Greg Kurz [Mon, 10 Aug 2020 16:55:29 +0000 (18:55 +0200)]
spapr/xive: Simplify error handling of kvmppc_xive_cpu_synchronize_state()
Now that kvmppc_xive_cpu_get_state() returns negative on error, use that
and get rid of the temporary Error object and error_propagate().
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707852916.1489912.8376334685349668124.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:55:22 +0000 (18:55 +0200)]
ppc/xive: Simplify error handling in xive_tctx_realize()
Now that kvmppc_xive_cpu_connect() returns a negative errno on failure,
use that and get rid of the local_err boilerplate.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707852234.1489912.16410314514265848075.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:55:15 +0000 (18:55 +0200)]
spapr/xive: Simplify error handling in kvmppc_xive_connect()
Now that all these functions return a negative errno on failure, check
that and get rid of the local_err boilerplate.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707851537.1489912.1030839306195472651.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:55:08 +0000 (18:55 +0200)]
ppc/xive: Fix error handling in vmstate_xive_tctx_*() callbacks
Now that kvmppc_xive_cpu_get_state() and kvmppc_xive_cpu_set_state()
return negative errnos on failures, use that instead local_err because
it is the recommended practice. Also return that instead of -1 since
vmstate expects negative errnos.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707850840.1489912.14912810818646455474.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:55:01 +0000 (18:55 +0200)]
spapr/xive: Fix error handling in kvmppc_xive_post_load()
Now that all these functions return a negative errno on failure, check
that because it is preferred to local_err. And most of all, propagate it
because vmstate expects negative errnos.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707850148.1489912.18355118622296682631.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:54 +0000 (18:54 +0200)]
spapr/kvm: Fix error handling in kvmppc_xive_pre_save()
Now that kvmppc_xive_get_queues() returns a negative errno on failure, check
with that because it is preferred to local_err. And most of all, propagate
it because vmstate expects negative errnos.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707849455.1489912.6034461176847728064.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:47 +0000 (18:54 +0200)]
spapr/xive: Rework error handling of kvmppc_xive_set_source_config()
Since kvm_device_access() returns a negative errno on failure, convert
kvmppc_xive_set_source_config() to use it for error checking. This allows
to get rid of the local_err boilerplate.
Propagate the return value so that callers may use it as well to check
failures.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707848764.1489912.17078842252160674523.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:40 +0000 (18:54 +0200)]
spapr/xive: Rework error handling in kvmppc_xive_get_queues()
Since kvmppc_xive_get_queue_config() has a return value, convert
kvmppc_xive_get_queues() to use it for error checking. This allows
to get rid of the local_err boiler plate.
Propagate the return value so that callers may use it as well to check
failures.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707848069.1489912.14879208798696134531.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:33 +0000 (18:54 +0200)]
spapr/xive: Rework error handling of kvmppc_xive_[gs]et_queue_config()
Since kvm_device_access() returns a negative errno on failure, convert
kvmppc_xive_get_queue_config() and kvmppc_xive_set_queue_config() to
use it for error checking. This allows to get rid of the local_err
boilerplate.
Propagate the return value so that callers may use it as well to check
failures.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707847357.1489912.2032291280645236480.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:26 +0000 (18:54 +0200)]
spapr/xive: Rework error handling of kvmppc_xive_cpu_[gs]et_state()
kvm_set_one_reg() returns a negative errno on failure, use that instead
of errno. Also propagate it to callers so they can use it to check
for failures and hopefully get rid of their local_err boilerplate.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707846665.1489912.14267225652103441921.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:19 +0000 (18:54 +0200)]
spapr/xive: Rework error handling of kvmppc_xive_mmap()
Callers currently check failures of kvmppc_xive_mmap() through the
@errp argument, which isn't a recommanded practice. It is preferred
to use a return value when possible.
Since NULL isn't an invalid address in theory, it seems better to
return MAP_FAILED and to teach callers to handle it.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707845972.1489912.719896767746375765.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:12 +0000 (18:54 +0200)]
spapr/xive: Rework error handling of kvmppc_xive_source_reset()
Since kvmppc_xive_source_reset_one() has a return value, convert
kvmppc_xive_source_reset() to use it for error checking. This
allows to get rid of the local_err boiler plate.
Propagate the return value so that callers may use it as well to check
failures.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707845245.1489912.9151822670764690034.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:54:05 +0000 (18:54 +0200)]
spapr/xive: Rework error handling of kvmppc_xive_cpu_connect()
Use error_setg_errno() instead of error_setg(strerror()). While here,
use -ret instead of errno since kvm_vcpu_enable_cap() returns a negative
errno on failure.
Use ERRP_GUARD() to ensure that errp can be passed to error_append_hint(),
and get rid of the local_err boilerplate.
Propagate the return value so that callers may use it as well to check
failures.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159707844549.1489912.4862921680328017645.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Mon, 10 Aug 2020 16:53:58 +0000 (18:53 +0200)]
spapr: Simplify error handling in spapr_phb_realize()
The spapr_phb_realize() function has a local_err variable which
is used to:
1) check failures of spapr_irq_findone() and spapr_irq_claim()
2) prepend extra information to the error message
Recent work from Markus Armbruster highlighted we get better
code when testing the return value of a function, rather than
setting up all the local_err boiler plate. For similar reasons,
it is now preferred to use ERRP_GUARD() and error_prepend()
rather than error_propagate_prepend().
Since spapr_irq_findone() and spapr_irq_claim() return negative
values in case of failure, do both changes.
This is just cleanup, no functional impact.
Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <159707843851.1489912.6108405733810934642.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Fri, 7 Aug 2020 11:32:21 +0000 (13:32 +0200)]
spapr/xive: Convert KVM device fd checks to assert()
All callers guard these functions with an xive_in_kernel() helper. Make
it clear that they are only to be called when the KVM XIVE device exists.
Note that the check on xive is dropped in kvmppc_xive_disconnect(). It
really cannot be NULL since it comes from set_active_intc() which only
passes pointers to allocated objects.
Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <159679994169.876294.11026653581505077112.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Calls to the KVM XIVE device are guarded by kvm_irqchip_in_kernel(). This
ensures that QEMU won't try to use the device if KVM is disabled or if
an in-kernel irqchip isn't required.
When using ic-mode=dual with the pseries machine, we have two possible
interrupt controllers: XIVE and XICS. The kvm_irqchip_in_kernel() helper
will return true as soon as any of the KVM device is created. It might
lure QEMU to think that the other one is also around, while it is not.
This is exactly what happens with ic-mode=dual at machine init when
claiming IRQ numbers, which must be done on all possible IRQ backends,
eg. RTAS event sources or the PHB0 LSI table : only the KVM XICS device
is active but we end up calling kvmppc_xive_source_reset_one() anyway,
which fails. This doesn't cause any trouble because of another bug :
kvmppc_xive_source_reset_one() lacks an error_setg() and callers don't
see the failure.
Most of the other kvmppc_xive_* functions have similar xive->fd
checks to filter out the case when KVM XIVE isn't active. It
might look safer to have idempotent functions but it doesn't
really help to understand what's going on when debugging.
Since we already have all the kvm_irqchip_in_kernel() in place,
also have the callers to check xive->fd as well before calling
KVM XIVE specific code. This is straight-forward for the spapr
specific XIVE code. Some more care is needed for the platform
agnostic XIVE code since it cannot access xive->fd directly.
Introduce new in_kernel() methods in some base XIVE classes
for this purpose and implement them only in spapr.
In all cases, we still need to call kvm_irqchip_in_kernel() so that
compilers can optimize the kvmppc_xive_* calls away when CONFIG_KVM
isn't defined, thus avoiding the need for stubs.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159679993438.876294.7285654331498605426.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Fri, 7 Aug 2020 11:32:06 +0000 (13:32 +0200)]
ppc/xive: Rework setup of XiveSource::esb_mmio
Depending on whether XIVE is emultated or backed with a KVM XIVE device,
the ESB MMIOs of a XIVE source point to an I/O memory region or a mapped
memory region.
This is currently handled by checking kvm_irqchip_in_kernel() returns
false in xive_source_realize(). This is a bit awkward as we usually
need to do extra things when we're using the in-kernel backend, not
less. But most important, we can do better: turn the existing "xive.esb"
memory region into a plain container, introduce an "xive.esb-emulated"
I/O subregion and rename the existing "xive.esb" subregion in the KVM
code to "xive.esb-kvm". Since "xive.esb-kvm" is added with overlap
and a higher priority, it prevails over "xive.esb-emulated" (ie.
a guest using KVM XIVE will interact with "xive.esb-kvm" instead of
the default "xive.esb-emulated" region.
While here, consolidate the computation of the MMIO region size in
a common helper.
Suggested-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159679992680.876294.7520540158586170894.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Gustavo Romero [Tue, 11 Aug 2020 15:32:35 +0000 (12:32 -0300)]
target/ppc: Integrate icount to purr, vtb, and tbu40
Currently if option '-icount auto' is passed to the QEMU TCG to enable
counting instructions the VM crashes with the following error report when
Linux runs on it:
qemu-system-ppc64: Bad icount read
This happens because read/write access to the SPRs PURR, VTB, and TBU40
is not integrated to the icount framework.
This commit fixes that issue by making the read/write access of these
SPRs aware of icount framework, adding the proper gen_io_start() calls
before calling the helpers to load/store these SPRs in TCG and ensuring
that the associated TBs end immediately after, accordingly to what's in
docs/devel/tcg-icount.rst.
Signed-off-by: Gustavo Romero <gromero@linux.ibm.com>
Message-Id: <20200811153235.4527-1-gromero@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Thu, 6 Aug 2020 16:56:13 +0000 (18:56 +0200)]
spapr/xive: Simplify kvmppc_xive_disconnect()
Since this function begins with:
/* The KVM XIVE device is not in use */
if (!xive || xive->fd == -1) {
return;
}
we obviously don't need to check xive->fd again.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159673297296.766512.14780055521619233656.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Thu, 6 Aug 2020 16:56:05 +0000 (18:56 +0200)]
spapr/xive: Fix xive->fd if kvm_create_device() fails
If the creation of the KVM XIVE device fails for some reasons, the
negative errno ends up in xive->fd, but the rest of the code assumes
that xive->fd either contains an open fd, ie. positive value, or -1.
This doesn't cause any misbehavior except kvmppc_xive_disconnect()
that will try to close(xive->fd) during rollback and likely be
rewarded with an EBADF.
Only set xive->fd with a open fd.
Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159673296585.766512.15404407281299745442.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Greg Kurz [Wed, 5 Aug 2020 15:47:16 +0000 (17:47 +0200)]
spapr: Clarify error and documentation for broken KVM XICS
When starting an L2 KVM guest with `ic-mode=dual,kernel-irqchip=on`,
QEMU fails with:
KVM is too old to support ic-mode=dual,kernel-irqchip=on
This error message was introduced to detect older KVM versions that
didn't allow destruction and re-creation of the XICS KVM device that
we do at reboot. But it is actually the same issue that we get with
nested guests : when running under pseries, KVM currently provides
a genuine XICS device (not the XICS-on-XIVE device that we get
under powernv) which doesn't support destruction/re-creation.
This will eventually be fixed in KVM but in the meantime, update
the error message and documentation to mention the nested case.
While here, mention that in "No XIVE support in KVM" section that
this can also happen with "guest OSes supporting XIVE" since
we check this at init time before starting the guest.
Reported-by: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com> Buglink: https://bugs.launchpad.net/qemu/+bug/1890290 Signed-off-by: Greg Kurz <groug@kaod.org>
Message-Id: <159664243614.622889.18307368735989783528.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This patch adds a new documentation file, ppc-spapr-numa.rst,
informing what developers and user can expect of the NUMA distance
support for the pseries machine, up to QEMU 5.1.
In the (hopefully soon) future, when we rework the NUMA mechanics
of the pseries machine to at least attempt to contemplate user
choice, this doc will be extended to inform about the new
support.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20200803133440.825276-1-danielhb413@gmail.com> Tested-by: Greg Kurz <groug@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
When emulating certain floating point instructions or vector instructions on
PowerPC machines, QEMU did not properly generate the SPE/Embedded Floating-
Point Unavailable interrupt. See the buglink further below for references to
the relevant NXP documentation.
This patch fixes the behavior of some evfs* instructions that were
incorrectly emitting the interrupt.
More importantly, this patch fixes the behavior of several efd* and ev*
instructions that were not generating the interrupt. Triggering the
interrupt for these instructions fixes lazy FPU/vector context switching on
some operating systems like Linux.
Without this patch, the result of some double-precision arithmetic could be
corrupted due to the lack of proper saving and restoring of the upper
32-bit part of the general-purpose registers.
Lijun Pan [Fri, 24 Jul 2020 04:58:43 +0000 (23:58 -0500)]
target/ppc: add vmulh{su}d instructions
vmulhsd: Vector Multiply High Signed Doubleword
vmulhud: Vector Multiply High Unsigned Doubleword
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200724045845.89976-5-ljp@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Fri, 24 Jul 2020 04:58:42 +0000 (23:58 -0500)]
target/ppc: add vmulh{su}w instructions
vmulhsw: Vector Multiply High Signed Word
vmulhuw: Vector Multiply High Unsigned Word
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200724045845.89976-4-ljp@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Fri, 24 Jul 2020 04:58:41 +0000 (23:58 -0500)]
target/ppc: add vmulld to INDEX_op_mul_vec case
Group vmuluwm and vmulld. Make vmulld-specific
changes since it belongs to new ISA 3.1.
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200724045845.89976-3-ljp@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Fri, 24 Jul 2020 04:58:40 +0000 (23:58 -0500)]
Update PowerPC AT_HWCAP2 definition
Add PPC2_FEATURE2_ARCH_3_10 to the PowerPC AT_HWCAP2 definitions.
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200724045845.89976-2-ljp@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Greg Kurz [Thu, 16 Jul 2020 17:11:21 +0000 (19:11 +0200)]
spapr: Forbid nested KVM-HV in pre-power9 compat mode
Nested KVM HV only works if the kernel is using the radix MMU mode, ie.
the CPU is POWER9 and it is not running in some pre-power9 compat mode.
Otherwise, the KVM HV module fails to load in the guest with -ENODEV.
It might be painful for a user to discover this late that nested cannot
work with their setup. Erroring out at machine init instead seems to be
the best we can do.
Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <159491948127.188975.9621435875869177751.stgit@bahia.lan> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Anton Blanchard [Wed, 15 Jul 2020 00:42:28 +0000 (10:42 +1000)]
ppc/spapr: Fix 32 bit logical memory block size assumptions
When testing large LMB sizes (eg 4GB), I found a couple of places
that assume they are 32bit in size.
Signed-off-by: Anton Blanchard <anton@ozlabs.org>
Message-Id: <20200715004228.1262681-1-anton@ozlabs.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Wed, 1 Jul 2020 23:43:40 +0000 (18:43 -0500)]
target/ppc: add vmulld instruction
vmulld: Vector Multiply Low Doubleword.
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-6-ljp@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Wed, 1 Jul 2020 23:43:39 +0000 (18:43 -0500)]
target/ppc: convert vmuluwm to tcg_gen_gvec_mul
Convert the original implementation of vmuluwm to the more generic
tcg_gen_gvec_mul.
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-5-ljp@linux.ibm.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Wed, 1 Jul 2020 23:43:38 +0000 (18:43 -0500)]
target/ppc: add byte-reverse br[dwh] instructions
POWER ISA 3.1 introduces following byte-reverse instructions:
brd: Byte-Reverse Doubleword X-form
brw: Byte-Reverse Word X-form
brh: Byte-Reverse Halfword X-form
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-4-ljp@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Wed, 1 Jul 2020 23:43:37 +0000 (18:43 -0500)]
target/ppc: Enable Power ISA 3.1
This patch enables the Power ISA 3.1 in QEMU.
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-3-ljp@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Lijun Pan [Wed, 1 Jul 2020 23:43:36 +0000 (18:43 -0500)]
target/ppc: Introduce Power ISA 3.1 flag
This flag will be used for Power10 instructions.
Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-2-ljp@linux.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
target/ppc: Fix TCG leak with the evmwsmiaa instruction
Fix double-call to tcg_temp_new_i64(), where a temp is allocated both at
declaration time and further down the implementation of gen_evmwsmiaa().
Note that gen_evmwsmia() and gen_evmwsmiaa() are still not implemented
correctly, as they invoke gen_evmwsmi() which may return early, but the
return is not propagated. This will be fixed in my patch for bug #1888918.
Signed-off-by: Matthieu Bucchianeri <matthieu.bucchianeri@leostella.com>
Message-Id: <20200727172114.31415-1-matthieu.bucchianeri@leostella.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Peter Maydell [Tue, 4 Aug 2020 19:39:03 +0000 (20:39 +0100)]
target/arm: Fix Rt/Rt2 in ESR_ELx for copro traps from AArch32 to 64
When a coprocessor instruction in an AArch32 guest traps to AArch32
Hyp mode, the syndrome register (HSR) includes Rt and Rt2 fields
which are simply copies of the Rt and Rt2 fields from the trapped
instruction. However, if the instruction is trapped from AArch32 to
an AArch64 higher exception level, the Rt and Rt2 fields in the
syndrome register (ESR_ELx) must be the AArch64 view of the register.
This makes a difference if the AArch32 guest was in a mode other than
User or System and it was using r13 or r14, or if it was in FIQ mode
and using r8-r14.
We don't know at translate time which AArch32 CPU mode we are in, so
we leave the values we generate in our prototype syndrome register
value at translate time as the raw Rt/Rt2 from the instruction, and
instead correct them to the AArch64 view when we find we need to take
an exception from AArch32 to AArch64 with one of these syndrome
values.
Fixes: https://bugs.launchpad.net/qemu/+bug/1879587 Reported-by: Julien Freche <julien@bedrocksystems.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200804193903.31240-1-peter.maydell@linaro.org
Tuguoyi [Wed, 5 Aug 2020 09:22:58 +0000 (09:22 +0000)]
qcow2-cluster: Fix integer left shift error in qcow2_alloc_cluster_link_l2()
When calculating the offset, the result of left shift operation will be promoted
to type int64 automatically because the left operand of + operator is uint64_t.
but the result after integer promotion may be produce an error value for us and
trigger the following asserting error.
For example, consider i=0x2000, cluster_bits=18, the result of left shift
operation will be 0x80000000. Cause argument i is of signed integer type,
the result is automatically promoted to 0xffffffff80000000 which is not
we expected
The way to trigger the assertion error:
qemu-img create -f qcow2 -o preallocation=full,cluster_size=256k tmpdisk 10G
This patch fix it by casting @i to uint64_t before doing left shift operation
Signed-off-by: Guoyi Tu <tu.guoyi@h3c.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-id: 81ba90fe0c014f269621c283269b42ad@h3c.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Wed, 5 Aug 2020 10:02:46 +0000 (11:02 +0100)]
Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-08-05' into staging
* Test rx-softmmu, avr-softmmu, Centos7 and Debian on gitlab-CI
* Fix compiler warning on 32-bit big endian systems
* Remove remainders of libqemustub.a
* remotes/huth-gitlab/tags/pull-request-2020-08-05:
Get rid of the libqemustub.a remainders
target/riscv/vector_helper: Fix build on 32-bit big endian hosts
gitlab-ci: Fix Avocado cache usage
gitlab-ci.yml: Add build-system-debian and build-system-centos jobs
tests/acceptance: Disable the rx sash and arm cubieboard replay test on Gitlab
tests/docker: Add python3-venv and netcat to the debian-amd64 container
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Thomas Huth [Mon, 3 Aug 2020 19:14:57 +0000 (21:14 +0200)]
Get rid of the libqemustub.a remainders
libqemustub.a has been removed in commit ebedb37c8d ("Makefile: Remove
libqemustub.a"). Some remainders have been missed. Remove them now.
Message-Id: <20200804170055.2851-8-thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Mon, 3 Aug 2020 17:54:36 +0000 (19:54 +0200)]
target/riscv/vector_helper: Fix build on 32-bit big endian hosts
The code currently fails to compile on 32-bit big endian hosts:
target/riscv/vector_helper.c: In function 'vext_clear':
target/riscv/vector_helper.c:154:16: error: cast to pointer from integer
of different size [-Werror=int-to-pointer-cast]
memset((void *)((uintptr_t)tail & ~(7ULL)), 0, part1);
^
target/riscv/vector_helper.c:155:16: error: cast to pointer from integer
of different size [-Werror=int-to-pointer-cast]
memset((void *)(((uintptr_t)tail + 8) & ~(7ULL)), 0, part2);
^
cc1: all warnings being treated as errors
We should not use "long long" (i.e. 64-bit) values here to avoid the
problem. Switch to our QEMU_ALIGN_PTR_DOWN/UP macros instead.
Fixes: 751538d5da ("add vector stride load and store instructions") Suggested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200804170055.2851-3-thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 30 Jul 2020 08:35:48 +0000 (10:35 +0200)]
gitlab-ci: Fix Avocado cache usage
In commit 6957fd98dc ("gitlab: add avocado asset caching") we
tried to save the Avocado cache (as in commit c1073e44b4 with
Travis-CI) however it doesn't work as expected. For some reason
Avocado uses /root/avocado_cache/ which we can not select later.
Manually generate a Avocado config to force the use of the
current job's directory.
This patch is based on an earlier version from Philippe Mathieu-Daudé.
Message-Id: <20200730141326.8260-5-thuth@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Tue, 14 Jul 2020 15:35:45 +0000 (17:35 +0200)]
gitlab-ci.yml: Add build-system-debian and build-system-centos jobs
We were missing the two new targets avr-softmmu and rx-softmmu in the
gitlab-CI so far, and did not add some of the "other endianess" targets
like sh4eb-softmmu yet.
Since the current build-system-* jobs run already for a very long time,
let's do not add these missing targets there, but introduce two new
additional build jobs, one running with Debian and one running with
CentOS, and add the new targets there. Also move some targets from
the old build-system-* jobs to these new targets, to distribute the
load and reduce the runtime of the CI.
Message-Id: <20200730141326.8260-4-thuth@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Thu, 23 Jul 2020 06:36:04 +0000 (08:36 +0200)]
tests/acceptance: Disable the rx sash and arm cubieboard replay test on Gitlab
These tests always time out on Gitlab, not sure what's happening here.
Let's disable them until somebody has enough spare time to debug the
issues.
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Reviewed-by: Cleber Rosa <crosa@redhat.com>
Message-Id: <20200730141326.8260-3-thuth@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Wed, 15 Jul 2020 04:35:01 +0000 (06:35 +0200)]
tests/docker: Add python3-venv and netcat to the debian-amd64 container
Without python3-venv, I get the following message when trying to
run the acceptance tests within the debian container:
The virtual environment was not created successfully because ensurepip is not
available. On Debian/Ubuntu systems, you need to install the python3-venv
package using the following command.
apt-get install python3-venv
You may need to use sudo with that command. After installing the python3-venv
package, recreate your virtual environment.
Let's do it as the message suggests.
And while we're at it, also add netcat here since it is required for
some of the acceptance tests.
Message-Id: <20200730141326.8260-2-thuth@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bruce Rogers [Thu, 30 Jul 2020 13:05:19 +0000 (07:05 -0600)]
virtio-mem: Correct format specifier mismatch for RISC-V
This likely affects other, less popular host architectures as well.
Less common host architectures under linux get QEMU_VMALLOC_ALIGN (from
which VIRTIO_MEM_MIN_BLOCK_SIZE is derived) define to a variable of
type uintptr, which isn't compatible with the format specifier used to
print a user message. Since this particular usage of the underlying data
seems unique to this file, the simple fix is to just cast
QEMU_VMALLOC_ALIGN to uint32_t, which corresponds to the format specifier
used.
Signed-off-by: Bruce Rogers <brogers@suse.com>
Message-Id: <20200730130519.168475-1-brogers@suse.com> Acked-by: David Hildenbrand <david@redhat.com> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Pankaj Gupta <pankaj.gupta.linux@gmail.com>
These instructions use zero as the discriminator, not SP.
Signed-off-by: Peter Collingbourne <pcc@google.com>
Message-id: 20200804002849.30268-1-pcc@google.com Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When support for this feature went in, the update to the
documentation was forgotten.
Fixes: 067e8b0f45d6 Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200803205708.315829-1-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
accel/xen: Fix xen_enabled() behavior on target-agnostic objects
CONFIG_XEN is generated by configure and stored in "config-target.h",
which is (obviously) only include for target-specific objects.
This is a problem for target-agnostic objects as CONFIG_XEN is never
defined and xen_enabled() is always inlined as 'false'.
Fix by following the KVM schema, defining CONFIG_XEN_IS_POSSIBLE
when we don't know to force the call of the non-inlined function,
returning the xen_allowed boolean.
Fixes: da278d58a092 ("accel: Move Xen accelerator code under accel/xen/") Reported-by: Paul Durrant <pdurrant@amazon.com> Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Paul Durrant <paul@xen.org> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Message-Id: <20200804074930.13104-2-philmd@redhat.com> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Peter Maydell [Tue, 4 Aug 2020 09:20:08 +0000 (10:20 +0100)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
# gpg: Signature made Tue 04 Aug 2020 07:15:08 BST
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
hw/net/net_tx_pkt: fix assertion failure in net_tx_pkt_add_raw_fragment()
colo-compare: Remove superfluous NULL-pointer checks for s->iothread
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
hw/net/net_tx_pkt: fix assertion failure in net_tx_pkt_add_raw_fragment()
An assertion failure issue was found in the code that processes network packets
while adding data fragments into the packet context. It could be abused by a
malicious guest to abort the QEMU process on the host. This patch replaces the
affected assert() with a conditional statement, returning false if the current
data fragment exceeds max_raw_frags.
Reported-by: Alexander Bulekov <alxndr@bu.edu> Reported-by: Ziming Zhang <ezrakiez@gmail.com> Reviewed-by: Dmitry Fleytman <dmitry.fleytman@gmail.com> Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
colo-compare: Remove superfluous NULL-pointer checks for s->iothread
s->iothread is checked for NULL on object creation in colo_compare_complete,
so it's guaranteed not to be NULL.
This resolves a false alert from Coverity (CID 1429969).
Peter Maydell [Mon, 3 Aug 2020 19:34:26 +0000 (20:34 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200803' into staging
target-arm queue:
* hw/timer/imx_epit: Avoid assertion when CR.SWR is written
* netduino2, netduinoplus2, microbit: set system_clock_scale so that
SysTick running on the CPU clock works
* target/arm: Avoid maybe-uninitialized warning with gcc 4.9
* target/arm: Fix AddPAC error indication
* Make AIRCR.SYSRESETREQ actually reset the system for the
microbit, mps2-*, musca-*, netduino* boards
* remotes/pmaydell/tags/pull-target-arm-20200803:
hw/timer/imx_epit: Avoid assertion when CR.SWR is written
hw/arm/nrf51_soc: Set system_clock_scale
target/arm: Avoid maybe-uninitialized warning with gcc 4.9
target/arm: Fix AddPAC error indication
msf2-soc, stellaris: Don't wire up SYSRESETREQ
hw/intc/armv7m_nvic: Provide default "reset the system" behaviour for SYSRESETREQ
include/hw/irq.h: New function qemu_irq_is_connected()
hw/arm/netduino2, netduinoplus2: Set system_clock_scale
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 27 Jul 2020 15:45:50 +0000 (16:45 +0100)]
hw/timer/imx_epit: Avoid assertion when CR.SWR is written
The imx_epit device has a software-controllable reset triggered by
setting the SWR bit in the CR register. An error in commit cc2722ec83ad9
means that we will end up assert()ing if the guest does this, because
the code in imx_epit_write() starts ptimer transactions, and then
imx_epit_reset() also starts ptimer transactions, triggering
"ptimer_transaction_begin: Assertion `!s->in_transaction' failed".
The cleanest way to avoid this double-transaction is to move the
start-transaction for the CR write handling down below the check of
the SWR bit.
Fixes: https://bugs.launchpad.net/qemu/+bug/1880424 Fixes: cc2722ec83ad944505fe Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200727154550.3409-1-peter.maydell@linaro.org
Peter Maydell [Mon, 27 Jul 2020 19:34:58 +0000 (20:34 +0100)]
hw/arm/nrf51_soc: Set system_clock_scale
The nrf51 SoC model wasn't setting the system_clock_scale
global.which meant that if guest code used the systick timer in "use
the processor clock" mode it would hang because time never advances.
Set the global to match the documented CPU clock speed for this SoC.
This SoC in fact doesn't have a SysTick timer (which is the only thing
currently that cares about the system_clock_scale), because it's
a configurable option in the Cortex-M0. However our Cortex-M0 and
thus our nrf51 and our micro:bit board do provide a SysTick, so
we ought to provide a functional one rather than a broken one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200727193458.31250-1-peter.maydell@linaro.org
Kaige Li [Mon, 3 Aug 2020 16:55:04 +0000 (17:55 +0100)]
target/arm: Avoid maybe-uninitialized warning with gcc 4.9
GCC version 4.9.4 isn't clever enough to figure out that all
execution paths in disas_ldst() that use 'fn' will have initialized
it first, and so it warns:
/home/LiKaige/qemu/target/arm/translate-a64.c: In function ‘disas_ldst’:
/home/LiKaige/qemu/target/arm/translate-a64.c:3392:5: error: ‘fn’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
fn(cpu_reg(s, rt), clean_addr, tcg_rs, get_mem_index(s),
^
/home/LiKaige/qemu/target/arm/translate-a64.c:3318:22: note: ‘fn’ was declared here
AtomicThreeOpFn *fn;
^
Make it happy by initializing the variable to NULL.
Signed-off-by: Kaige Li <likaige@loongson.cn>
Message-id: 1596110248-7366-2-git-send-email-likaige@loongson.cn Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: Clean up commit message and note which gcc version this was] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The definition of top_bit used in this function is one higher
than that used in the Arm ARM psuedo-code, which put the error
indication at top_bit - 1 at the wrong place, which meant that
it wasn't visible to Auth.
Fixing the definition of top_bit requires more changes, because
its most common use is for the count of bits in top_bit:bot_bit,
which would then need to be computed as top_bit - bot_bit + 1.
For now, prefer the minimal fix to the error indication alone.
Fixes: 63ff0ca94cb Reported-by: Derrick McKee <derrick.mckee@gmail.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200728195706.11087-1-richard.henderson@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: added comment about the divergence from the pseudocode] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 3 Aug 2020 16:55:03 +0000 (17:55 +0100)]
msf2-soc, stellaris: Don't wire up SYSRESETREQ
The MSF2 SoC model and the Stellaris board code both wire
SYSRESETREQ up to a function that just invokes
qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
This is now the default action that the NVIC does if the line is
not connected, so we can delete the handling code.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200728103744.6909-4-peter.maydell@linaro.org
Peter Maydell [Mon, 3 Aug 2020 16:55:03 +0000 (17:55 +0100)]
hw/intc/armv7m_nvic: Provide default "reset the system" behaviour for SYSRESETREQ
The NVIC provides an outbound qemu_irq "SYSRESETREQ" which it signals
when the guest sets the SYSRESETREQ bit in the AIRCR register. This
matches the hardware design (where the CPU has a signal of this name
and it is up to the SoC to connect that up to an actual reset
mechanism), but in QEMU it mostly results in duplicated code in SoC
objects and bugs where SoC model implementors forget to wire up the
SYSRESETREQ line.
Provide a default behaviour for the case where SYSRESETREQ is not
actually connected to anything: use qemu_system_reset_request() to
perform a system reset. This will allow us to remove the
implementations of SYSRESETREQ handling from the boards where that's
exactly what it does, and also fixes the bugs in the board models
which forgot to wire up the signal:
We still allow the board to wire up the signal if it needs to, in case
we need to model more complicated reset controller logic or to model
buggy SoC hardware which forgot to wire up the line itself. But
defaulting to "reset the system" is more often going to be correct
than defaulting to "do nothing".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200728103744.6909-3-peter.maydell@linaro.org
Peter Maydell [Mon, 3 Aug 2020 16:55:03 +0000 (17:55 +0100)]
include/hw/irq.h: New function qemu_irq_is_connected()
Mostly devices don't need to care whether one of their output
qemu_irq lines is connected, because functions like qemu_set_irq()
silently do nothing if there is nothing on the other end. However
sometimes a device might want to implement default behaviour for the
case where the machine hasn't wired the line up to anywhere.
Provide a function qemu_irq_is_connected() that devices can use for
this purpose. (The test is trivial but encapsulating it in a
function makes it easier to see where we're doing it in case we need
to change the implementation later.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200728103744.6909-2-peter.maydell@linaro.org
Peter Maydell [Mon, 3 Aug 2020 16:55:03 +0000 (17:55 +0100)]
hw/arm/netduino2, netduinoplus2: Set system_clock_scale
The netduino2 and netduinoplus2 boards forgot to set the system_clock_scale
global, which meant that if guest code used the systick timer in "use
the processor clock" mode it would hang because time never advances.
Set the global to match the documented CPU clock speed of these boards.
Judging by the data sheet this is slightly simplistic because the
SoC allows configuration of the SYSCLK source and frequency via the
RCC (reset and clock control) module, but we don't model that.
Fixes: https://bugs.launchpad.net/qemu/+bug/1876187 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200727162617.26227-1-peter.maydell@linaro.org
Max Reitz [Thu, 30 Jul 2020 12:02:34 +0000 (14:02 +0200)]
iotests/169: Test source cont with backing bmap
Test migrating from a VM with a persistent bitmap in the backing chain,
and then continuing that VM after the migration
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200730120234.49288-3-mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
Max Reitz [Thu, 30 Jul 2020 12:02:33 +0000 (14:02 +0200)]
qcow2: Release read-only bitmaps when inactivated
During migration, we release all bitmaps after storing them on disk, as
long as they are (1) stored on disk, (2) not read-only, and (3)
consistent.
(2) seems arbitrary, though. The reason we do not release them is
because we do not write them, as there is no need to; and then we just
forget about all bitmaps that we have not written to the file. However,
read-only persistent bitmaps are still in the file and in sync with
their in-memory representation, so we may as well release them just like
any R/W bitmap that we have updated.
It leads to actual problems, too: After migration, letting the source
continue may result in an error if there were any bitmaps on read-only
nodes (such as backing images), because those have not been released by
bdrv_inactive_all(), but bdrv_invalidate_cache_all() attempts to reload
them (which fails, because they are still present in memory).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200730120234.49288-2-mreitz@redhat.com> Tested-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
Andrea Bolognani [Wed, 29 Jul 2020 18:50:24 +0000 (20:50 +0200)]
schemas: Add vim modeline
The various schemas included in QEMU use a JSON-based format which
is, however, strictly speaking not valid JSON.
As a consequence, when vim tries to apply syntax highlight rules
for JSON (as guessed from the file name), the result is an unreadable
mess which mostly consist of red markers pointing out supposed errors
in, well, pretty much everything.
Using Python syntax highlighting produces much better results, and
in fact these files already start with specially-formatted comments
that instruct Emacs to process them as if they were Python files.
This commit adds the equivalent special comments for vim.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Message-Id: <20200729185024.121766-1-abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
qapi: Delete unwanted indentation of top-level expressions
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200730091656.2633334-1-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
[One more line de-indented]
Peter Maydell [Wed, 29 Jul 2020 19:10:19 +0000 (20:10 +0100)]
qapi/machine.json: Fix missing newline in doc comment
In commit 176d2cda0dee9f4 we added the @die-id field
to the CpuInstanceProperties struct, but in the process
accidentally removed the newline between the doc-comment
lines for @core-id and @thread-id.
Put the newline back in; this fixes a misformatting in the
generated HTML QMP reference manual.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200729191019.19168-1-peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
Stefan Hajnoczi [Wed, 29 Jul 2020 15:39:26 +0000 (16:39 +0100)]
tracetool: carefully define SDT_USE_VARIADIC
The dtrace backend defines SDT_USE_VARIADIC as a workaround for a
conflict with a LTTng UST header file, which requires SDT_USE_VARIADIC
to be defined.
LTTng UST <lttng/tracepoint.h> breaks if included after generated dtrace
headers because SDT_USE_VARIADIC will already be defined:
Be more careful when defining SDT_USE_VARIADIC. This fixes the build
when both the dtrace and ust tracers are enabled at the same time.
Fixes: 27e08bab94f7c6ebe0b75938c98c394c969e3fd8 ("tracetool: work around ust <sys/sdt.h> include conflict") Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20200729153926.127083-1-stefanha@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Halil Pasic [Thu, 30 Jul 2020 13:01:56 +0000 (15:01 +0200)]
s390x/s390-virtio-ccw: fix off-by-one in loadparm getter
As pointed out by Peter, g_memdup(ms->loadparm, sizeof(ms->loadparm) + 1)
reads one past of the end of ms->loadparm, so g_memdup() can not be used
here.
Let's use g_strndup instead!
Fixes: d6645483285f ("s390x/s390-virtio-ccw: fix loadparm property getter") Fixes: Coverity CID 1431058 Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Halil Pasic <pasic@linux.ibm.com> Reviewed-by: David Hildenbrand <david@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200730130156.35063-1-pasic@linux.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
trace/simple: Allow enabling simple traces from command line
The simple trace backend is enabled / disabled with a call
to st_set_trace_file_enabled(). When initializing tracing
from the command-line, this must be enabled on startup.
(Prior to db25d56c014aa1a9, command-line initialization of
simple trace worked because every call to st_set_trace_file
enabled tracing.)
Peter Maydell [Tue, 28 Jul 2020 19:43:03 +0000 (20:43 +0100)]
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2020-07-28' into staging
nbd patches for 2020-07-28
- fix NBD handling of trim/zero requests larger than 2G
- allow no-op resizes on NBD (in turn fixing qemu-img convert -c into NBD)
- several deadlock fixes when using NBD reconnect
* remotes/ericb/tags/pull-nbd-2020-07-28:
block/nbd: nbd_co_reconnect_loop(): don't sleep if drained
block/nbd: on shutdown terminate connection attempt
block/nbd: allow drain during reconnect attempt
block/nbd: split nbd_establish_connection out of nbd_client_connect
iotests: Test convert to qcow2 compressed to NBD
iotests: Add more qemu_img helpers
iotests: Make qemu_nbd_popen() a contextmanager
block: nbd: Fix convert qcow2 compressed to nbd
nbd: Fix large trim/zero requests
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 28 Jul 2020 17:43:48 +0000 (18:43 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200727' into staging
target-arm queue:
* ACPI: Assert that we don't run out of the preallocated memory
* hw/misc/aspeed_sdmc: Fix incorrect memory size
* target/arm: Always pass cacheattr in S1_ptw_translate
* docs/system/arm/virt: Document 'mte' machine option
* hw/arm/boot: Fix PAUTH, MTE for EL3 direct kernel boot
* target/arm: Improve IMPDEF algorithm for IRG
* remotes/pmaydell/tags/pull-target-arm-20200727:
target/arm: Improve IMPDEF algorithm for IRG
hw/arm/boot: Fix MTE for EL3 direct kernel boot
hw/arm/boot: Fix PAUTH for EL3 direct kernel boot
docs/system/arm/virt: Document 'mte' machine option
target/arm: Always pass cacheattr in S1_ptw_translate
hw/misc/aspeed_sdmc: Fix incorrect memory size
ACPI: Assert that we don't run out of the preallocated memory
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* remotes/maxreitz/tags/pull-block-2020-07-28:
iotests/197: Fix for non-qcow2 formats
iotests/028: Add test for cross-base-EOF reads
block: Fix bdrv_aligned_p*v() for qiov_offset != 0
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 28 Jul 2020 15:28:22 +0000 (16:28 +0100)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
Want to send earlier but most patches just come.
- fix vhost-vdpa issues when no peer
- fix virtio-pci queue enabling index value
- forbid reentrant RX
Changes from V1:
- drop the patch that has been merged
# gpg: Signature made Tue 28 Jul 2020 09:59:41 BST
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
net: forbid the reentrant RX
virtio-net: check the existence of peer before accessing vDPA config
virtio-pci: fix wrong index in virtio_pci_queue_enabled
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
block/nbd: nbd_co_reconnect_loop(): don't sleep if drained
We try to go to wakeable sleep, so that, if drain begins it will break
the sleep. But what if nbd_client_co_drain_begin() already called and
s->drained is already true? We'll go to sleep, and drain will have to
wait for the whole timeout. Let's improve it.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200727184751.15704-5-vsementsov@virtuozzo.com> Signed-off-by: Eric Blake <eblake@redhat.com>
block/nbd: on shutdown terminate connection attempt
On shutdown nbd driver may be in a connecting state. We should shutdown
it as well, otherwise we may hang in
nbd_teardown_connection, waiting for conneciton_co to finish in
BDRV_POLL_WHILE(bs, s->connection_co) loop if remote server is down.
How to reproduce the dead lock:
1. Create nbd-fault-injector.conf with the following contents:
2. In one terminal run nbd-fault-injector in a loop, like this:
n=1; while true; do
echo $n; ((n++));
./nbd-fault-injector.py 127.0.0.1:10000 nbd-fault-injector.conf;
done
3. In another terminal run qemu-io in a loop, like this:
n=1; while true; do
echo $n; ((n++));
./qemu-io -c 'read 0 512' nbd://127.0.0.1:10000;
done
After some time, qemu-io will hang. Note, that this hang may be
triggered by another bug, so the whole case is fixed only together with
commit "block/nbd: allow drain during reconnect attempt".
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200727184751.15704-4-vsementsov@virtuozzo.com> Signed-off-by: Eric Blake <eblake@redhat.com>
It should be safe to reenter qio_channel_yield() on io/channel read/write
path, so it's safe to reduce in_flight and allow attaching new aio
context. And no problem to allow drain itself: connection attempt is
not a guest request. Moreover, if remote server is down, we can hang
in negotiation, blocking drain section and provoking a dead lock.
How to reproduce the dead lock:
1. Create nbd-fault-injector.conf with the following contents:
2. In one terminal run nbd-fault-injector in a loop, like this:
n=1; while true; do
echo $n; ((n++));
./nbd-fault-injector.py 127.0.0.1:10000 nbd-fault-injector.conf;
done
3. In another terminal run qemu-io in a loop, like this:
n=1; while true; do
echo $n; ((n++));
./qemu-io -c 'read 0 512' nbd://127.0.0.1:10000;
done
After some time, qemu-io will hang trying to drain, for example, like
this:
#3 aio_poll (ctx=0x55f006bdd890, blocking=true) at
util/aio-posix.c:600
#4 bdrv_do_drained_begin (bs=0x55f006bea710, recursive=false,
parent=0x0, ignore_bds_parents=false, poll=true) at block/io.c:427
#5 bdrv_drained_begin (bs=0x55f006bea710) at block/io.c:433
#6 blk_drain (blk=0x55f006befc80) at block/block-backend.c:1710
#7 blk_unref (blk=0x55f006befc80) at block/block-backend.c:498
#8 bdrv_open_inherit (filename=0x7fffba1563bc
"nbd+tcp://127.0.0.1:10000", reference=0x0, options=0x55f006be86d0,
flags=24578, parent=0x0, child_class=0x0, child_role=0,
errp=0x7fffba154620) at block.c:3491
#9 bdrv_open (filename=0x7fffba1563bc "nbd+tcp://127.0.0.1:10000",
reference=0x0, options=0x0, flags=16386, errp=0x7fffba154620) at
block.c:3513
#10 blk_new_open (filename=0x7fffba1563bc "nbd+tcp://127.0.0.1:10000",
reference=0x0, options=0x0, flags=16386, errp=0x7fffba154620) at
block/block-backend.c:421
And connection_co stack like this:
#0 qemu_coroutine_switch (from_=0x55f006bf2650, to_=0x7fe96e07d918,
action=COROUTINE_YIELD) at util/coroutine-ucontext.c:302
#1 qemu_coroutine_yield () at util/qemu-coroutine.c:193
#2 qio_channel_yield (ioc=0x55f006bb3c20, condition=G_IO_IN) at
io/channel.c:472
#3 qio_channel_readv_all_eof (ioc=0x55f006bb3c20, iov=0x7fe96d729bf0,
niov=1, errp=0x7fe96d729eb0) at io/channel.c:110
#4 qio_channel_readv_all (ioc=0x55f006bb3c20, iov=0x7fe96d729bf0,
niov=1, errp=0x7fe96d729eb0) at io/channel.c:143
#5 qio_channel_read_all (ioc=0x55f006bb3c20, buf=0x7fe96d729d28
"\300.\366\004\360U", buflen=8, errp=0x7fe96d729eb0) at
io/channel.c:247
#6 nbd_read (ioc=0x55f006bb3c20, buffer=0x7fe96d729d28, size=8,
desc=0x55f004f69644 "initial magic", errp=0x7fe96d729eb0) at
/work/src/qemu/master/include/block/nbd.h:365
#7 nbd_read64 (ioc=0x55f006bb3c20, val=0x7fe96d729d28,
desc=0x55f004f69644 "initial magic", errp=0x7fe96d729eb0) at
/work/src/qemu/master/include/block/nbd.h:391
#8 nbd_start_negotiate (aio_context=0x55f006bdd890,
ioc=0x55f006bb3c20, tlscreds=0x0, hostname=0x0,
outioc=0x55f006bf19f8, structured_reply=true,
zeroes=0x7fe96d729dca, errp=0x7fe96d729eb0) at nbd/client.c:904
#9 nbd_receive_negotiate (aio_context=0x55f006bdd890,
ioc=0x55f006bb3c20, tlscreds=0x0, hostname=0x0,
outioc=0x55f006bf19f8, info=0x55f006bf1a00, errp=0x7fe96d729eb0) at
nbd/client.c:1032
#10 nbd_client_connect (bs=0x55f006bea710, errp=0x7fe96d729eb0) at
block/nbd.c:1460
#11 nbd_reconnect_attempt (s=0x55f006bf19f0) at block/nbd.c:287
#12 nbd_co_reconnect_loop (s=0x55f006bf19f0) at block/nbd.c:309
#13 nbd_connection_entry (opaque=0x55f006bf19f0) at block/nbd.c:360
#14 coroutine_trampoline (i0=113190480, i1=22000) at
util/coroutine-ucontext.c:173
Note, that the hang may be
triggered by another bug, so the whole case is fixed only together with
commit "block/nbd: on shutdown terminate connection attempt".
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200727184751.15704-3-vsementsov@virtuozzo.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
block/nbd: split nbd_establish_connection out of nbd_client_connect
We are going to implement non-blocking version of
nbd_establish_connection, which for a while will be used only for
nbd_reconnect_attempt, not for nbd_open, so we need to call it
separately.
Refactor nbd_reconnect_attempt in a way which makes next commit
simpler.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200727184751.15704-2-vsementsov@virtuozzo.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
Add test for "qemu-img convert -O qcow2 -c" to NBD target. The tests
create a OVA file and write compressed qcow2 disk content directly into
the OVA file via qemu-nbd.
Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Message-Id: <20200727215846.395443-5-nsoffer@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
Add 2 helpers for measuring and checking images:
- qemu_img_measure()
- qemu_img_check()
Both use --output-json and parse the returned json to make easy to use
in other tests. I'm going to use them in a new test, and I hope they
will be useful in may other tests.
Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Message-Id: <20200727215846.395443-4-nsoffer@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Eric Blake <eblake@redhat.com>
Instead of duplicating the code to wait until the server is ready and
remember to terminate the server and wait for it, make it possible to
use like this:
with qemu_nbd_popen('-k', sock, image):
# Access image via qemu-nbd socket...
Only test 264 used this helper, but I had to modify the output since it
did not consistently when starting and stopping qemu-nbd.
Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Message-Id: <20200727215846.395443-3-nsoffer@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Eric Blake <eblake@redhat.com>
When converting to qcow2 compressed format, the last step is a special
zero length compressed write, ending in a call to bdrv_co_truncate(). This
call always fails for the nbd driver since it does not implement
bdrv_co_truncate().
For block devices, which have the same limits, the call succeeds since
the file driver implements bdrv_co_truncate(). If the caller asked to
truncate to the same or smaller size with exact=false, the truncate
succeeds. Implement the same logic for nbd.
$ qemu-img check nbd+unix:///?socket=/tmp/nbd.sock
No errors were found on the image.
1/16384 = 0.01% allocated, 100.00% fragmented, 100.00% compressed clusters
Image end offset: 393216
$ qemu-img compare disk.raw nbd+unix:///?socket=/tmp/nbd.sock
Images are identical.
Fixes: https://bugzilla.redhat.com/1860627 Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Message-Id: <20200727215846.395443-2-nsoffer@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
[eblake: typo fixes] Signed-off-by: Eric Blake <eblake@redhat.com>
Dr. David Alan Gilbert (1):
ip_stripoptions use memmove
Jindrich Novy (4):
Fix possible infinite loops and use-after-free
Use secure string copy to avoid overflow
Be sure to initialize sockaddr structure
Check lseek() for failure
Marc-André Lureau (2):
util: do not silently truncate
Merge branch 'stable-4.2' into 'stable-4.2'
Philippe Mathieu-Daudé (3):
Fix win32 builds by using the SLIRP_PACKED definition
Fix constness warnings
Remove unnecessary break
Ralf Haferkamp (2):
Drop bogus IPv6 messages
Fix MTU check
We are having issues debugging and bisecting this issue that happen
mostly on patchew. Let's make it abort where it failed to gather some
new informations.
Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Peter Maydell [Tue, 28 Jul 2020 14:24:31 +0000 (15:24 +0100)]
Merge remote-tracking branch 'remotes/mdroth/tags/qga-pull-2020-07-27-tag' into staging
qemu-ga patch queue for hard-freeze
* document use of -1 when pci_controller field can't be retrieved for
guest-get-fsinfo
* fix incorrect filesystem type reporting on w32 for guest-get-fsinfo
when a volume is not mounted
projects / qemu-xen.git / log