Paolo Bonzini [Fri, 26 Aug 2022 22:49:31 +0000 (00:49 +0200)]
target/i386: Add size suffix to vector FP helpers
For AVX we're going to need both 128 bit (xmm) and 256 bit (ymm) variants of
floating point helpers. Add the register type suffix to the existing
*PS and *PD helpers (SS and SD variants are only valid on 128 bit vectors)
No functional changes.
Signed-off-by: Paul Brook <paul@nowt.org>
Message-Id: <20220424220204.2493824-15-paul@nowt.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 26 Aug 2022 22:13:40 +0000 (00:13 +0200)]
target/i386: check SSE table flags instead of hardcoding opcodes
Put more flags to work to avoid hardcoding lists of opcodes. The op7 case
for SSE_OPF_CMP is included for homogeneity and because AVX needs it, but
it is never used by SSE or MMX.
Extracted from a patch by Paul Brook <paul@nowt.org>.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paul Brook [Sun, 24 Apr 2022 22:01:46 +0000 (23:01 +0100)]
target/i386: Move 3DNOW decoder
Handle 3DNOW instructions early to avoid complicating the MMX/SSE logic.
Signed-off-by: Paul Brook <paul@nowt.org>
Message-Id: <20220424220204.2493824-25-paul@nowt.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paul Brook [Sun, 24 Apr 2022 22:01:27 +0000 (23:01 +0100)]
target/i386: Rework sse_op_table6/7
Add a flags field each row in sse_op_table6 and sse_op_table7.
Initially this is only used as a replacement for the magic SSE41_SPECIAL
pointer. The other flags are mostly relevant for the AVX implementation
but can be applied to SSE as well.
Signed-off-by: Paul Brook <paul@nowt.org>
Message-Id: <20220424220204.2493824-6-paul@nowt.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paul Brook [Sun, 24 Apr 2022 22:01:26 +0000 (23:01 +0100)]
target/i386: Rework sse_op_table1
Add a flags field to each row in sse_op_table1.
Initially this is only used as a replacement for the magic
SSE_SPECIAL and SSE_DUMMY pointers, the other flags are mostly
relevant for the AVX implementation but can be applied to SSE as well.
Signed-off-by: Paul Brook <paul@nowt.org>
Message-Id: <20220424220204.2493824-5-paul@nowt.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paul Brook [Sun, 24 Apr 2022 22:01:30 +0000 (23:01 +0100)]
target/i386: Add ZMM_OFFSET macro
Add a convenience macro to get the address of an xmm_regs element within
CPUX86State.
This was originally going to be the basis of an implementation that broke
operations into 128 bit chunks. I scrapped that idea, so this is now a purely
cosmetic change. But I think a worthwhile one - it reduces the number of
function calls that need to be split over multiple lines.
No functional changes.
Signed-off-by: Paul Brook <paul@nowt.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220424220204.2493824-9-paul@nowt.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paul Brook [Sun, 24 Apr 2022 22:02:03 +0000 (23:02 +0100)]
tests/tcg: i386: add SSE tests
Tests for correct operation of most x86-64 SSE instructions.
It should cover all combinations of overlapping register and memory
operands on a set of random-ish data.
Results are bit-identical to an Intel i5-8500, with the exception of
the RCPSS and RSQRT approximations where the real CPU gives less accurate
results (the Intel spec allows relative errors up to 1.5 * 2^-12)
Signed-off-by: Paul Brook <paul@nowt.org> Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220424220204.2493824-42-paul@nowt.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Thu, 25 Aug 2022 16:47:50 +0000 (18:47 +0200)]
target/i386: DPPS rounding fix
The DPPS (Dot Product) instruction is defined to first sum pairs of
intermediate results, then sum those values to get the final result.
i.e. (A+B)+(C+D)
We incrementally sum the results, i.e. ((A+B)+C)+D, which can result
in incorrect rouding.
For consistency, also change the variable names to the ones used
in the Intel SDM and implement DPPD following the manual.
Based on a patch by Paul Brook <paul@nowt.org>.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 26 Aug 2022 11:00:00 +0000 (13:00 +0200)]
KVM: dirty ring: add missing memory barrier
The KVM_DIRTY_GFN_F_DIRTY flag ensures that the entry is valid. If
the read of the fields are not ordered after the read of the flag,
QEMU might see stale values.
Cc: Gavin Shan <gshan@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Peter Xu <peterx@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Anton Kochkov [Wed, 17 Aug 2022 14:37:23 +0000 (14:37 +0000)]
meson: be strict for boolean options
While Meson buildsystem accepts the 'false' as a value
for boolean options, it's not covered by the specification
and in general invalid. Some alternative Meson implementations,
like Muon, do not accept 'false' or 'true' as a valid value
for the boolean options.
See https://mesonbuild.com/Build-options.html
Signed-off-by: Anton Kochkov <anton.kochkov@proton.me> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220817143538.2107779-1-anton.kochkov@proton.me> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Fri, 19 Aug 2022 16:40:46 +0000 (18:40 +0200)]
configure: improve error for ucontext coroutine backend
Instead of using feature_not_found(), which is not a good match because
there is no "remedy" to fix the lack of makecontext(), just print a
custom error.
This happens to remove the last use of feature_not_found(), so remove
the definition and the documentation.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Vitaly Kuznetsov [Thu, 18 Aug 2022 15:01:13 +0000 (17:01 +0200)]
i386: do kvm_put_msr_feature_control() first thing when vCPU is reset
kvm_put_sregs2() fails to reset 'locked' CR4/CR0 bits upon vCPU reset when
it is in VMX root operation. Do kvm_put_msr_feature_control() before
kvm_put_sregs2() to (possibly) kick vCPU out of VMX root operation. It also
seems logical to do kvm_put_msr_feature_control() before
kvm_put_nested_state() and not after it, especially when 'real' nested
state is set.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20220818150113.479917-3-vkuznets@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Vitaly Kuznetsov [Thu, 18 Aug 2022 15:01:12 +0000 (17:01 +0200)]
i386: reset KVM nested state upon CPU reset
Make sure env->nested_state is cleaned up when a vCPU is reset, it may
be stale after an incoming migration, kvm_arch_put_registers() may
end up failing or putting vCPU in a weird state.
John Millikin [Wed, 17 Aug 2022 05:35:00 +0000 (14:35 +0900)]
scsi: Reject commands if the CDB length exceeds buf_len
In scsi_req_parse_cdb(), if the CDB length implied by the command type
exceeds the initialized portion of the command buffer, reject the request.
Rejected requests are recorded by the `scsi_req_parse_bad` trace event.
On example of a bug detected by this check is SunOS's use of interleaved
DMA and non-DMA commands. This guest behavior currently causes QEMU to
parse uninitialized memory as a SCSI command, with unpredictable
outcomes.
With the new check in place:
* QEMU consistently creates a trace event and rejects the request.
* SunOS retries the request(s) and is able to successfully boot from
disk.
Signed-off-by: John Millikin <john@john-millikin.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1127
Message-Id: <20220817053458.698416-2-john@john-millikin.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
John Millikin [Wed, 17 Aug 2022 05:34:58 +0000 (14:34 +0900)]
scsi: Add buf_len parameter to scsi_req_new()
When a SCSI command is received from the guest, the CDB length implied
by the first byte might exceed the number of bytes the guest sent. In
this case scsi_req_new() will read uninitialized data, causing
unpredictable behavior.
Adds the buf_len parameter to scsi_req_new() and plumbs it through the
call stack.
Signed-off-by: John Millikin <john@john-millikin.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1127
Message-Id: <20220817053458.698416-1-john@john-millikin.com>
[Fill in correct length for adapters other than ESP. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
John Millikin [Wed, 17 Aug 2022 05:38:47 +0000 (14:38 +0900)]
esp: Handle CMD_BUSRESET by resetting the SCSI bus
Per investigation on the linked ticket, SunOS issues a SCSI bus reset
to the ESP as part of its boot sequence. If this ESP command doesn't
cause devices to assert sense flag UNIT ATTENTION, SunOS will consider
the CD-ROM device to be non-compliant with Common Command Set (CCS).
In this condition, the SunOS installer's early userspace doesn't set
the installation source location to sr0 and the miniroot copy fails.
Signed-off-by: John Millikin <john@john-millikin.com> Suggested-by: Bill Paul <noisetube@gmail.com> Buglink: https://gitlab.com/qemu-project/qemu/-/issues/1127
Message-Id: <20220817053846.699310-1-john@john-millikin.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Stefan Hajnoczi [Wed, 31 Aug 2022 22:18:59 +0000 (18:18 -0400)]
Merge tag 'testing-pull-request-2022-08-30' of https://gitlab.com/thuth/qemu into staging
* First batch of patches to get qtests adapted for Windows
* Two preparation patches for the upcoming removal of the slirp submodule
* Some other small test fixes (typos, etc.)
* tag 'testing-pull-request-2022-08-30' of https://gitlab.com/thuth/qemu: (23 commits)
tests/avocado/migration: Get find_free_port() from the ports
tests/qtest/ac97-test: Correct reference to driver
gitlab-ci: Only use one process in Windows jobs for compilation
docs/devel/testing: fix minor typo
tests/avocado: Fix trivial typo
tests/avocado: Do not run tests that require libslirp if it is not available
tests/vm: Add libslirp to the VM tests
tests/qtest: prom-env-test: Use double quotes to pass the prom-env option
tests/qtest: npcm7xx_emc-test: Skip running test_{tx, rx} on win32
tests/qtest: machine-none-test: Use double quotes to pass the cpu option
tests/qtest: device-plug-test: Reverse the usage of double/single quotes
tests/qtest: libqos: Rename malloc.h to libqos-malloc.h
tests/qtest: libqos: Drop inclusion of <sys/wait.h>
tests/qtest: migration-test: Skip running test_migrate_fd_proto on win32
tests/qtest: i440fx-test: Skip running request_{bios, pflash} for win32
tests/qtest: Build cases that use memory-backend-file for posix only
tests/qtest: Build e1000e-test for posix only
tests/qtest: Adapt {m48t59,rtc}-test cases for win32
backends/tpm: Exclude headers and macros that don't exist on win32
tests/qtest: migration-test: Handle link() for win32
...
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Stefan Hajnoczi [Wed, 31 Aug 2022 20:50:43 +0000 (16:50 -0400)]
Merge tag 's390x-pull-request-2022-08-30' of https://gitlab.com/thuth/qemu into staging
* Compat machine types for QEMU 7.2
* Add feature bit for the "processor-activity-instrumentation extension"
* Fix emulation of CLFIT and CLGIT instructions
* Fix hugepages support on s390x with the memfd memory-backend
* tag 's390x-pull-request-2022-08-30' of https://gitlab.com/thuth/qemu:
util/mmap-alloc: Remove qemu_mempath_getpagesize()
softmmu/physmem: Remove the ifdef __linux__ around the pagesize functions
backends/hostmem: Fix support of memory-backend-memfd in qemu_maxrampagesize()
target/s390x: Fix CLFIT and CLGIT immediate size
s390x/cpumodel: add stfl197 processor-activity-instrumentation extension 1
hw: Add compat machines for 7.2
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
To be able to update to a newer Avocado version later, let's use
the new way for accessing the find_free_port() function here.
Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220829121939.209329-1-thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Tue, 23 Aug 2022 11:20:36 +0000 (13:20 +0200)]
gitlab-ci: Only use one process in Windows jobs for compilation
The Windows jobs are currently aborting at weird places - and
there's the suspicion that it's due to memory constraints in
the Windows containers. Let's switch to single-threaded compilation
to decrease the pressure on the memory load, and to make the
job more deterministic for further investigations.
Message-Id: <20220825193323.104768-1-thuth@redhat.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Wed, 24 Aug 2022 08:09:26 +0000 (10:09 +0200)]
tests/avocado: Fix trivial typo
The intention was likely to use "intend" instead of "indent" here.
Message-Id: <20220824080926.568935-1-thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Wed, 24 Aug 2022 15:11:21 +0000 (17:11 +0200)]
tests/avocado: Do not run tests that require libslirp if it is not available
Some avocado tests blindly assume that QEMU has been compiled with libslirp
enabled and fail badly if it is missing. Add a proper check to cancel the
tests in this case.
Message-Id: <20220824151122.704946-6-thuth@redhat.com> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Wed, 24 Aug 2022 15:11:18 +0000 (17:11 +0200)]
tests/vm: Add libslirp to the VM tests
We are going to remove the slirp submodule from the QEMU repository, so
we should make sure to install the distro's libslirp to get the same
test coverage as before in the VMs.
Message-Id: <20220824151122.704946-3-thuth@redhat.com> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:40:23 +0000 (17:40 +0800)]
tests/qtest: prom-env-test: Use double quotes to pass the prom-env option
Single quotes like -prom-env 'nvramrc=cafec0de 4000 l!' in the arguments
are not removed in the Windows environment before it is passed to the
QEMU executable. Such argument causes a failure in the QEMU prom-env
option parser codes.
Change to use double quotes which works fine on all platforms.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-46-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:40:21 +0000 (17:40 +0800)]
tests/qtest: npcm7xx_emc-test: Skip running test_{tx, rx} on win32
The test cases 'test_{tx,rx}' call socketpair() which does not exist
on win32. Exclude them.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-44-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:40:14 +0000 (17:40 +0800)]
tests/qtest: machine-none-test: Use double quotes to pass the cpu option
Single quotes in the arguments (e.g.: -cpu 'qemu64,apic-id=0') are
not removed in the Windows environment before it is passed to the
QEMU executable. Such argument causes a failure in the QEMU CPU
option parser codes.
Change to use double quotes which works fine on all platforms.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-37-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:40:13 +0000 (17:40 +0800)]
tests/qtest: device-plug-test: Reverse the usage of double/single quotes
The usage of double/single quotes in test_pci_unplug_json_request()
should be reversed to work on both win32 and non-win32 platforms:
- The value of -device parameter needs to be surrounded by "" as
Windows does not drop '' when passing it to QEMU which causes
QEMU command line option parser failure.
- The JSON key/value pairs need to be surrounded by '' to make the
JSON parser happy on Windows.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-36-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Xuzhou Cheng [Wed, 24 Aug 2022 09:40:03 +0000 (17:40 +0800)]
tests/qtest: libqos: Rename malloc.h to libqos-malloc.h
The qtest/libqos directory is included via the "-I" option to search
for header files when building qtest. Unfortunately the malloc.h has
a name conflict with the standard libc header, leading to a build
failure on the Windows host, due to the MinGW libc stdlib.h header
file includes malloc.h and it now gets wrongly pointed to the one
in the qtest/libqos directory.
Rename "qtest/libqos/malloc.h" to "qtest/libqos/libqos-malloc.h" to
avoid the namespace pollution.
Signed-off-by: Xuzhou Cheng <xuzhou.cheng@windriver.com> Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-26-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Wed, 10 Aug 2022 12:57:19 +0000 (14:57 +0200)]
softmmu/physmem: Remove the ifdef __linux__ around the pagesize functions
Now that host_memory_backend_pagesize() is not depending on the hugetlb
memory path handling anymore, we can also remove the #ifdef and the
TOCTTOU comment from the calling functions - the code should now work
equally well on all host architectures.
Message-Id: <20220810125720.3849835-3-thuth@redhat.com> Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com> Acked-by: David Hildenbrand <david@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Wed, 10 Aug 2022 12:57:18 +0000 (14:57 +0200)]
backends/hostmem: Fix support of memory-backend-memfd in qemu_maxrampagesize()
It is currently not possible yet to use "memory-backend-memfd" on s390x
with hugepages enabled. This problem is caused by qemu_maxrampagesize()
not taking memory-backend-memfd objects into account yet, so the code
in s390_memory_init() fails to enable the huge page support there via
s390_set_max_pagesize(). Fix it by generalizing the code, so that it
looks at qemu_ram_pagesize(memdev->mr.ram_block) instead of re-trying
to get the information from the filesystem.
Suggested-by: David Hildenbrand <david@redhat.com> Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2116496
Message-Id: <20220810125720.3849835-2-thuth@redhat.com> Reviewed-by: David Hildenbrand <david@redhat.com> Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Add 7.2 machine types for arm/i440fx/m68k/q35/s390x/spapr.
Signed-off-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20220727121755.395894-1-cohuck@redhat.com>
[thuth: fixed conflict with pcmc->legacy_no_rng_seed] Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:59 +0000 (17:39 +0800)]
tests/qtest: migration-test: Skip running test_migrate_fd_proto on win32
The test case 'test_migrate_fd_proto' calls socketpair() which does
not exist on win32. Exclude it. The helper function wait_command_fd()
is not needed anymore, hence exclude it too.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20220824094029.1634519-22-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:58 +0000 (17:39 +0800)]
tests/qtest: i440fx-test: Skip running request_{bios, pflash} for win32
The request_{bios,pflash} test cases call mmap() which does not
exist on win32. Exclude them.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-21-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:56 +0000 (17:39 +0800)]
tests/qtest: Build cases that use memory-backend-file for posix only
As backends/meson.build tells us, hostmem-file.c is only supported on
POSIX platforms, hence any test case that utilizes the memory backend
file should be guarded by CONFIG_POSIX too.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-19-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:54 +0000 (17:39 +0800)]
tests/qtest: Build e1000e-test for posix only
The whole e1000e-test test case relies on socketpair() which does
not exist on win32.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-17-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:53 +0000 (17:39 +0800)]
tests/qtest: Adapt {m48t59,rtc}-test cases for win32
There is no tm_gmtoff member in 'struct tm' on Windows.
Update rtc-test.c and m48t59-test.c accordingly.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-16-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:52 +0000 (17:39 +0800)]
backends/tpm: Exclude headers and macros that don't exist on win32
These headers and macros do not exist on Windows. Exclude them.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-Id: <20220824094029.1634519-15-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:51 +0000 (17:39 +0800)]
tests/qtest: migration-test: Handle link() for win32
Windows does not provide a link() API like POSIX. Instead it provides
a similar API CreateHardLink() that does the same thing, but with
different argument order and return value.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20220824094029.1634519-14-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:50 +0000 (17:39 +0800)]
tests: Use g_mkdir_with_parents()
Use the same g_mkdir_with_parents() call to create a directory on
all platforms.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20220824094029.1634519-13-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:40 +0000 (17:39 +0800)]
tests/qtest: Use g_mkdtemp()
Windows does not provide a mkdtemp() API, but glib does.
Replace mkdtemp() call with the glib version.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-3-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Bin Meng [Wed, 24 Aug 2022 09:39:39 +0000 (17:39 +0800)]
tests/qtest: Use g_setenv()
Windows does not provide a setenv() API, but glib does.
Replace setenv() call with the glib version.
Signed-off-by: Bin Meng <bin.meng@windriver.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220824094029.1634519-2-bmeng.cn@gmail.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Richard Henderson [Wed, 24 Aug 2022 15:04:26 +0000 (08:04 -0700)]
Merge tag 'pull-for-7.1-fixes-240822-3' of https://github.com/stsquad/qemu into staging
Testing and doc updates:
- move default timeout to QemuBaseTests
- optimise migration tests to run faster
- removed duplicate migration test
- add some clarifying language to block options in manual
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmMF7MMACgkQ+9DbCVqe
# KkTCmgf/eyjET4BObyQEp7QsbdS295eL3If2PxSumCrypMjpmYAFJcQ9POjagExo
# wh+E8hU587BLzghgjPcsJ4fm3m21bngmAvsczmLcgOMhAaMhH5MRMR0dvHjo7l9F
# isJ1ro20fCJ2QcFNybAIu4VluwBr9oYBnZ3B7YpL9DDu8x9MmS6UCQkCJ4Y86raW
# G9IXTHwwiq3D4RiuLccPRZ/WsMZhuNVafFrgJK56GBF7jWI0d0kOar5HyS8pATNL
# hkAYBTfkrBmEhOA86vMiRmfmpVa+FqSzXkn2quWvJ8HGQ2tmIoboBbGWDExvN0/d
# pPLoAzDVPEnHAMqarC2RgSQTH0JmJQ==
# =ODg1
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 24 Aug 2022 02:17:55 AM PDT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-for-7.1-fixes-240822-3' of https://github.com/stsquad/qemu:
qemu-options: try and clarify preferred block semantics
tests/qtest/migration-test: Remove duplicated test_postcopy from the test plan
tests/migration/i386: Speed up the i386 migration test (when using TCG)
tests/migration/aarch64: Speed up the aarch64 migration test
tests/qtest/migration-test: Only wait for serial output where migration succeeds
tests/avocado: push default timeout to QemuBaseTest
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Cc: qemu-block@nongnu.org Cc: Kevin Wolf <kwolf@redhat.com> Cc: Hanna Reitz <hreitz@redhat.com> Cc: Thomas Huth <thuth@redhat.com>
Message-Id: <20220822165608.2980552-7-alex.bennee@linaro.org>
Thomas Huth [Mon, 22 Aug 2022 16:56:07 +0000 (17:56 +0100)]
tests/qtest/migration-test: Remove duplicated test_postcopy from the test plan
test_postcopy() is currently run twice - which is just a waste of resources
and time. The commit d1a27b169b2d that introduced the duplicate talked about
renaming the "postcopy/unix" test, but apparently it forgot to remove the
old entry. Let's do that now.
Fixes: d1a27b169b ("tests: Add postcopy tls migration test") Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220819053802.296584-5-thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20220822165608.2980552-6-alex.bennee@linaro.org>
Thomas Huth [Mon, 22 Aug 2022 16:56:06 +0000 (17:56 +0100)]
tests/migration/i386: Speed up the i386 migration test (when using TCG)
When KVM is not available, the i386 migration test also runs in a rather
slow fashion, since the guest code takes a couple of seconds to print
the "B"s on the serial console, and the migration test has to wait for
this each time. Let's increase the frequency here, too, so that the
delays in the migration tests get smaller.
Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220819053802.296584-4-thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220822165608.2980552-5-alex.bennee@linaro.org>
Thomas Huth [Mon, 22 Aug 2022 16:56:05 +0000 (17:56 +0100)]
tests/migration/aarch64: Speed up the aarch64 migration test
The migration tests spend a lot of time waiting for a sign of live
of the guest on the serial console. The aarch64 migration code only
outputs "B"s every couple of seconds (at least it takes more than 4
seconds between each characeter on my x86 laptop). There are a lot
of migration tests, and if each test that checks for a successful
migration waits for these characters before and after migration, the
wait time sums up to multiple minutes! Let's use a shorter delay to
speed things up.
While we're at it, also remove a superfluous masking with 0xff - we're
reading and storing bytes, so the upper bits of the register do not
matter anyway.
With these changes, the test runs twice as fast on my laptop, decreasing
the total run time from approx. 8 minutes to only 4 minutes!
Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220819053802.296584-3-thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220822165608.2980552-4-alex.bennee@linaro.org>
Thomas Huth [Mon, 22 Aug 2022 16:56:04 +0000 (17:56 +0100)]
tests/qtest/migration-test: Only wait for serial output where migration succeeds
Waiting for the serial output can take a couple of seconds - and since
we're doing a lot of migration tests, this time easily sums up to
multiple minutes. But if a test is supposed to fail, it does not make
much sense to wait for the source to be in the right state first, so
we can skip the waiting here. This way we can speed up all tests where
the migration is supposed to fail. In the gitlab-CI gprov-gcov test,
each of the migration-tests now run two minutes faster!
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220819053802.296584-2-thuth@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20220822165608.2980552-3-alex.bennee@linaro.org>
Alex Bennée [Mon, 22 Aug 2022 16:56:03 +0000 (17:56 +0100)]
tests/avocado: push default timeout to QemuBaseTest
All of the QEMU tests eventually end up derrived from this class. Move
the default timeout from LinuxTest to ensure we catch them all. We
keep the 15 minute timeout as currently some of the more heavyweight
CFI and TCG tests can overrun. We should aim to drop it down to 2
minutes which is a more reasonable target for tests to aim for but we
want to get this release out.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
[AJB: revert to 15 min timeout for v2] Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220822165608.2980552-2-alex.bennee@linaro.org>
Kevin Wolf [Mon, 22 Aug 2022 12:53:20 +0000 (14:53 +0200)]
scsi-generic: Fix emulated block limits VPD page
Commits 01ef8185b80 amd 24b36e9813e updated the way that the maximum
transfer length is calculated for patching block limits VPD page in an
INQUIRY response.
The same updates also need to be made for the case where the host device
does not support the block limits VPD page at all and we emulate the
whole page.
Without this fix, on host block devices a maximum transfer length of
(INT_MAX - sector_size) bytes is advertised to the guest, resulting in
I/O errors when a request that exceeds the host limits is made by the
guest. (Prior to commit 24b36e9813e, this code path would use the
max_transfer value from the host instead of INT_MAX, but still miss the
fix from 01ef8185b80 where max_transfer is also capped to max_iov
host pages, so it would be less wrong, but still wrong.)
Cc: qemu-stable@nongnu.org Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2096251 Fixes: 01ef8185b809af9d287e1a03a3f9d8ea8231118a Fixes: 24b36e9813ec15da7db62e3b3621730710c5f020 Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20220822125320.48257-1-kwolf@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Helge Deller [Tue, 16 Aug 2022 07:58:14 +0000 (09:58 +0200)]
target/hppa: Fix proberi instruction emulation for linux-user
The proberi assembler instruction checks the read/write access rights
for the page of a given address and shall return a value of 1 if the
test succeeds and a value of 0 on failure in the target register.
But when run in linux-user mode, qemu currently simply returns the
return code of page_check_range() which returns 0 on success and -1 on
failure, which is the opposite of what proberi should return.
Fix it by checking the return code of page_check_range() and return the
expected return value.
The easiest way to reproduce the issue is by running
"/lib/ld.so.1 --version" in a chroot which fails without this patch.
At startup of ld.so the __canonicalize_funcptr_for_compare() function is
used to resolve the function address out of a function descriptor, which
fails because proberi (due to the wrong return code) seems to indicate
that the given address isn't accessible.
We are hard-coding ARMCPRegInfo pointers into TranslationBlocks,
for calling into helper_{get,set}cp_reg{,64}. So we have a race
condition between whichever cpu thread translates the code first
(encoding the pointer), and that cpu thread exiting, so that the
next execution of the TB references a freed data structure.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* tag 'fixes-pull-request' of gitlab.com:marcandre.lureau/qemu:
ui/console: fix qemu_console_resize() regression
build-sys: disable vhost-user-gpu if !opengl
dbus-vmstate: Restrict error checks to registered proxies in dbus_get_proxies
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The display may be corrupted when changing screen colour depth in
qemu-system-ppc/MacOS since 7.0.
Do not short-cut qemu_console_resize() if the surface is backed by vga
vram. When the scanout isn't set, or it is already allocated, or opengl,
and the size is fitting, we still avoid the reallocation & replace path.
Fixes: commit cb8962c1 ("ui: do not create a surface when resizing a GL scanout") Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220725115815.2461322-1-marcandre.lureau@redhat.com>
Priyankar Jain [Fri, 26 Nov 2021 14:15:17 +0000 (14:15 +0000)]
dbus-vmstate: Restrict error checks to registered proxies in dbus_get_proxies
The purpose of dbus_get_proxies to construct the proxies corresponding to the
IDs registered to dbus-vmstate.
Currenty, this function returns an error in case there is any failure
while instantiating proxy for "all" the names on dbus.
Ideally this function should error out only if it is not able to find and
validate the proxies registered to the backend otherwise any offending
process(for eg: the process purposefully may not export its Id property on
the dbus) may connect to the dbus and can lead to migration failures.
This commit ensures that dbus_get_proxies returns an error if it is not
able to find and validate the proxies of interest(the IDs registered
during the dbus-vmstate instantiation).
Michael S. Tsirkin [Wed, 27 Jul 2022 16:10:38 +0000 (12:10 -0400)]
virtio-pci: don't touch pci on virtio reset
virtio level reset should not affect pci express
registers such as PM, error or link.
Fixes: 27ce0f3afc ("hw/virtio: fix Power Management Control Register for PCI Express virtio devices") Fixes: d584f1b9ca ("hw/virtio: fix Link Control Register for PCI Express virtio devices") Fixes: c2cabb3422 ("hw/virtio: fix error enabling flags in Device Control register") Cc: "Marcel Apfelbaum" <marcel@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Igor Mammedov [Thu, 28 Jul 2022 13:37:13 +0000 (09:37 -0400)]
tests: acpi: silence applesmc warning about invalid key
OSK value is irrelevant for ACPI test case.
Supply fake OSK explicitly to prevent QEMU complaining about
invalid key when it fallbacks to default_osk.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20220728133713.1369596-1-imammedo@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
A placeholder of ~0 is used to indicate variable payload size.
Whilst the checks for output payload correctly took this into
account, those for input payload did not.
This results in failure of the Set LSA command.
Fixes: 464e14ac43 ("hw/cxl/device: Implement basic mailbox (8.2.8.4)") Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220817145759.32603-4-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Jonathan Cameron [Wed, 17 Aug 2022 14:57:58 +0000 (15:57 +0100)]
hw/cxl: Fix Get LSA input payload size which should be 8 bytes.
Get LSA needs 4 byte offset and 4 byte length arguments.
CXL rev 2.0 Table 178.
Fixes: 3ebe676a34 ("hw/cxl/device: Implement get/set Label Storage Area (LSA)") Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220817145759.32603-3-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Jonathan Cameron [Wed, 17 Aug 2022 14:57:57 +0000 (15:57 +0100)]
hw/cxl: Add stub write function for RO MemoryRegionOps entries.
There is no checking on the availability of a write callback.
Hence QEMU crashes if a write does occur to one of these regions.
Discovered whilst chasing a Linux kernel bug that incorrectly
wrote into one of these regions.
Fixes: 6364adacdf ("hw/cxl/device: Implement the CAP array (8.2.8.1-2)") Reported-by: Bobo WL <lmw.bobo@gmail.com> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220817145759.32603-2-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220808122051.14822-3-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Message-Id: <20220808122051.14822-2-Jonathan.Cameron@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Alex Bennée [Thu, 28 Jul 2022 13:55:03 +0000 (14:55 +0100)]
hw/virtio: fix vhost_user_read tracepoint
As reads happen in the callback we were never seeing them. We only
really care about the header so move the tracepoint to when the header
is complete.
Fixes: 6ca6d8ee9d (hw/virtio: add vhost_user_[read|write] trace points) Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Acked-by: Jason Wang <jasowang@redhat.com>
Message-Id: <20220728135503.1060062-5-alex.bennee@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Alex Bennée [Thu, 28 Jul 2022 13:55:02 +0000 (14:55 +0100)]
hw/virtio: handle un-configured shutdown in virtio-pci
The assert() protecting against leakage is a little aggressive and
causes needless crashes if a device is shutdown without having been
configured. In this case no descriptors are lost because none have
been assigned.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220728135503.1060062-4-alex.bennee@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Alex Bennée [Thu, 28 Jul 2022 13:55:01 +0000 (14:55 +0100)]
hw/virtio: gracefully handle unset vhost_dev vdev
I've noticed asserts firing because we query the status of vdev after
a vhost connection is closed down. Rather than faulting on the NULL
indirect just quietly reply false.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220728135503.1060062-3-alex.bennee@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Stefan Hajnoczi [Mon, 8 Aug 2022 16:21:34 +0000 (12:21 -0400)]
virtio-scsi: fix race in virtio_scsi_dataplane_start()
As soon as virtio_scsi_data_plane_start() attaches host notifiers the
IOThread may start virtqueue processing. There is a race between
IOThread virtqueue processing and virtio_scsi_data_plane_start() because
it only assigns s->dataplane_started after attaching host notifiers.
When a virtqueue handler function in the IOThread calls
virtio_scsi_defer_to_dataplane() it may see !s->dataplane_started and
attempt to start dataplane even though we're already in the IOThread:
This patch assigns s->dataplane_started before attaching host notifiers
so that virtqueue handler functions that run in the IOThread before
virtio_scsi_data_plane_start() returns correctly identify that dataplane
does not need to be started. This fix is taken from the virtio-blk
dataplane code and it's worth adding a comment in virtio-blk as well to
explain why it works.
Note that s->dataplane_started does not need the AioContext lock because
it is set before attaching host notifiers and cleared after detaching
host notifiers. In other words, the IOThread always sees the value true
and the main loop thread does not modify it while the IOThread is
active.
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2099541 Reported-by: Qing Wang <qinwang@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20220808162134.240405-1-stefanha@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Richard Henderson [Tue, 16 Aug 2022 15:58:57 +0000 (10:58 -0500)]
Merge tag 'pull-request-2022-08-16' of https://gitlab.com/thuth/qemu into staging
* Fix a possible endless loop in USB XHCI code
* Minor fixes for the new readconfig test
# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmL7aT8RHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbXm6w//TzGqEkzN6VeYqCgbI5ZuCcu3uL/X7KcO
# vsljTTYeJgE3IuT4RARk4d2/K8xD/mzyxMTHP5SrbCIYSOBY4OusJN55fytX46mb
# cdy3dHWbwaT7y8J+BLpwOg7om+oDp1Q2o1JxPY39BEi5T2C6PBHveDf9XxNv2n2j
# 9kwF0la7EmhmNoUgWyvf3dVoOFS3G4BTP1ZSvjcUNRuAxGLGZ8XOhZYw5zQ4MMTF
# OrNdVPmMDyLjAxpdO5dKItvTs8l0ioSXsbrNK+w2o58U1Wmczkn3BYcel2m+J14v
# XY9jtq9qUHjTmFRCCop0LYitkDvW+mAmptFsc94Y0ulc3JQ1KNvvjBIgNKZGRCkv
# Fw7xdArifc1TMpRdgNP1Gr88LXtSPEaPsHYMRy7AHcv2Abd9zrRm7JMa45mburzp
# jhUvFYCLN2iDgd78HClDAGuRLWAEaJDLkbvxHtJxGW8m9lHHwkrUeLm6uJMrSwu6
# 880O0/ayEz0jw5yDEDC/ooTbcWKgbpZ7KPREciSLTAPsC2orBrBIjlioY1YxfAMZ
# rrP7KvGggP7yWrOn4BKUWRo7NC2WPQ69nJQCTsXij4NlKsWAaJ3EgldKDcFgungk
# DsEm+FQhcDDfeOWN03dNxRxz8bFm1/HbSHgna5C5xnbQbQMiSPYVYWPjzK6E8kKO
# NgjewJS4E7E=
# =5xZ9
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 16 Aug 2022 04:54:07 AM CDT
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [undefined]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [undefined]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* tag 'pull-request-2022-08-16' of https://gitlab.com/thuth/qemu:
hw/usb/hcd-xhci: Fix unbounded loop in xhci_ring_chain_length() (CVE-2020-14394)
tests/qtest: misc tweaks to readconfig
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Tue, 16 Aug 2022 14:01:50 +0000 (09:01 -0500)]
Merge tag 'pull-for-7.1-fixes-160822-1' of https://github.com/stsquad/qemu into staging
A few small fixes:
- properly un-parent OBJECT(cpu) when closing -user thread
- add missing timeout to aspeed tests
- reduce raciness of login: prompt handling for aspeed tests
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmL7XG0ACgkQ+9DbCVqe
# KkRDAAf9EfolGONaDKRaBkzdASuIadVGDr3EUDFe+Ho7cyJjnrOu8XjbOuB9Ayc4
# Vg4ccTSWYtCQdh4HhPOuCSmCoDmvCgnzze+eLS1E/PDNAMH0puPYikacpdp09Nng
# qtPqb9QfaJNy7imrtg43kXWDbUHU21YlgGIguBYCJV5EKBFlNH84iyf5wYjXjQkp
# OXpSGcSdNBJ569g1tksrBZrrSMEMMFHnpDmMxRbNnDlJ/yDKbLI8t0CXLR1hU6le
# IjKWV7ZChEYiTRn+tlVrRdiFJjqhKtOoc9VXlVG67MW9orEQwk0gYVrnhxmC+N0t
# hMcbncw8CgxS270cEqccxxYDF5Uxng==
# =9IHQ
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 16 Aug 2022 03:59:25 AM CDT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-for-7.1-fixes-160822-1' of https://github.com/stsquad/qemu:
tests/avocado: apply a band aid to aspeed-evb login
tests/avocado: add timeout to the aspeed tests
linux-user: un-parent OBJECT(cpu) when closing thread
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Thomas Huth [Thu, 4 Aug 2022 13:13:00 +0000 (15:13 +0200)]
hw/usb/hcd-xhci: Fix unbounded loop in xhci_ring_chain_length() (CVE-2020-14394)
The loop condition in xhci_ring_chain_length() is under control of
the guest, and additionally the code does not check for failed DMA
transfers (e.g. if reaching the end of the RAM), so the loop there
could run for a very long time or even forever. Fix it by checking
the return value of dma_memory_read() and by introducing a maximum
loop length.
Daniel P. Berrangé [Tue, 9 Aug 2022 09:38:54 +0000 (05:38 -0400)]
tests/qtest: misc tweaks to readconfig
The property name parameter is ignored when visiting a top
level type, but the obvious typo should be fixed to avoid
confusion. A few indentation issues were tidied up. We
can break out of the loop when finding the RNG device.
Finally, close the temp FD immediately when no longer
needed.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220809093854.168438-1-berrange@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Alex Bennée [Thu, 11 Aug 2022 15:14:12 +0000 (16:14 +0100)]
tests/avocado: apply a band aid to aspeed-evb login
This is really a limitation of the underlying console code which
doesn't allow us to detect the login: and following "#" prompts
because it reads input line wise. By adding a small delay we ensure
that the login prompt has appeared so we don't accidentally spaff the
shell commands to a confused getty in the guest.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Cédric Le Goater <clg@kaod.org> Acked-by: John Snow <jsnow@redhat.com>
Message-Id: <20220811151413.3350684-8-alex.bennee@linaro.org>
Alex Bennée [Thu, 11 Aug 2022 15:14:11 +0000 (16:14 +0100)]
tests/avocado: add timeout to the aspeed tests
On some systems the test can hang. At least defining a timeout stops
it from hanging forever.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220811151413.3350684-7-alex.bennee@linaro.org>
Alex Bennée [Thu, 11 Aug 2022 15:14:06 +0000 (16:14 +0100)]
linux-user: un-parent OBJECT(cpu) when closing thread
While forcing the CPU to unrealize by hand does trigger the clean-up
code we never fully free resources because refcount never reaches
zero. This is because QOM automatically added objects without an
explicit parent to /unattached/, incrementing the refcount.
Instead of manually triggering unrealization just unparent the object
and let the device machinery deal with that for us.
Xiaojuan Yang [Fri, 12 Aug 2022 09:19:57 +0000 (17:19 +0800)]
docs/system/loongarch: Update the LoongArch document
1. Add some information about how to boot the LoongArch virt
machine by uefi bios and linux kernel and how to access the
source code or binary file.
2. Move the explanation of LoongArch system emulation in the
target/loongarch/README to docs/system/loongarch/loongson3.rst
Signed-off-by: Xiaojuan Yang <yangxiaojuan@loongson.cn> Reviewed-by: Song Gao <gaosong@loongson.cn>
Message-Id: <20220812091957.3338126-1-yangxiaojuan@loongson.cn> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Richard Henderson [Fri, 12 Aug 2022 17:46:43 +0000 (10:46 -0700)]
Merge tag 'pull-target-arm-20220812' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* Don't report Statistical Profiling Extension in ID registers
* virt ACPI tables: Present the GICR structure properly for GICv4
* Fix some typos in documentation
* tests/unit: fix a -Wformat-truncation warning
* cutils: Add missing dyld(3) include on macOS
* tag 'pull-target-arm-20220812' of https://git.linaro.org/people/pmaydell/qemu-arm:
cutils: Add missing dyld(3) include on macOS
hw/arm/virt-acpi-build: Present the GICR structure properly for GICv4
tests/unit: fix a -Wformat-truncation warning
Fix some typos in documentation (most of them found by codespell)
target/arm: Don't report Statistical Profiling Extension in ID registers
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>