this state is if the guest set
ICI manually on return from an exception handler, so it's a corner
case which doesn't merit optimisation.

ICI update for LDM/STM is simple -- it always zeroes the state.  ECI
update for MVE beatwise insns will be a little more complex, since
the ECI state may include information for the following insn.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-5-peter.maydell@linaro.org

3 years agotarget/arm: Handle VPR semantics in existing code
Peter Maydell [Mon, 14 Jun 2021 15:09:13 +0000 (16:09 +0100)]
target/arm: Handle VPR semantics in existing code

When MVE is supported, the VPR register has a place on the exception
stack frame in a previously reserved slot just above the FPSCR.
It must also be zeroed in various situations when we invalidate
FPU context.

Update the code which handles the stack frames (exception entry and
exit code, VLLDM, and VLSTM) to save/restore VPR.

Update code which invalidates FP registers (mostly also exception
entry and exit code, but also VSCCLRM and the code in
full_vfp_access_check() that corresponds to the ExecuteFPCheck()
pseudocode) to zero VPR.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-4-peter.maydell@linaro.org

3 years agotarget/arm: Enable FPSCR.QC bit for MVE
Peter Maydell [Mon, 14 Jun 2021 15:09:12 +0000 (16:09 +0100)]
target/arm: Enable FPSCR.QC bit for MVE

MVE has an FPSCR.QC bit similar to the A-profile Neon one; when MVE
is implemented make the bit writeable, both in the generic "load and
store FPSCR" helper functions and in the code for handling the NZCVQC
sysreg which we had previously left as "TODO when we implement MVE".

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-3-peter.maydell@linaro.org

3 years agotarget/arm: Provide and use H8 and H1_8 macros
Peter Maydell [Mon, 14 Jun 2021 15:09:11 +0000 (16:09 +0100)]
target/arm: Provide and use H8 and H1_8 macros

Currently we provide Hn and H1_n macros for accessing the correct
data within arrays of vector elements of size 1, 2 and 4, accounting
for host endianness.  We don't provide any macros for elements of
size 8 because there the host endianness doesn't matter.  However,
this does result in awkwardness where we need to pass empty arguments
to macros, because checkpatch complains about them.  The empty
argument is a little confusing for humans to read as well.

Add H8() and H1_8() macros and use them where we were previously
passing empty arguments to macros.

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210614151007.4545-2-peter.maydell@linaro.org
Message-id: 20210610132505.5827-1-peter.maydell@linaro.org

3 years agohw/arm: quanta-q71l add pca954x muxes
Patrick Venture [Tue, 8 Jun 2021 20:25:22 +0000 (13:25 -0700)]
hw/arm: quanta-q71l add pca954x muxes

Adds the pca954x muxes expected.

Tested: Booted quanta-q71l image to userspace.
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-id: 20210608202522.2677850-4-venture@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agohw/arm: gsj add pca9548
Patrick Venture [Tue, 8 Jun 2021 20:25:21 +0000 (13:25 -0700)]
hw/arm: gsj add pca9548

Tested: Quanta-gsj firmware booted.

i2c /dev entries driver
I2C init bus 1 freq 100000
I2C init bus 2 freq 100000
I2C init bus 3 freq 100000
I2C init bus 4 freq 100000
I2C init bus 8 freq 100000
I2C init bus 9 freq 100000
at24 9-0055: 8192 byte 24c64 EEPROM, writable, 1 bytes/write
I2C init bus 10 freq 100000
at24 10-0055: 8192 byte 24c64 EEPROM, writable, 1 bytes/write
I2C init bus 12 freq 100000
I2C init bus 15 freq 100000
i2c i2c-15: Added multiplexed i2c bus 16
i2c i2c-15: Added multiplexed i2c bus 17
i2c i2c-15: Added multiplexed i2c bus 18
i2c i2c-15: Added multiplexed i2c bus 19
i2c i2c-15: Added multiplexed i2c bus 20
i2c i2c-15: Added multiplexed i2c bus 21
i2c i2c-15: Added multiplexed i2c bus 22
i2c i2c-15: Added multiplexed i2c bus 23
pca954x 15-0075: registered 8 multiplexed busses for I2C switch pca9548

Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-id: 20210608202522.2677850-3-venture@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agohw/arm: gsj add i2c comments
Patrick Venture [Tue, 8 Jun 2021 20:25:20 +0000 (13:25 -0700)]
hw/arm: gsj add i2c comments

Adds comments to the board init to identify missing i2c devices.

Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-id: 20210608202522.2677850-2-venture@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agotarget/arm: Fix mte page crossing test
Richard Henderson [Sat, 12 Jun 2021 19:57:07 +0000 (12:57 -0700)]
target/arm: Fix mte page crossing test

The test was off-by-one, because tag_last points to the
last byte of the tag to check, thus tag_last - prev_page
will equal TARGET_PAGE_SIZE when we use the first byte
of the next page.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/403
Reported-by: Peter Collingbourne <pcc@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210612195707.840217-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoMerge remote-tracking branch 'remotes/kraxel/tags/vga-20210615-pull-request' into...
Peter Maydell [Wed, 16 Jun 2021 13:32:43 +0000 (14:32 +0100)]
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20210615-pull-request' into staging

vga: fixes for stdvga, vhost-user-gpu and virtio-gpu.

# gpg: Signature made Tue 15 Jun 2021 18:40:11 BST
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/vga-20210615-pull-request:
  virtio-gpu: move scanout_id sanity check
  vhost-user-gpu: reorder free calls.
  vga: Allow writing VBE_DISPI_ID5 to ID register

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3 years agoconfigure: Remove probe for _Static_assert
Richard Henderson [Mon, 14 Jun 2021 23:31:43 +0000 (16:31 -0700)]
configure: Remove probe for _Static_assert

_Static_assert is part of C11, which is now required.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210614233143.1221879-9-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoqemu/compiler: Remove QEMU_GENERIC
Richard Henderson [Mon, 14 Jun 2021 23:31:42 +0000 (16:31 -0700)]
qemu/compiler: Remove QEMU_GENERIC

All previous users now use C11 _Generic.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-8-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoinclude/qemu/lockable: Use _Generic instead of QEMU_GENERIC
Richard Henderson [Mon, 14 Jun 2021 23:31:41 +0000 (16:31 -0700)]
include/qemu/lockable: Use _Generic instead of QEMU_GENERIC

This is both more and less complicated than our expansion
using __builtin_choose_expr and __builtin_types_compatible_p.

The expansion through QEMU_MAKE_LOCKABLE_ doesn't work because
we're not emumerating all of the types within the same _Generic,
which results in errors about unhandled cases.  We must also
handle void* explicitly, so that the NULL constant can be used.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-7-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoutil: Use unique type for QemuRecMutex in thread-posix.h
Richard Henderson [Mon, 14 Jun 2021 23:31:40 +0000 (16:31 -0700)]
util: Use unique type for QemuRecMutex in thread-posix.h

We will shortly convert lockable.h to _Generic, and we cannot
have two compatible types in the same expansion.  Wrap QemuMutex
in a struct, and unwrap in qemu-thread-posix.c.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210614233143.1221879-6-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoutil: Pass file+line to qemu_rec_mutex_unlock_impl
Richard Henderson [Mon, 14 Jun 2021 23:31:39 +0000 (16:31 -0700)]
util: Pass file+line to qemu_rec_mutex_unlock_impl

Create macros for file+line expansion in qemu_rec_mutex_unlock
like we have for qemu_mutex_unlock.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210614233143.1221879-5-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoutil: Use real functions for thread-posix QemuRecMutex
Richard Henderson [Mon, 14 Jun 2021 23:31:38 +0000 (16:31 -0700)]
util: Use real functions for thread-posix QemuRecMutex

Move the declarations from thread-win32.h into thread.h
and remove the macro redirection from thread-posix.h.
This will be required by following cleanups.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210614233143.1221879-4-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agosoftfloat: Use _Generic instead of QEMU_GENERIC
Richard Henderson [Mon, 14 Jun 2021 23:31:37 +0000 (16:31 -0700)]
softfloat: Use _Generic instead of QEMU_GENERIC

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210614233143.1221879-3-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoconfigure: Use -std=gnu11
Richard Henderson [Mon, 14 Jun 2021 23:31:36 +0000 (16:31 -0700)]
configure: Use -std=gnu11

Now that the minimum gcc version is 7.5, we can use C11.
This will allow lots of cleanups to the code, currently
hidden behind macros in include/qemu/compiler.h.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210614233143.1221879-2-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agotarget/i386: Added Intercept CR0 writes check
Lara Lazier [Wed, 16 Jun 2021 12:39:07 +0000 (14:39 +0200)]
target/i386: Added Intercept CR0 writes check

When the selective CR0 write intercept is set, all writes to bits in
CR0 other than CR0.TS or CR0.MP cause a VMEXIT.

Signed-off-by: Lara Lazier <laramglazier@gmail.com>
Message-Id: <20210616123907.17765-5-laramglazier@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agotarget/i386: Added consistency checks for CR0
Lara Lazier [Wed, 16 Jun 2021 12:39:06 +0000 (14:39 +0200)]
target/i386: Added consistency checks for CR0

The combination of unset CD and set NW bit in CR0 is illegal.
CR0[63:32] are also reserved and need to be zero.
(AMD64 Architecture Programmer's Manual, V2, 15.5)

Signed-off-by: Lara Lazier <laramglazier@gmail.com>
Message-Id: <20210616123907.17765-4-laramglazier@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agotarget/i386: Added consistency checks for VMRUN intercept and ASID
Lara Lazier [Wed, 16 Jun 2021 12:39:05 +0000 (14:39 +0200)]
target/i386: Added consistency checks for VMRUN intercept and ASID

Zero VMRUN intercept and ASID should cause an immediate VMEXIT
during the consistency checks performed by VMRUN.
(AMD64 Architecture Programmer's Manual, V2, 15.5)

Signed-off-by: Lara Lazier <laramglazier@gmail.com>
Message-Id: <20210616123907.17765-3-laramglazier@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agotarget/i386: Refactored intercept checks into cpu_svm_has_intercept
Lara Lazier [Wed, 16 Jun 2021 12:39:04 +0000 (14:39 +0200)]
target/i386: Refactored intercept checks into cpu_svm_has_intercept

Added cpu_svm_has_intercept to reduce duplication when checking the
corresponding intercept bit outside of cpu_svm_check_intercept_param

Signed-off-by: Lara Lazier <laramglazier@gmail.com>
Message-Id: <20210616123907.17765-2-laramglazier@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoconfigure: Remove probe for _Static_assert
Richard Henderson [Mon, 14 Jun 2021 23:31:43 +0000 (16:31 -0700)]
configure: Remove probe for _Static_assert

_Static_assert is part of C11, which is now required.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-9-richard.henderson@linaro.org>

3 years agoqemu/compiler: Remove QEMU_GENERIC
Richard Henderson [Mon, 14 Jun 2021 23:31:42 +0000 (16:31 -0700)]
qemu/compiler: Remove QEMU_GENERIC

All previous users now use C11 _Generic.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-8-richard.henderson@linaro.org>

3 years agoinclude/qemu/lockable: Use _Generic instead of QEMU_GENERIC
Richard Henderson [Mon, 14 Jun 2021 23:31:41 +0000 (16:31 -0700)]
include/qemu/lockable: Use _Generic instead of QEMU_GENERIC

This is both more and less complicated than our expansion
using __builtin_choose_expr and __builtin_types_compatible_p.

The expansion through QEMU_MAKE_LOCKABLE_ doesn't work because
we're not emumerating all of the types within the same _Generic,
which results in errors about unhandled cases.  We must also
handle void* explicitly, so that the NULL constant can be used.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-7-richard.henderson@linaro.org>

3 years agoutil: Use unique type for QemuRecMutex in thread-posix.h
Richard Henderson [Mon, 14 Jun 2021 23:31:40 +0000 (16:31 -0700)]
util: Use unique type for QemuRecMutex in thread-posix.h

We will shortly convert lockable.h to _Generic, and we cannot
have two compatible types in the same expansion.  Wrap QemuMutex
in a struct, and unwrap in qemu-thread-posix.c.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-6-richard.henderson@linaro.org>

3 years agoutil: Pass file+line to qemu_rec_mutex_unlock_impl
Richard Henderson [Mon, 14 Jun 2021 23:31:39 +0000 (16:31 -0700)]
util: Pass file+line to qemu_rec_mutex_unlock_impl

Create macros for file+line expansion in qemu_rec_mutex_unlock
like we have for qemu_mutex_unlock.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-5-richard.henderson@linaro.org>

3 years agoutil: Use real functions for thread-posix QemuRecMutex
Richard Henderson [Mon, 14 Jun 2021 23:31:38 +0000 (16:31 -0700)]
util: Use real functions for thread-posix QemuRecMutex

Move the declarations from thread-win32.h into thread.h
and remove the macro redirection from thread-posix.h.
This will be required by following cleanups.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-4-richard.henderson@linaro.org>

3 years agosoftfloat: Use _Generic instead of QEMU_GENERIC
Richard Henderson [Mon, 14 Jun 2021 23:31:37 +0000 (16:31 -0700)]
softfloat: Use _Generic instead of QEMU_GENERIC

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-3-richard.henderson@linaro.org>

3 years agoconfigure: Use -std=gnu11
Richard Henderson [Mon, 14 Jun 2021 23:31:36 +0000 (16:31 -0700)]
configure: Use -std=gnu11

Now that the minimum gcc version is 7.5, we can use C11.
This will allow lots of cleanups to the code, currently
hidden behind macros in include/qemu/compiler.h.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210614233143.1221879-2-richard.henderson@linaro.org>

3 years agoconfigure: map x32 to cpu_family x86_64 for meson
David Michael [Wed, 9 Jun 2021 12:28:39 +0000 (08:28 -0400)]
configure: map x32 to cpu_family x86_64 for meson

The meson.build file defines supported_cpus which does not contain
x32, and x32 is not one of meson's stable built-in values:
https://mesonbuild.com/Reference-tables.html#cpu-families

Signed-off-by: David Michael <fedora.dm0@gmail.com>
Message-Id: <878s3jrzm0.fsf@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agohmp: Print "reserve" property of memory backends with "info memdev"
David Hildenbrand [Mon, 10 May 2021 11:43:28 +0000 (13:43 +0200)]
hmp: Print "reserve" property of memory backends with "info memdev"

Let's print the new property.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Eric Blake <eblake@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-16-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoqmp: Include "reserve" property of memory backends
David Hildenbrand [Mon, 10 May 2021 11:43:27 +0000 (13:43 +0200)]
qmp: Include "reserve" property of memory backends

Let's include the new property. Instead of relying on CONFIG_LINUX,
let's try to unconditionally grab the property and treat errors as
"does not exist".

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Cc: Eric Blake <eblake@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-15-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agohmp: Print "share" property of memory backends with "info memdev"
David Hildenbrand [Mon, 10 May 2021 11:43:26 +0000 (13:43 +0200)]
hmp: Print "share" property of memory backends with "info memdev"

Let's print the property.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Eric Blake <eblake@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-14-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoqmp: Include "share" property of memory backends
David Hildenbrand [Mon, 10 May 2021 11:43:25 +0000 (13:43 +0200)]
qmp: Include "share" property of memory backends

Let's include the property, which can be helpful when debugging,
for example, to spot misuse of MAP_PRIVATE which can result in some ugly
corner cases (e.g., double-memory consumption on shmem).

Use the same description we also use for describing the property.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Cc: Eric Blake <eblake@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-13-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoqmp: Clarify memory backend properties returned via query-memdev
David Hildenbrand [Mon, 10 May 2021 11:43:24 +0000 (13:43 +0200)]
qmp: Clarify memory backend properties returned via query-memdev

We return information on the currently configured memory backends and
don't configure them, so decribe what the currently set properties
express.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Suggested-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Cc: Eric Blake <eblake@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-12-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agohostmem: Wire up RAM_NORESERVE via "reserve" property
David Hildenbrand [Mon, 10 May 2021 11:43:23 +0000 (13:43 +0200)]
hostmem: Wire up RAM_NORESERVE via "reserve" property

Let's provide a way to control the use of RAM_NORESERVE via memory
backends using the "reserve" property which defaults to true (old
behavior).

Only Linux currently supports clearing the flag (and support is checked at
runtime, depending on the setting of "/proc/sys/vm/overcommit_memory").
Windows and other POSIX systems will bail out with "reserve=false".

The target use case is virtio-mem, which dynamically exposes memory
inside a large, sparse memory area to the VM. This essentially allows
avoiding to set "/proc/sys/vm/overcommit_memory == 0") when using
virtio-mem and also supporting hugetlbfs in the future.

As really only Linux implements RAM_NORESERVE right now, let's expose
the property only with CONFIG_LINUX. Setting the property to "false"
will then only fail in corner cases -- for example on very old kernels
or when memory overcommit was completely disabled by the admin.

Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Eric Blake <eblake@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-11-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoutil/mmap-alloc: Support RAM_NORESERVE via MAP_NORESERVE under Linux
David Hildenbrand [Mon, 10 May 2021 11:43:22 +0000 (13:43 +0200)]
util/mmap-alloc: Support RAM_NORESERVE via MAP_NORESERVE under Linux

Let's support RAM_NORESERVE via MAP_NORESERVE on Linux. The flag has no
effect on most shared mappings - except for hugetlbfs and anonymous memory.

Linux man page:
  "MAP_NORESERVE: Do not reserve swap space for this mapping. When swap
  space is reserved, one has the guarantee that it is possible to modify
  the mapping. When swap space is not reserved one might get SIGSEGV
  upon a write if no physical memory is available. See also the discussion
  of the file /proc/sys/vm/overcommit_memory in proc(5). In kernels before
  2.6, this flag had effect only for private writable mappings."

Note that the "guarantee" part is wrong with memory overcommit in Linux.

Also, in Linux hugetlbfs is treated differently - we configure reservation
of huge pages from the pool, not reservation of swap space (huge pages
cannot be swapped).

The rough behavior is [1]:
a) !Hugetlbfs:

  1) Without MAP_NORESERVE *or* with memory overcommit under Linux
     disabled ("/proc/sys/vm/overcommit_memory == 2"), the following
     accounting/reservation happens:
      For a file backed map
       SHARED or READ-only - 0 cost (the file is the map not swap)
       PRIVATE WRITABLE - size of mapping per instance

      For an anonymous or /dev/zero map
       SHARED   - size of mapping
       PRIVATE READ-only - 0 cost (but of little use)
       PRIVATE WRITABLE - size of mapping per instance

  2) With MAP_NORESERVE, no accounting/reservation happens.

b) Hugetlbfs:

  1) Without MAP_NORESERVE, huge pages are reserved.

  2) With MAP_NORESERVE, no huge pages are reserved.

Note: With "/proc/sys/vm/overcommit_memory == 0", we were already able
to configure it for !hugetlbfs globally; this toggle now allows
configuring it more fine-grained, not for the whole system.

The target use case is virtio-mem, which dynamically exposes memory
inside a large, sparse memory area to the VM.

[1] https://www.kernel.org/doc/Documentation/vm/overcommit-accounting

Reviewed-by: Peter Xu <peterx@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-10-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agomemory: Introduce RAM_NORESERVE and wire it up in qemu_ram_mmap()
David Hildenbrand [Mon, 10 May 2021 11:43:21 +0000 (13:43 +0200)]
memory: Introduce RAM_NORESERVE and wire it up in qemu_ram_mmap()

Let's introduce RAM_NORESERVE, allowing mmap'ing with MAP_NORESERVE. The
new flag has the following semantics:

"
RAM is mmap-ed with MAP_NORESERVE. When set, reserving swap space (or huge
pages if applicable) is skipped: will bail out if not supported. When not
set, the OS will do the reservation, if supported for the memory type.
"

Allow passing it into:
- memory_region_init_ram_nomigrate()
- memory_region_init_resizeable_ram()
- memory_region_init_ram_from_file()

... and teach qemu_ram_mmap() and qemu_anon_ram_alloc() about the flag.
Bail out if the flag is not supported, which is the case right now for
both, POSIX and win32. We will add Linux support next and allow specifying
RAM_NORESERVE via memory backends.

The target use case is virtio-mem, which dynamically exposes memory
inside a large, sparse memory area to the VM.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-9-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agoutil/mmap-alloc: Pass flags instead of separate bools to qemu_ram_mmap()
David Hildenbrand [Mon, 10 May 2021 11:43:20 +0000 (13:43 +0200)]
util/mmap-alloc: Pass flags instead of separate bools to qemu_ram_mmap()

Let's pass flags instead of bools to prepare for passing other flags and
update the documentation of qemu_ram_mmap(). Introduce new QEMU_MAP_
flags that abstract the mmap() PROT_ and MAP_ flag handling and simplify
it.

We expose only flags that are currently supported by qemu_ram_mmap().
Maybe, we'll see qemu_mmap() in the future as well that can implement these
flags.

Note: We don't use MAP_ flags as some flags (e.g., MAP_SYNC) are only
defined for some systems and we want to always be able to identify
these flags reliably inside qemu_ram_mmap() -- for example, to properly
warn when some future flags are not available or effective on a system.
Also, this way we can simplify PROT_ handling as well.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-8-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agosoftmmu/memory: Pass ram_flags to qemu_ram_alloc() and qemu_ram_alloc_internal()
David Hildenbrand [Mon, 10 May 2021 11:43:19 +0000 (13:43 +0200)]
softmmu/memory: Pass ram_flags to qemu_ram_alloc() and qemu_ram_alloc_internal()

Let's pass ram_flags to qemu_ram_alloc() and qemu_ram_alloc_internal(),
preparing for passing additional flags.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-7-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 years agosoftmmu/memory: Pass ram_flags to memory_region_init_ram_shared_nomigrate()
David Hildenbrand [Mon, 10 May 2021 11:43:18 +0000 (13:43 +0200)]
softmmu/memory: Pass ram_flags to memory_region_init_ram_shared_nomigrate()

Let's forward ram_flags instead, renaming
memory_region_init_ram_shared_nomigrate() into
memory_region_init_ram_flags_nomigrate().

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com> for memory backend and machine core
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210510114328.21835-6-david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>