Commit Graph

715 Commits

Author SHA1 Message Date
Stefan Berger
b193e5f9cc tests: acpi: prepare for updated TPM related tables
Replace existing TPM related tables, that are about to change, with
empty files.

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Ani Sinha <ani@anisinha.ca>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Ani Sinha <ani@anisinha.ca>
Message-id: 20211223022310.575496-2-stefanb@linux.ibm.com
Message-Id: <20220104175806.872996-2-stefanb@linux.ibm.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
2022-01-07 19:30:13 -05:00
Igor Mammedov
c8adb4d222 tests: acpi: SLIC: update expected blobs
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-5-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-01-07 19:30:13 -05:00
Igor Mammedov
11edfabee4 tests: acpi: add SLIC table test
When user uses '-acpitable' to add SLIC table, some ACPI
tables (FADT) will change its 'Oem ID'/'Oem Table ID' fields to
match that of SLIC. Test makes sure thati QEMU handles
those fields correctly when SLIC table is added with
'-acpitable' option.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-4-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-01-07 19:30:13 -05:00
Igor Mammedov
e71f6ab9d9 tests: acpi: whitelist expected blobs before changing them
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20211227193120.1084176-3-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-01-07 19:30:13 -05:00
Thomas Huth
961fb4b465 tests/qtest/hd-geo-test: Check for the lsi53c895a controller before using it
The lsi53c895a SCSI controller might have been disabled in the target
binary, so let's check for its availability first before using it.

Message-Id: <20211222153600.976588-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2022-01-05 11:10:13 +01:00
Thomas Huth
7539fa0116 tests/qtest/test-x86-cpuid-compat: Check for machines before using them
The user might have disabled the pc-i440fx machine type (or it's older
versions, like done in downstream RHEL) in the QEMU binary, so let's
better check whether the machine types are available before using them.

Message-Id: <20211222153923.1000420-1-thuth@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2022-01-05 11:10:03 +01:00
Thomas Huth
e63ed64c6d tests/qtest/virtio-net-failover: Use g_file_open_tmp() to create temporary file
g_test_rand_int() must not be called before g_test_init(), otherwise
the glib will show a "g_rand_int: assertion 'rand != NULL' failed"
message in the log. So we could change the order here, but actually,
it's safer to use g_file_open_tmp() anyway, so let's use that function
now instead.

Reported-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211222083652.776592-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-22 09:37:14 +01:00
Thomas Huth
d6a3dd7418 tests/qtest/boot-order-test: Check whether machines are available
Machines might not always be compiled into the QEMU binary, so
we should skip the test instead of failing if it is not available.

Message-Id: <20211220081054.151515-5-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-22 08:13:05 +01:00
Thomas Huth
95c0b77018 tests/qtest/cdrom-test: Check whether devices are available before using them
Downstream users might want to disable legacy devices in their binaries,
so we should not blindly assume that they are available. Add some proper
checks before using them.

Message-Id: <20211220081054.151515-4-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-22 08:13:05 +01:00
Thomas Huth
9cbd66028b tests/qtest: Improve endianness-test to work with missing machines and devices
The users might have built QEMU with less machines or without the
i82378 superio device. Add some checks to the endianess-test so that
it is able to deal with such stripped down QEMU versions, too.

Message-Id: <20211220081054.151515-3-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-22 08:13:05 +01:00
Thomas Huth
ad9e129b01 tests/qtest: Add a function that checks whether a device is available
Devices might not always be compiled into the QEMU target binaries.
We already have the libqos framework that is good for handling such
situations, but some of the qtests are not a real good fit for the
libqos framework. Let's add a qtest_has_device() function for such
tests instead.

Message-Id: <20211220081054.151515-2-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-22 08:13:05 +01:00
Thomas Huth
31fb263c29 tests/qtest: Make the filter tests independent from a specific NIC
These filter tests need a NIC, no matter which one, so they use a common
NIC by default. However, these common NIC models might not always have
been compiled into the QEMU target binary, so assuming that a certain NIC
is available is a bad idea. Since the exact type of NIC does not really
matter for these tests, let's switch to "-nic" instead of "-netdev" so
that QEMU can simply pick a default NIC for us.
This way we can now run the tests on other targets that have a default
machine with an on-board/default NIC, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211220103025.311759-1-thuth@redhat.com>
Reviewed-by: Zhang Chen <chen.zhang@intel.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-22 08:13:05 +01:00
Thomas Huth
046da5ef57 tests/qtest/boot-serial-test: Silence the warning about deprecated sga device
When running the qtests, there are currently a bunch of warnings about
the deprecated sga device during the boot-serial-test. Switch to
"-M graphics=off" to silence these warnings.

Message-Id: <20211220164042.397028-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-22 08:13:05 +01:00
Marc-André Lureau
b4dd5b6a60 tests: start dbus-display-test
Cover basic display interface usage. More cases to be added to cover
disconnections, multiple connections, corner cases. At this point, they
would be better written in Rust or Python though.

The proxy also covers reading the properties, since they are
automatically loaded at creation.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
2021-12-21 10:50:22 +04:00
Marc-André Lureau
2c7294d72c tests/qtests: add qtest_qmp_add_client()
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
2021-12-21 10:50:22 +04:00
Marc-André Lureau
61534882e7 backends: move dbus-vmstate1.xml to backends/
Although not used by the backend itself, use a common location for
documentation and sharing purposes.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
2021-12-21 10:50:21 +04:00
Philippe Mathieu-Daudé
08c34c642d tests/qtest/fuzz-megasas-test: Add test for GitLab issue #521
Without the previous commit, this test triggers:

  $ make check-qtest-x86_64
  [...]
  Running test qtest-x86_64/fuzz-megasas-test
  qemu-system-x86_64: softmmu/physmem.c:3229: address_space_unmap: Assertion `mr != NULL' failed.
  Broken pipe
  ERROR qtest-x86_64/fuzz-megasas-test - too few tests run (expected 2, got 1)

Suggested-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <20211119201141.532377-3-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-12-18 10:57:37 +01:00
Richard Henderson
90978e15bc Trivial patches pull request 20211217
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAmG87o8SHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L7484L4QAIkEUWlOKfF+xjwGq5BRQhV9gdW2sYYD
 p+QA59lEUpdyfSw5fG6xqyhjywWMiwAyDDM2RnAGEwtqTbZPgcSLD7e0x4SW2DkE
 wGBQaGRpj6QsAYctSEaEwwAErvxkMR9nX43IWVQrFCH4NtHKys4GtiTTZuJK0hDp
 U+b9FrX5x9RmqqY+XT+mY51E/2qC50b36WlstBuleLKkPG7K/Eky8cIxr+O8WsLR
 30OoL50yVe/u5AVZuzOqouFMzlf8YagiaUFquh5HXe/TUHtdA311AVCrd9XOANSK
 TXIINcQ1gsUMZ84mmMWovO9G4alexQQz04tm3CH5+rnOSlQ51sw8R+uFQWppOwIg
 5oSEx2A/ibsgdd7XwHt7xGj0iVPy9gNBlCxjEYZtMXAZyWLmvYBZvlmF3764Psgm
 i9NQ/nAS0DnXd2HA2P9Ndttw3JF2U2pFLC5ti4LCs9SD3iwZs7KMr5VxXjpeVa90
 /I2dAFisc/07sFqR7Fch8048HFg5stodCrhv3MIFlew3JJcyWuNqQOSLG6bWOLA2
 7UVkoO6YSDGLdz/cEn00t0kx9Ps2/PpqIbLydLPjpp6NpL4GE003JAp6nZ8Lam0l
 xd5v3Cg7RY+tc/QyTnSvDoE1UF0XD67pMnhL3IcdfrtFAJNWu44i25pdFEqwvO9U
 WqYS8AcLCoAv
 =EP1J
 -----END PGP SIGNATURE-----

Merge tag 'trivial-branch-for-7.0-pull-request' of https://gitlab.com/laurent_vivier/qemu into staging

Trivial patches pull request 20211217

# gpg: Signature made Fri 17 Dec 2021 12:09:51 PM PST
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [unknown]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [unknown]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* tag 'trivial-branch-for-7.0-pull-request' of https://gitlab.com/laurent_vivier/qemu:
  checkpatch: Do not allow deprecated g_memdup()
  tests/qtest: Replace g_memdup() by g_memdup2()
  glib-compat: Introduce g_memdup2() wrapper
  docs/block-replication.txt: Fix replication top-id command demo
  hw/virtio/vhost: Fix typo in comment.
  hw/avr: Realize AVRCPU qdev object using qdev_realize()
  qemu-keymap: Add license in generated files
  target/i386/kvm: Replace use of __u32 type
  configure: Symlink binaries using .exe suffix with MinGW

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-12-17 13:15:38 -08:00
Richard Henderson
93dc314c92 ppc 7.0 queue:
* General cleanup for Mac machines (Peter)
 * Fixes for FPU exceptions (Lucas)
 * Support for new ISA31 instructions (Matheus)
 * Fixes for ivshmem (Daniel)
 * Cleanups for PowerNV PHB (Christophe and Cedric)
 * Updates of PowerNV and pSeries documentation (Leonardo and Daniel)
 * Fixes for PowerNV (Daniel)
 * Large cleanup of FPU implementation (Richard)
 * Removal of SoftTLBs support for PPC74x CPUs (Fabiano)
 * Fixes for exception models in MPCx and 60x CPUs (Fabiano)
 * Removal of 401/403 CPUs (Cedric)
 * Deprecation of taihu machine (Thomas)
 * Large rework of PPC405 machine (Cedric)
 * Fixes for VSX instructions (Victor and Matheus)
 * Fix for e6500 CPU (Fabiano)
 * Initial support for PMU (Daniel)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmG8xt8ACgkQUaNDx8/7
 7KG3Dg/9EXK3GslNgUNRvB1pgRSimnrUirGUiDmZPXxevIbsoPsYaXmUcD1zOnlb
 zXiCzQ2Bvi8ZUjT1uScP7dkFCdzs6gXYbTEcTzscX3k2VnTjXHXhQ3cnb0uModP5
 U1QzrjV7K/q1usJW5OVSGZS1PoWOqWuZNdcp0mIUWcJHhSaYtUGGPohp7rH0JSug
 ncmkRA0KLgIX8eg8swyfJxrw9wCcXlFIcmwHipB8S/Dd/gUpmFEoaQsmugSJNYZe
 zi8Fd4jfzlRXVwb8EUSiOiaXSd/WKjEcQx/usbzzaBacbktk/nfy+rligUMryCpO
 vGFM5blxEX5SXD3Cd0vcFwYhCZImphD8K+Sxe6Us69rsUH11hJS+q29/Puk1MkHt
 DTubqB3k4BheiatOV1zeUMlbRm5svUhGj3VstFZYZeZ3Oh47Jsx3XH4hoytUuc/1
 lP9UGkaf3nIx12vSqBA/3Crc7zalWX5OhaUV5RG30+jxd8zHOKcasKbd22710DNz
 4WybQLb3bpUr091mWMKcaAkP6bxcE8S+mR4LE2kdELboAnkB+OgSmrdZ3slceaCv
 btV8qjNl4f8lBvyFQVxZ5bn05+TfxUXFlFxXipxf1fI64bYwRnyQQ3yRxMHipRYK
 CRta1akVgIgcBbeeRHBZLA12UgTQJY6WIoDaZMz9NxIDHJnX/jw=
 =APFd
 -----END PGP SIGNATURE-----

Merge tag 'pull-ppc-20211217' of https://github.com/legoater/qemu into staging

ppc 7.0 queue:

* General cleanup for Mac machines (Peter)
* Fixes for FPU exceptions (Lucas)
* Support for new ISA31 instructions (Matheus)
* Fixes for ivshmem (Daniel)
* Cleanups for PowerNV PHB (Christophe and Cedric)
* Updates of PowerNV and pSeries documentation (Leonardo and Daniel)
* Fixes for PowerNV (Daniel)
* Large cleanup of FPU implementation (Richard)
* Removal of SoftTLBs support for PPC74x CPUs (Fabiano)
* Fixes for exception models in MPCx and 60x CPUs (Fabiano)
* Removal of 401/403 CPUs (Cedric)
* Deprecation of taihu machine (Thomas)
* Large rework of PPC405 machine (Cedric)
* Fixes for VSX instructions (Victor and Matheus)
* Fix for e6500 CPU (Fabiano)
* Initial support for PMU (Daniel)

# gpg: Signature made Fri 17 Dec 2021 09:20:31 AM PST
# gpg:                using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B  0B60 51A3 43C7 CFFB ECA1

* tag 'pull-ppc-20211217' of https://github.com/legoater/qemu: (101 commits)
  ppc/pnv: Use QOM hierarchy to scan PEC PHB4 devices
  ppc/pnv: Move realize of PEC stacks under the PEC model
  ppc/pnv: Remove "system-memory" property from PHB4 PEC
  ppc/pnv: Compute the PHB index from the PHB4 PEC model
  ppc/pnv: Introduce a num_stack class attribute
  ppc/pnv: Introduce a "chip" property under the PHB4 model
  ppc/pnv: Introduce version and device_id class atributes for PHB4 devices
  ppc/pnv: Introduce a num_pecs class attribute for PHB4 PEC devices
  ppc/pnv: Use QOM hierarchy to scan PHB3 devices
  ppc/pnv: Move mapping of the PHB3 CQ regions under pnv_pbcq_realize()
  ppc/pnv: Drop the "num-phbs" property
  ppc/pnv: Use the chip class to check the index of PHB3 devices
  ppc/pnv: Introduce a "chip" property under PHB3
  PPC64/TCG: Implement 'rfebb' instruction
  target/ppc/power8-pmu.c: add PM_RUN_INST_CMPL (0xFA) event
  target/ppc: enable PMU instruction count
  target/ppc: enable PMU counter overflow with cycle events
  target/ppc: PMU: update counters on MMCR1 write
  target/ppc: PMU: update counters on PMCs r/w
  target/ppc: PMU basic cycle count for pseries TCG
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-12-17 09:55:14 -08:00
Daniel Henrique Barboza
d04aeb6862 ivshmem-test.c: enable test_ivshmem_server for ppc64 arch
This test, if enabled by hand, was failing when the ivhsmem device was
being declared as DEVICE_NATIVE_ENDIAN with the following error:

/ppc64/ivshmem/pair: OK
/ppc64/ivshmem/server:
**
ERROR:/home/danielhb/qemu/tests/qtest/ivshmem-test.c:367:test_ivshmem_server:
assertion failed (ret != 0): (0 != 0)
Aborted

After the endianness change done in the previous patch, we can verify in
both a a Power 9 little-endian host and in a Power 8 big-endian host
that this test is now passing:

$ QTEST_QEMU_BINARY=./ppc64-softmmu/qemu-system-ppc64 ./tests/qtest/ivshmem-test -m slow
/ppc64/ivshmem/single: OK
/ppc64/ivshmem/hotplug: OK
/ppc64/ivshmem/memdev: OK
/ppc64/ivshmem/pair: OK
/ppc64/ivshmem/server: OK

Let's keep it that way by officially enabling it for ppc64.

Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211124092948.335389-3-danielhb413@gmail.com>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2021-12-17 17:57:13 +01:00
Philippe Mathieu-Daudé
460056dbe6 tests/qtest: Replace g_memdup() by g_memdup2()
Per https://discourse.gnome.org/t/port-your-module-from-g-memdup-to-g-memdup2-now/5538

  The old API took the size of the memory to duplicate as a guint,
  whereas most memory functions take memory sizes as a gsize. This
  made it easy to accidentally pass a gsize to g_memdup(). For large
  values, that would lead to a silent truncation of the size from 64
  to 32 bits, and result in a heap area being returned which is
  significantly smaller than what the caller expects. This can likely
  be exploited in various modules to cause a heap buffer overflow.

Replace g_memdup() by the safer g_memdup2() wrapper.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210903174510.751630-25-philmd@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-12-17 11:56:04 +01:00
Richard Henderson
29eb5c2c86 * improve compatibility for macOS scripts/entitlement.sh (Evan)
* add support for KVM_GUESTDBG_BLOCKIRQ (Maxim)
 * update linux-headers to Linux 5.16 (myself)
 * configure cleanups (myself)
 * lsi53c895a assertion failure fix (Philippe)
 * fix incorrect description for die-id (Yanan)
 * support for NUMA in SGX enclave memory (Yang Zhong)
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmG5yEgUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroOFkwf9Glt3tnHfO/gWZectiMAjjM8vg3cR
 yEsWU0fa0iu8MO8NiOW0b6DT0yosZ8rl2SYSZBQGqwa/Lq2MZLO2v0JG4LblBom7
 WVmzNOG4t0OFoE2gwMlZ2J+ppaHV5zN1Yc6lMXOVQcefY0pXoyze+0Fq/cwKf2+p
 6WDZTuOpjtxMwt9n71b93kNAHagk422MpNi1xi+o37hNsm/Zh3BTtaSJ7WCkCmWq
 YmwwQZgyB/V0Ah42wchuf5zxEnQPMbjaQSu8jQU4iyCB7+2biBuh3Cqw5eR8tqC1
 cGNINGlo2Orl9ASyEunHyuDj8p0wN8J37wNuBo4kghhrTVsVKQYF0wmsqw==
 =U1Xy
 -----END PGP SIGNATURE-----

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* improve compatibility for macOS scripts/entitlement.sh (Evan)
* add support for KVM_GUESTDBG_BLOCKIRQ (Maxim)
* update linux-headers to Linux 5.16 (myself)
* configure cleanups (myself)
* lsi53c895a assertion failure fix (Philippe)
* fix incorrect description for die-id (Yanan)
* support for NUMA in SGX enclave memory (Yang Zhong)

# gpg: Signature made Wed 15 Dec 2021 02:49:44 AM PST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [unknown]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
  configure: remove dead variables
  doc: Add the SGX numa description
  numa: Support SGX numa in the monitor and Libvirt interfaces
  numa: Enable numa for SGX EPC sections
  kvm: add support for KVM_GUESTDBG_BLOCKIRQ
  gdbstub, kvm: let KVM report supported singlestep flags
  gdbstub: reject unsupported flags in handle_set_qemu_sstep
  linux-headers: update to 5.16-rc1
  virtio-gpu: do not byteswap padding
  scripts/entitlement.sh: Use backward-compatible cp flags
  qapi/machine.json: Fix incorrect description for die-id
  tests/qtest: Add fuzz-lsi53c895a-test
  hw/scsi/lsi53c895a: Do not abort when DMA requested and no data queued

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-12-16 08:39:20 -08:00
Jean-Philippe Brucker
69a80f14ce tests/qtest/bios-tables-test: Only run VIOT test on TCG
The VIOT test does not always work under KVM on the virt machine:

  PASS 5 qtest-aarch64/bios-tables-test /aarch64/acpi/virt/oem-fields
  qemu-system-aarch64: kvm_init_vcpu: kvm_arch_init_vcpu failed (0): Invalid argument
  Broken pipe

Make it TCG only.

Reported-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-12-16 12:15:10 +00:00
Richard Henderson
aab8cfd4c3 target-arm queue:
* ITS: error reporting cleanup
  * aspeed: improve documentation
  * Fix STM32F2XX USART data register readout
  * allow emulated GICv3 to be disabled in non-TCG builds
  * fix exception priority for singlestep, misaligned PC, bp, etc
  * Correct calculation of tlb range invalidate length
  * npcm7xx_emc: fix missing queue_flush
  * virt: Add VIOT ACPI table for virtio-iommu
  * target/i386: Use assert() to sanity-check b1 in SSE decode
  * Don't include qemu-common unnecessarily
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmG5xekZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3ramD/0WL8YV70sW5B/tHdb+/em1
 xTBuABUUj5QDvKnxNoPIBwJI0vgmzwhAonYzcKKEUvlbL97crkgt6xSPvVxv2nf5
 wnSYMKTDEC11AuYVdEyIMm5KLc88mq1w78pTYkFSUJmujCpfqLAsyXdEastIPHfN
 MdrwkpQ3wVmMeMcNBTq2yCxiGlz7x/myeJtDU9ihgPTcsgXa8BzziK6qCZHAOGCL
 0/ljXDbVTJtLYUki9IqptPs8QUtlqOBt3rLplxHfKRKpmjiuD+xFlQ4GuIOBX+AL
 tQWgEyyiR9FnYpY1t3fWVtuKgjYXzlbh1A6cwdsK3Q68+qfi7Yr+lPryjwrmOkx7
 /Yupq+QB/xgK4nxF4ydDXLvqI3h6GjaF2U9qujK3H9DyMOEYJDpaX1TZMphtWI89
 9u7kLO6DNE00oUoiX+6Aty0qQtXv12SSaNpJmFON87/WLJJamHuiS6NiZp/r4ORU
 51ds2LPGJAKAy9duqmZJ/81WlNjmHmurq1v+FIl29XInc4a2SpwEUM0rsTrrQTaD
 16Qh2OZCnlYEg9nh6B54FQe8xP+pp69Gn/BRFhcwW9fPq4/pHSrwKEkI6lE+Yuiq
 +Fe8r0DbZczfhjcGdoUlIgMj+WSVY9Q8Opztsmv/kjZqxt0VvfdmAVp0odl5KdB4
 cKAeYciNSgq2bGd+N4kuHA==
 =KuTi
 -----END PGP SIGNATURE-----

Merge tag 'pull-target-arm-20211215' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * ITS: error reporting cleanup
 * aspeed: improve documentation
 * Fix STM32F2XX USART data register readout
 * allow emulated GICv3 to be disabled in non-TCG builds
 * fix exception priority for singlestep, misaligned PC, bp, etc
 * Correct calculation of tlb range invalidate length
 * npcm7xx_emc: fix missing queue_flush
 * virt: Add VIOT ACPI table for virtio-iommu
 * target/i386: Use assert() to sanity-check b1 in SSE decode
 * Don't include qemu-common unnecessarily

# gpg: Signature made Wed 15 Dec 2021 02:39:37 AM PST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]

* tag 'pull-target-arm-20211215' of https://git.linaro.org/people/pmaydell/qemu-arm: (33 commits)
  tests/acpi: add expected blob for VIOT test on virt machine
  tests/acpi: add expected blobs for VIOT test on q35 machine
  tests/acpi: add test case for VIOT
  tests/acpi: allow updates of VIOT expected data files
  hw/arm/virt: Use object_property_set instead of qdev_prop_set
  hw/arm/virt: Reject instantiation of multiple IOMMUs
  hw/arm/virt: Remove device tree restriction for virtio-iommu
  hw/arm/virt-acpi-build: Add VIOT table for virtio-iommu
  hw/net: npcm7xx_emc fix missing queue_flush
  target/arm: Correct calculation of tlb range invalidate length
  hw/arm: Don't include qemu-common.h unnecessarily
  target/rx/cpu.h: Don't include qemu-common.h
  target/hexagon/cpu.h: don't include qemu-common.h
  include/hw/i386: Don't include qemu-common.h in .h files
  target/i386: Use assert() to sanity-check b1 in SSE decode
  tests/tcg: Add arm and aarch64 pc alignment tests
  target/arm: Suppress bp for exceptions with more priority
  target/arm: Assert thumb pc is aligned
  target/arm: Take an exception if PC is misaligned
  target/arm: Split compute_fsr_fsc out of arm_deliver_fault
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-12-15 10:33:45 -08:00
Jean-Philippe Brucker
aed1765588 tests/acpi: add expected blob for VIOT test on virt machine
The VIOT blob contains the following:

[000h 0000   4]                    Signature : "VIOT"    [Virtual I/O Translation Table]
[004h 0004   4]                 Table Length : 00000058
[008h 0008   1]                     Revision : 00
[009h 0009   1]                     Checksum : 66
[00Ah 0010   6]                       Oem ID : "BOCHS "
[010h 0016   8]                 Oem Table ID : "BXPC    "
[018h 0024   4]                 Oem Revision : 00000001
[01Ch 0028   4]              Asl Compiler ID : "BXPC"
[020h 0032   4]        Asl Compiler Revision : 00000001

[024h 0036   2]                   Node count : 0002
[026h 0038   2]                  Node offset : 0030
[028h 0040   8]                     Reserved : 0000000000000000

[030h 0048   1]                         Type : 03 [VirtIO-PCI IOMMU]
[031h 0049   1]                     Reserved : 00
[032h 0050   2]                       Length : 0010

[034h 0052   2]                  PCI Segment : 0000
[036h 0054   2]               PCI BDF number : 0008
[038h 0056   8]                     Reserved : 0000000000000000

[040h 0064   1]                         Type : 01 [PCI Range]
[041h 0065   1]                     Reserved : 00
[042h 0066   2]                       Length : 0018

[044h 0068   4]               Endpoint start : 00000000
[048h 0072   2]            PCI Segment start : 0000
[04Ah 0074   2]              PCI Segment end : 0000
[04Ch 0076   2]                PCI BDF start : 0000
[04Eh 0078   2]                  PCI BDF end : 00FF
[050h 0080   2]                  Output node : 0030
[052h 0082   6]                     Reserved : 000000000000

Acked-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-id: 20211210170415.583179-9-jean-philippe@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-12-15 10:35:26 +00:00
Jean-Philippe Brucker
cf7a348837 tests/acpi: add expected blobs for VIOT test on q35 machine
Add expected blobs of the VIOT and DSDT table for the VIOT test on the
q35 machine.

Since the test instantiates a virtio device and two PCIe expander
bridges, DSDT.viot has more blocks than the base DSDT.

The VIOT table generated for the q35 test is:

[000h 0000   4]                    Signature : "VIOT"    [Virtual I/O Translation Table]
[004h 0004   4]                 Table Length : 00000070
[008h 0008   1]                     Revision : 00
[009h 0009   1]                     Checksum : 3D
[00Ah 0010   6]                       Oem ID : "BOCHS "
[010h 0016   8]                 Oem Table ID : "BXPC    "
[018h 0024   4]                 Oem Revision : 00000001
[01Ch 0028   4]              Asl Compiler ID : "BXPC"
[020h 0032   4]        Asl Compiler Revision : 00000001

[024h 0036   2]                   Node count : 0003
[026h 0038   2]                  Node offset : 0030
[028h 0040   8]                     Reserved : 0000000000000000

[030h 0048   1]                         Type : 03 [VirtIO-PCI IOMMU]
[031h 0049   1]                     Reserved : 00
[032h 0050   2]                       Length : 0010

[034h 0052   2]                  PCI Segment : 0000
[036h 0054   2]               PCI BDF number : 0010
[038h 0056   8]                     Reserved : 0000000000000000

[040h 0064   1]                         Type : 01 [PCI Range]
[041h 0065   1]                     Reserved : 00
[042h 0066   2]                       Length : 0018

[044h 0068   4]               Endpoint start : 00003000
[048h 0072   2]            PCI Segment start : 0000
[04Ah 0074   2]              PCI Segment end : 0000
[04Ch 0076   2]                PCI BDF start : 3000
[04Eh 0078   2]                  PCI BDF end : 30FF
[050h 0080   2]                  Output node : 0030
[052h 0082   6]                     Reserved : 000000000000

[058h 0088   1]                         Type : 01 [PCI Range]
[059h 0089   1]                     Reserved : 00
[05Ah 0090   2]                       Length : 0018

[05Ch 0092   4]               Endpoint start : 00001000
[060h 0096   2]            PCI Segment start : 0000
[062h 0098   2]              PCI Segment end : 0000
[064h 0100   2]                PCI BDF start : 1000
[066h 0102   2]                  PCI BDF end : 10FF
[068h 0104   2]                  Output node : 0030
[06Ah 0106   6]                     Reserved : 000000000000

And the DSDT diff is:

@@ -5,13 +5,13 @@
  *
  * Disassembling to symbolic ASL+ operators
  *
- * Disassembly of tests/data/acpi/q35/DSDT, Fri Dec 10 15:03:08 2021
+ * Disassembly of /tmp/aml-H9Y5D1, Fri Dec 10 15:02:27 2021
  *
  * Original Table Header:
  *     Signature        "DSDT"
- *     Length           0x00002061 (8289)
+ *     Length           0x000024B6 (9398)
  *     Revision         0x01 **** 32-bit table (V1), no 64-bit math support
- *     Checksum         0xFA
+ *     Checksum         0xA7
  *     OEM ID           "BOCHS "
  *     OEM Table ID     "BXPC    "
  *     OEM Revision     0x00000001 (1)
@@ -3114,6 +3114,339 @@
         }
     }

+    Scope (\_SB)
+    {
+        Device (PC30)
+        {
+            Name (_UID, 0x30)  // _UID: Unique ID
+            Name (_BBN, 0x30)  // _BBN: BIOS Bus Number
+            Name (_HID, EisaId ("PNP0A08") /* PCI Express Bus */)  // _HID: Hardware ID
+            Name (_CID, EisaId ("PNP0A03") /* PCI Bus */)  // _CID: Compatible ID
+            Method (_OSC, 4, NotSerialized)  // _OSC: Operating System Capabilities
+            {
+                CreateDWordField (Arg3, Zero, CDW1)
+                If ((Arg0 == ToUUID ("33db4d5b-1ff7-401c-9657-7441c03dd766") /* PCI Host Bridge Device */))
+                {
+                    CreateDWordField (Arg3, 0x04, CDW2)
+                    CreateDWordField (Arg3, 0x08, CDW3)
+                    Local0 = CDW3 /* \_SB_.PC30._OSC.CDW3 */
+                    Local0 &= 0x1F
+                    If ((Arg1 != One))
+                    {
+                        CDW1 |= 0x08
+                    }
+
+                    If ((CDW3 != Local0))
+                    {
+                        CDW1 |= 0x10
+                    }
+
+                    CDW3 = Local0
+                }
+                Else
+                {
+                    CDW1 |= 0x04
+                }
+
+                Return (Arg3)
+            }
+
+            Method (_PRT, 0, NotSerialized)  // _PRT: PCI Routing Table
+            {
+                Local0 = Package (0x80){}
+                Local1 = Zero
+                While ((Local1 < 0x80))
+                {
+                    Local2 = (Local1 >> 0x02)
+                    Local3 = ((Local1 + Local2) & 0x03)
+                    If ((Local3 == Zero))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKD,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == One))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKA,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == 0x02))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKB,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == 0x03))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKC,
+                                Zero
+                            }
+                    }
+
+                    Local4 [Zero] = ((Local2 << 0x10) | 0xFFFF)
+                    Local4 [One] = (Local1 & 0x03)
+                    Local0 [Local1] = Local4
+                    Local1++
+                }
+
+                Return (Local0)
+            }
+
+            Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
+            {
+                WordBusNumber (ResourceProducer, MinFixed, MaxFixed, PosDecode,
+                    0x0000,             // Granularity
+                    0x0030,             // Range Minimum
+                    0x0030,             // Range Maximum
+                    0x0000,             // Translation Offset
+                    0x0001,             // Length
+                    ,, )
+            })
+        }
+    }
+
+    Scope (\_SB)
+    {
+        Device (PC20)
+        {
+            Name (_UID, 0x20)  // _UID: Unique ID
+            Name (_BBN, 0x20)  // _BBN: BIOS Bus Number
+            Name (_HID, EisaId ("PNP0A08") /* PCI Express Bus */)  // _HID: Hardware ID
+            Name (_CID, EisaId ("PNP0A03") /* PCI Bus */)  // _CID: Compatible ID
+            Method (_OSC, 4, NotSerialized)  // _OSC: Operating System Capabilities
+            {
+                CreateDWordField (Arg3, Zero, CDW1)
+                If ((Arg0 == ToUUID ("33db4d5b-1ff7-401c-9657-7441c03dd766") /* PCI Host Bridge Device */))
+                {
+                    CreateDWordField (Arg3, 0x04, CDW2)
+                    CreateDWordField (Arg3, 0x08, CDW3)
+                    Local0 = CDW3 /* \_SB_.PC20._OSC.CDW3 */
+                    Local0 &= 0x1F
+                    If ((Arg1 != One))
+                    {
+                        CDW1 |= 0x08
+                    }
+
+                    If ((CDW3 != Local0))
+                    {
+                        CDW1 |= 0x10
+                    }
+
+                    CDW3 = Local0
+                }
+                Else
+                {
+                    CDW1 |= 0x04
+                }
+
+                Return (Arg3)
+            }
+
+            Method (_PRT, 0, NotSerialized)  // _PRT: PCI Routing Table
+            {
+                Local0 = Package (0x80){}
+                Local1 = Zero
+                While ((Local1 < 0x80))
+                {
+                    Local2 = (Local1 >> 0x02)
+                    Local3 = ((Local1 + Local2) & 0x03)
+                    If ((Local3 == Zero))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKD,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == One))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKA,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == 0x02))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKB,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == 0x03))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKC,
+                                Zero
+                            }
+                    }
+
+                    Local4 [Zero] = ((Local2 << 0x10) | 0xFFFF)
+                    Local4 [One] = (Local1 & 0x03)
+                    Local0 [Local1] = Local4
+                    Local1++
+                }
+
+                Return (Local0)
+            }
+
+            Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
+            {
+                WordBusNumber (ResourceProducer, MinFixed, MaxFixed, PosDecode,
+                    0x0000,             // Granularity
+                    0x0020,             // Range Minimum
+                    0x0020,             // Range Maximum
+                    0x0000,             // Translation Offset
+                    0x0001,             // Length
+                    ,, )
+            })
+        }
+    }
+
+    Scope (\_SB)
+    {
+        Device (PC10)
+        {
+            Name (_UID, 0x10)  // _UID: Unique ID
+            Name (_BBN, 0x10)  // _BBN: BIOS Bus Number
+            Name (_HID, EisaId ("PNP0A08") /* PCI Express Bus */)  // _HID: Hardware ID
+            Name (_CID, EisaId ("PNP0A03") /* PCI Bus */)  // _CID: Compatible ID
+            Method (_OSC, 4, NotSerialized)  // _OSC: Operating System Capabilities
+            {
+                CreateDWordField (Arg3, Zero, CDW1)
+                If ((Arg0 == ToUUID ("33db4d5b-1ff7-401c-9657-7441c03dd766") /* PCI Host Bridge Device */))
+                {
+                    CreateDWordField (Arg3, 0x04, CDW2)
+                    CreateDWordField (Arg3, 0x08, CDW3)
+                    Local0 = CDW3 /* \_SB_.PC10._OSC.CDW3 */
+                    Local0 &= 0x1F
+                    If ((Arg1 != One))
+                    {
+                        CDW1 |= 0x08
+                    }
+
+                    If ((CDW3 != Local0))
+                    {
+                        CDW1 |= 0x10
+                    }
+
+                    CDW3 = Local0
+                }
+                Else
+                {
+                    CDW1 |= 0x04
+                }
+
+                Return (Arg3)
+            }
+
+            Method (_PRT, 0, NotSerialized)  // _PRT: PCI Routing Table
+            {
+                Local0 = Package (0x80){}
+                Local1 = Zero
+                While ((Local1 < 0x80))
+                {
+                    Local2 = (Local1 >> 0x02)
+                    Local3 = ((Local1 + Local2) & 0x03)
+                    If ((Local3 == Zero))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKD,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == One))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKA,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == 0x02))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKB,
+                                Zero
+                            }
+                    }
+
+                    If ((Local3 == 0x03))
+                    {
+                        Local4 = Package (0x04)
+                            {
+                                Zero,
+                                Zero,
+                                LNKC,
+                                Zero
+                            }
+                    }
+
+                    Local4 [Zero] = ((Local2 << 0x10) | 0xFFFF)
+                    Local4 [One] = (Local1 & 0x03)
+                    Local0 [Local1] = Local4
+                    Local1++
+                }
+
+                Return (Local0)
+            }
+
+            Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
+            {
+                WordBusNumber (ResourceProducer, MinFixed, MaxFixed, PosDecode,
+                    0x0000,             // Granularity
+                    0x0010,             // Range Minimum
+                    0x0010,             // Range Maximum
+                    0x0000,             // Translation Offset
+                    0x0001,             // Length
+                    ,, )
+            })
+        }
+    }
+
     Scope (\_SB.PCI0)
     {
         Name (_CRS, ResourceTemplate ()  // _CRS: Current Resource Settings
@@ -3121,9 +3454,9 @@
             WordBusNumber (ResourceProducer, MinFixed, MaxFixed, PosDecode,
                 0x0000,             // Granularity
                 0x0000,             // Range Minimum
-                0x00FF,             // Range Maximum
+                0x000F,             // Range Maximum
                 0x0000,             // Translation Offset
-                0x0100,             // Length
+                0x0010,             // Length
                 ,, )
             IO (Decode16,
                 0x0CF8,             // Range Minimum
@@ -3278,6 +3611,26 @@
                 }
             }

+            Device (S10)
+            {
+                Name (_ADR, 0x00020000)  // _ADR: Address
+            }
+
+            Device (S18)
+            {
+                Name (_ADR, 0x00030000)  // _ADR: Address
+            }
+
+            Device (S20)
+            {
+                Name (_ADR, 0x00040000)  // _ADR: Address
+            }
+
+            Device (S28)
+            {
+                Name (_ADR, 0x00050000)  // _ADR: Address
+            }
+
             Method (PCNT, 0, NotSerialized)
             {
             }

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-id: 20211210170415.583179-8-jean-philippe@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-12-15 10:35:26 +00:00
Jean-Philippe Brucker
39d7554b20 tests/acpi: add test case for VIOT
Add two test cases for VIOT, one on the q35 machine and the other on
virt. To test complex topologies the q35 test has two PCIe buses that
bypass the IOMMU (and are therefore not described by VIOT), and two
buses that are translated by virtio-iommu.

Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-id: 20211210170415.583179-7-jean-philippe@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-12-15 10:35:26 +00:00
Jean-Philippe Brucker
641f32f684 tests/acpi: allow updates of VIOT expected data files
Create empty data files and allow updates for the upcoming VIOT tests.

Acked-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-id: 20211210170415.583179-6-jean-philippe@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-12-15 10:35:26 +00:00
Eric Auger
becf88730b tests: qtest: Add virtio-iommu test
Add the framework to test the virtio-iommu-pci device
and tests exercising the attach/detach, map/unmap API.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211127072910.1261824-5-eric.auger@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:08:59 +01:00
Thomas Huth
719051ca3f tests/qtest: Add a function to check whether a machine is available
It is nowadays possible to build QEMU with a reduced set of machines
in each binary. However, the qtests still hard-code the expected
machines and fail if the binary does not feature the required machine.
Let's get a little bit more flexible here: Add a function that can be
used to query whether a certain machine is available or not, and use
it in some tests as an example (more work has to be done in other
tests which will follow later).

Message-Id: <20211201104347.51922-5-thuth@redhat.com>
Acked-by: John Snow <jsnow@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:08:59 +01:00
Thomas Huth
5516a3b592 tests/qtest: Add a function that gets a list with available machine types
For the upcoming patches, we will need a way to gets a list with all
available machine types. Refactor the qtest_cb_for_every_machine()
to split the related code out into a separate new function, and
gather the aliases of the various machine types, too.

Message-Id: <20211201104347.51922-4-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:08:59 +01:00
Thomas Huth
bf22f15114 tests/qtest: Fence the tests that need xlnx-zcu102 with CONFIG_XLNX_ZYNQMP_ARM
The 'xlnx-can-test' and the 'fuzz-xlnx-dp-test' need the "xlnx-zcu102"
machine and thus should only be built and run if CONFIG_XLNX_ZYNQMP_ARM
is enabled.

Message-Id: <20211201104347.51922-3-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:08:59 +01:00
Thomas Huth
a9697d0947 tests/qtest: Run the PPC 32-bit tests with the 64-bit target binary, too
The ppc64 target is a superset of the 32-bit target, so we should
include the tests here, too. This used to be done in the past already,
but it got lost during the conversion to meson.

Fixes: a2ce7dbd91 ("meson: convert tests/qtest to meson")
Message-Id: <20211201104347.51922-2-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:08:59 +01:00
Laurent Vivier
e1e3d32118 tests/libqtest: add a migration test with two couples of failover devices
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211208130350.10178-5-lvivier@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:08:59 +01:00
Laurent Vivier
1e2077e223 tests/libqtest: add some virtio-net failover migration cancelling tests
Add some tests to check the state of the machine if the migration
is cancelled while we are using virtio-net failover.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211208130350.10178-4-lvivier@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:08:51 +01:00
Laurent Vivier
e32b96b559 tests/qtest: add some tests for virtio-net failover
Add test cases to test several error cases that must be
generated by invalid failover configuration.

Add a combination of coldplug and hotplug test cases to be
sure the primary is correctly managed according the
presence or not of the STANDBY feature.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20211208130350.10178-3-lvivier@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:07:04 +01:00
Laurent Vivier
efe84f03ea qtest/libqos: add a function to initialize secondary PCI buses
Scan the PCI devices to find bridge and set PCI_SECONDARY_BUS and
PCI_SUBORDINATE_BUS (algorithm from seabios)

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211208130350.10178-2-lvivier@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-12-15 08:07:04 +01:00
Philippe Mathieu-Daudé
cc20926e9b tests/qtest/fdc-test: Add a regression test for CVE-2021-20196
Without the previous commit, when running 'make check-qtest-i386'
with QEMU configured with '--enable-sanitizers' we get:

  AddressSanitizer:DEADLYSIGNAL
  =================================================================
  ==287878==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000344
  ==287878==The signal is caused by a WRITE memory access.
  ==287878==Hint: address points to the zero page.
      #0 0x564b2e5bac27 in blk_inc_in_flight block/block-backend.c:1346:5
      #1 0x564b2e5bb228 in blk_pwritev_part block/block-backend.c:1317:5
      #2 0x564b2e5bcd57 in blk_pwrite block/block-backend.c:1498:11
      #3 0x564b2ca1cdd3 in fdctrl_write_data hw/block/fdc.c:2221:17
      #4 0x564b2ca1b2f7 in fdctrl_write hw/block/fdc.c:829:9
      #5 0x564b2dc49503 in portio_write softmmu/ioport.c:201:9

Add the reproducer for CVE-2021-20196.

Suggested-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20211124161536.631563-4-philmd@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
2021-12-02 01:09:38 -05:00
Philippe Mathieu-Daudé
aa62976c9d tests/qtest: Add fuzz-lsi53c895a-test
Without the previous commit, this test triggers:

  $ make check-qtest-x86_64
  [...]
  Running test qtest-x86_64/fuzz-lsi53c895a-test
  qemu-system-x86_64: hw/scsi/lsi53c895a.c:624: lsi_do_dma: Assertion `s->current' failed.
  ERROR qtest-x86_64/fuzz-lsi53c895a-test - too few tests run (expected 1, got 0)

Suggested-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20211123111732.83137-3-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-30 22:25:58 +01:00
Mark Cave-Ayland
283191640c qtest/am53c974-test: add test for reset before transfer
Based upon the qtest reproducer posted to Gitlab issue #724 at
https://gitlab.com/qemu-project/qemu/-/issues/724.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211118100327.29061-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-19 10:14:30 +01:00
Laurent Vivier
4a778dac9e tests/qtest/virtio-net: fix hotplug test case
virtio-net-test has an hotplug testcase that is never executed.

This is because the testcase is attached to virtio-pci interface
rather than to virtio-net-pci.

  $ QTEST_QEMU_BINARY=./qemu-system-x86_64 tests/qtest/qos-test -l | grep hotplug
  /x86_64/.../pci-ohci-tests/ohci_pci-test-hotplug
  /x86_64/.../e1000e/e1000e-tests/hotplug
  /x86_64/.../virtio-blk-pci/virtio-blk-pci-tests/hotplug
  /x86_64/.../vhost-user-blk-pci/vhost-user-blk-pci-tests/hotplug
  /x86_64/.../virtio-rng-pci/virtio-rng-pci-tests/hotplug
  /x86_64/.../virtio-scsi/virtio-scsi-tests/hotplug
  /x86_64/.../virtio-serial/virtio-serial-tests/hotplug

With this fix:

  $ QTEST_QEMU_BINARY=./qemu-system-x86_64 tests/qtest/qos-test -l | grep hotplug
  ...
  /x86_64/.../vhost-user-blk-pci/vhost-user-blk-pci-tests/hotplug
  /x86_64/.../virtio-net-pci/virtio-net-pci-tests/hotplug
  /x86_64/.../virtio-rng-pci/virtio-rng-pci-tests/hotplug
  ...
  $ QTEST_QEMU_BINARY=./qemu-system-x86_64 tests/qtest/qos-test -p /x86_64/.../virtio-net-pci-tests/hotplug
  /x86_64/pc/i440FX-pcihost/pci-bus-pc/pci-bus/virtio-net-pci/virtio-net-pci-tests/hotplug: OK

Fixes: 6ae333f91b ("qos-test: virtio-net test node")
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211028173014.139692-1-lvivier@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-11-09 10:11:27 +01:00
Richard Henderson
b1fd92137e * Build system fixes and cleanups
* DMA support in the multiboot option ROM
 * Rename default-bus-bypass-iommu
 * Deprecate -watchdog and cleanup -watchdog-action
 * HVF fix for <PAGE_SIZE regions
 * Support TSC scaling for AMD nested virtualization
 * Fix for ESP fuzzing bug
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmGBUeEUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroOh+Qf+OMRhRiv6dYjbK/5zXrx81AgxYAY3
 dBUSr8v16LyrMl1U3DZWzhD+MzQsC83m/Xsh4lGxlHDWtkK9QQA5xDG95JZdY26i
 MGCbbjnFHISbyBQV9Y724gPfPjOOODuoFbzafSx6VLITOcyv1ye0cm7TOjOPB+tt
 E4c3JqTZ7g8a5yMe8ItkVhz5pPY+oVw8dxMNRp6Sup5Dbfx0DjacIwLasLsHfPL7
 qBADfqB20ovHUzLjXu7oWgEd4KxJ6kiSCaJJu/KD36hg0wB8+WVP1o43j4PkczHT
 QjU7eZaeaTrN5Cf34ttPge6QReMi5SFNCaA9O9/HLqrQgdEtt/diZWuqjQ==
 =a2mC
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* Build system fixes and cleanups
* DMA support in the multiboot option ROM
* Rename default-bus-bypass-iommu
* Deprecate -watchdog and cleanup -watchdog-action
* HVF fix for <PAGE_SIZE regions
* Support TSC scaling for AMD nested virtualization
* Fix for ESP fuzzing bug

# gpg: Signature made Tue 02 Nov 2021 10:57:37 AM EDT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]

* remotes/bonzini/tags/for-upstream: (27 commits)
  configure: fix --audio-drv-list help message
  configure: Remove the check for the __thread keyword
  Move the l2tpv3 test from configure to meson.build
  meson: remove unnecessary coreaudio test program
  meson: remove pointless warnings
  meson.build: Allow to disable OSS again
  meson: bump submodule to 0.59.3
  qtest/am53c974-test: add test for cancelling in-flight requests
  esp: ensure in-flight SCSI requests are always cancelled
  KVM: SVM: add migration support for nested TSC scaling
  hw/i386: fix vmmouse registration
  watchdog: remove select_watchdog_action
  vl: deprecate -watchdog
  watchdog: add information from -watchdog help to -device help
  hw/i386: Rename default_bus_bypass_iommu
  hvf: Avoid mapping regions < PAGE_SIZE as ram
  configure: do not duplicate CPU_CFLAGS into QEMU_LDFLAGS
  configure: remove useless NPTL probe
  target/i386: use DMA-enabled multiboot ROM for new-enough QEMU machine types
  optionrom: add a DMA-enabled multiboot ROM
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-03 13:07:30 -04:00
Richard Henderson
cc23377516 Add nuvoton sd module for NPCM7XX
Add gdb-xml for MVE
 More uses of tcg_constant_* in target/arm
 Fix parameter naming for default-bus-bypass-iommu
 Ignore cache operations to mmio in HVF
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmGBgjkdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV8sAAgAsHaW2sHH/W4TzCwl
 DfqFar4u047Q+ZtQHjNehGHF9Bxp4NS4A0qL52vk0hVoqeWlyF1N29MOnewgVDqY
 q1x+uxJtG9xjTse7oEEshEEFF/7J8eB8dN4E78TFn/6IhvVhGiUeeRu29s44Ot6N
 E2KABcXfd+4gEdqhepLGEbi5n0TnA8ARmmeffZNWVEbsxQjHnMQQYmqGmllB3xV3
 qPpnp3avvD1015zMwrLVmlDO+tSRr/1bed7k3k26ebga2B/zitxcpXFNCDlgePx0
 LNT5QYvBDpE7HOruGQjf4iXPJHfYw5VMtopK7K++rY9KWiJgBVSjQUcB462sdCPk
 wNAp0g==
 =vlZ5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-arm-20211102-2' into staging

Add nuvoton sd module for NPCM7XX
Add gdb-xml for MVE
More uses of tcg_constant_* in target/arm
Fix parameter naming for default-bus-bypass-iommu
Ignore cache operations to mmio in HVF

# gpg: Signature made Tue 02 Nov 2021 02:23:53 PM EDT
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* remotes/rth/tags/pull-arm-20211102-2:
  hvf: arm: Ignore cache operations on MMIO
  hw/arm/virt: Rename default_bus_bypass_iommu
  target/arm: Use tcg_constant_i32() in gen_rev16()
  target/arm: Use tcg_constant_i64() in do_sat_addsub_64()
  target/arm: Use the constant variant of store_cpu_field() when possible
  target/arm: Introduce store_cpu_field_constant() helper
  target/arm: Use tcg_constant_i32() in op_smlad()
  target/arm: Advertise MVE to gdb when present
  tests/qtest/libqos: add SDHCI commands
  hw/arm: Attach MMC to quanta-gbs-bmc
  hw/arm: Add Nuvoton SD module to board
  hw/sd: add nuvoton MMC

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-03 09:31:25 -04:00
Shengtan Mao
da2f02b360 tests/qtest/libqos: add SDHCI commands
Signed-off-by: Shengtan Mao <stmao@google.com>
Signed-off-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Chris Rauer <crauer@google.com>
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20211008002628.1958285-5-wuhaotsh@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-11-02 14:14:55 -04:00
Daniel P. Berrangé
b6a7f3e0d2 qapi: introduce x-query-opcount QMP command
This is a counterpart to the HMP "info opcount" command. It is being
added with an "x-" prefix because this QMP command is intended as an
ad hoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-02 15:57:20 +00:00
Daniel P. Berrangé
3a841ab53f qapi: introduce x-query-jit QMP command
This is a counterpart to the HMP "info jit" command. It is being
added with an "x-" prefix because this QMP command is intended as an
ad hoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-02 15:57:20 +00:00
Daniel P. Berrangé
fc30920731 qapi: introduce x-query-usb QMP command
This is a counterpart to the HMP "info usb" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-02 15:55:14 +00:00
Daniel P. Berrangé
37087fde0e qapi: introduce x-query-profile QMP command
This is a counterpart to the HMP "info profile" command. It is being
added with an "x-" prefix because this QMP command is intended as an
adhoc debugging tool and will thus not be modelled in QAPI as fully
structured data, nor will it have long term guaranteed stability.
The existing HMP command is rewritten to call the QMP command.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-02 15:55:14 +00:00
Mark Cave-Ayland
fccec5ce17 qtest/am53c974-test: add test for cancelling in-flight requests
Based upon the qtest reproducer posted to Gitlab issue #663 at
https://gitlab.com/qemu-project/qemu/-/issues/663.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20211101183516.8455-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-02 15:57:27 +01:00
Ani Sinha
a8339e07f9 tests/acpi/bios-tables-test: update DSDT blob for multifunction bridge test
We added a new unit test for testing acpi hotplug on multifunction bridges in
q35 machines. Here, we update the DSDT table gloden master blob for this unit
test.

The test adds the following devices to qemu and then checks the changes
introduced in the DSDT table due to the addition of the following devices:

(a) a multifunction bridge device
(b) a bridge device with function 1
(c) a non-bridge device with function 2

In the DSDT table, we should see AML hotplug descriptions for (a) and (b).
For (a) we should find a hotplug AML description for function 0.

Following is the ASL diff between the original DSDT table and the modified DSDT
table due to the unit test. We see that multifunction bridge on bus 2 and single
function bridge on bus 3 function 1 are described, not the non-bridge balloon
device on bus 4, function 2.

@@ -1,30 +1,30 @@
 /*
  * Intel ACPI Component Architecture
  * AML/ASL+ Disassembler version 20190509 (64-bit version)
  * Copyright (c) 2000 - 2019 Intel Corporation
  *
  * Disassembling to symbolic ASL+ operators
  *
- * Disassembly of tests/data/acpi/q35/DSDT, Thu Oct  7 18:29:19 2021
+ * Disassembly of /tmp/aml-C7JCA1, Thu Oct  7 18:29:19 2021
  *
  * Original Table Header:
  *     Signature        "DSDT"
- *     Length           0x00002061 (8289)
+ *     Length           0x00002187 (8583)
  *     Revision         0x01 **** 32-bit table (V1), no 64-bit math support
- *     Checksum         0xF9
+ *     Checksum         0x8D
  *     OEM ID           "BOCHS "
  *     OEM Table ID     "BXPC    "
  *     OEM Revision     0x00000001 (1)
  *     Compiler ID      "BXPC"
  *     Compiler Version 0x00000001 (1)
  */
 DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC    ", 0x00000001)
 {
     Scope (\)
     {
         OperationRegion (DBG, SystemIO, 0x0402, One)
         Field (DBG, ByteAcc, NoLock, Preserve)
         {
             DBGB,   8
         }

@@ -3265,23 +3265,95 @@
                 Method (_S1D, 0, NotSerialized)  // _S1D: S1 Device State
                 {
                     Return (Zero)
                 }

                 Method (_S2D, 0, NotSerialized)  // _S2D: S2 Device State
                 {
                     Return (Zero)
                 }

                 Method (_S3D, 0, NotSerialized)  // _S3D: S3 Device State
                 {
                     Return (Zero)
                 }
             }

+            Device (S10)
+            {
+                Name (_ADR, 0x00020000)  // _ADR: Address
+                Name (BSEL, One)
+                Device (S00)
+                {
+                    Name (_SUN, Zero)  // _SUN: Slot User Number
+                    Name (_ADR, Zero)  // _ADR: Address
+                    Method (_EJ0, 1, NotSerialized)  // _EJx: Eject Device, x=0-9
+                    {
+                        PCEJ (BSEL, _SUN)
+                    }
+
+                    Method (_DSM, 4, Serialized)  // _DSM: Device-Specific Method
+                    {
+                        Return (PDSM (Arg0, Arg1, Arg2, Arg3, BSEL, _SUN))
+                    }
+                }
+
+                Method (DVNT, 2, NotSerialized)
+                {
+                    If ((Arg0 & One))
+                    {
+                        Notify (S00, Arg1)
+                    }
+                }
+
+                Method (PCNT, 0, NotSerialized)
+                {
+                    BNUM = One
+                    DVNT (PCIU, One)
+                    DVNT (PCID, 0x03)
+                }
+            }
+
+            Device (S19)
+            {
+                Name (_ADR, 0x00030001)  // _ADR: Address
+                Name (BSEL, Zero)
+                Device (S00)
+                {
+                    Name (_SUN, Zero)  // _SUN: Slot User Number
+                    Name (_ADR, Zero)  // _ADR: Address
+                    Method (_EJ0, 1, NotSerialized)  // _EJx: Eject Device, x=0-9
+                    {
+                        PCEJ (BSEL, _SUN)
+                    }
+
+                    Method (_DSM, 4, Serialized)  // _DSM: Device-Specific Method
+                    {
+                        Return (PDSM (Arg0, Arg1, Arg2, Arg3, BSEL, _SUN))
+                    }
+                }
+
+                Method (DVNT, 2, NotSerialized)
+                {
+                    If ((Arg0 & One))
+                    {
+                        Notify (S00, Arg1)
+                    }
+                }
+
+                Method (PCNT, 0, NotSerialized)
+                {
+                    BNUM = Zero
+                    DVNT (PCIU, One)
+                    DVNT (PCID, 0x03)
+                }
+            }
+
             Method (PCNT, 0, NotSerialized)
             {
+                ^S19.PCNT ()
+                ^S10.PCNT ()
             }
         }
     }
 }

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Message-Id: <20211007135750.1277213-4-ani@anisinha.ca>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
2021-10-20 06:18:17 -04:00
Ani Sinha
04dd78b9e8 tests/acpi/pcihp: add unit tests for hotplug on multifunction bridges for q35
commit d7346e614f ("acpi: x86: pcihp: add support hotplug on multifunction bridges")
added ACPI hotplug descriptions for cold plugged bridges for functions other
than 0. For all other devices, the ACPI hotplug descriptions are limited to
function 0 only. This change adds unit tests for this feature.

This test adds the following devices to qemu and then checks the changes
introduced in the DSDT table due to the addition of the following devices:

(a) a multifunction bridge device
(b) a bridge device with function 1
(c) a non-bridge device with function 2

In the DSDT table, we should see AML hotplug descriptions for (a) and (b).
For (a) we should find a hotplug AML description for function 0.

The following diff compares the DSDT table AML with the new unit test before
and after the change d7346e614f is introduced. In other words,
this diff reflects the changes that occurs in the DSDT table due to the change
d7346e614f .

@@ -1,60 +1,38 @@
 /*
  * Intel ACPI Component Architecture
  * AML/ASL+ Disassembler version 20190509 (64-bit version)
  * Copyright (c) 2000 - 2019 Intel Corporation
  *
  * Disassembling to symbolic ASL+ operators
  *
- * Disassembly of tests/data/acpi/q35/DSDT.multi-bridge, Thu Oct  7 18:56:05 2021
+ * Disassembly of /tmp/aml-AN0DA1, Thu Oct  7 18:56:05 2021
  *
  * Original Table Header:
  *     Signature        "DSDT"
- *     Length           0x000020FE (8446)
+ *     Length           0x00002187 (8583)
  *     Revision         0x01 **** 32-bit table (V1), no 64-bit math support
- *     Checksum         0xDE
+ *     Checksum         0x8D
  *     OEM ID           "BOCHS "
  *     OEM Table ID     "BXPC    "
  *     OEM Revision     0x00000001 (1)
  *     Compiler ID      "BXPC"
  *     Compiler Version 0x00000001 (1)
  */
 DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC    ", 0x00000001)
 {
-    /*
-     * iASL Warning: There was 1 external control method found during
-     * disassembly, but only 0 were resolved (1 unresolved). Additional
-     * ACPI tables may be required to properly disassemble the code. This
-     * resulting disassembler output file may not compile because the
-     * disassembler did not know how many arguments to assign to the
-     * unresolved methods. Note: SSDTs can be dynamically loaded at
-     * runtime and may or may not be available via the host OS.
-     *
-     * In addition, the -fe option can be used to specify a file containing
-     * control method external declarations with the associated method
-     * argument counts. Each line of the file must be of the form:
-     *     External (<method pathname>, MethodObj, <argument count>)
-     * Invocation:
-     *     iasl -fe refs.txt -d dsdt.aml
-     *
-     * The following methods were unresolved and many not compile properly
-     * because the disassembler had to guess at the number of arguments
-     * required for each:
-     */
-    External (_SB_.PCI0.S19_.PCNT, MethodObj)    // Warning: Unknown method, guessing 1 arguments
-
     Scope (\)
     {
         OperationRegion (DBG, SystemIO, 0x0402, One)
         Field (DBG, ByteAcc, NoLock, Preserve)
         {
             DBGB,   8
         }

         Method (DBUG, 1, NotSerialized)
         {
             ToHexString (Arg0, Local0)
             ToBuffer (Local0, Local0)
             Local1 = (SizeOf (Local0) - One)
             Local2 = Zero
             While ((Local2 < Local1))
             {
@@ -3322,24 +3300,60 @@
                 Method (DVNT, 2, NotSerialized)
                 {
                     If ((Arg0 & One))
                     {
                         Notify (S00, Arg1)
                     }
                 }

                 Method (PCNT, 0, NotSerialized)
                 {
                     BNUM = One
                     DVNT (PCIU, One)
                     DVNT (PCID, 0x03)
                 }
             }

+            Device (S19)
+            {
+                Name (_ADR, 0x00030001)  // _ADR: Address
+                Name (BSEL, Zero)
+                Device (S00)
+                {
+                    Name (_SUN, Zero)  // _SUN: Slot User Number
+                    Name (_ADR, Zero)  // _ADR: Address
+                    Method (_EJ0, 1, NotSerialized)  // _EJx: Eject Device, x=0-9
+                    {
+                        PCEJ (BSEL, _SUN)
+                    }
+
+                    Method (_DSM, 4, Serialized)  // _DSM: Device-Specific Method
+                    {
+                        Return (PDSM (Arg0, Arg1, Arg2, Arg3, BSEL, _SUN))
+                    }
+                }
+
+                Method (DVNT, 2, NotSerialized)
+                {
+                    If ((Arg0 & One))
+                    {
+                        Notify (S00, Arg1)
+                    }
+                }
+
+                Method (PCNT, 0, NotSerialized)
+                {
+                    BNUM = Zero
+                    DVNT (PCIU, One)
+                    DVNT (PCID, 0x03)
+                }
+            }
+
             Method (PCNT, 0, NotSerialized)
             {
-                ^S19.PCNT (^S10.PCNT ())
+                ^S19.PCNT ()
+                ^S10.PCNT ()
             }
         }
     }
 }

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Message-Id: <20211007135750.1277213-3-ani@anisinha.ca>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2021-10-20 06:18:17 -04:00
Ani Sinha
6dcb1cc951 tests/acpi/bios-tables-test: add and allow changes to a new q35 DSDT table blob
We are adding a new unit test to cover the acpi hotplug support in q35 for
multi-function bridges. This test uses a new table DSDT.multi-bridge.
We need to allow changes in DSDT acpi table for addition of this new
unit test.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Message-Id: <20211007135750.1277213-2-ani@anisinha.ca>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
2021-10-20 06:18:17 -04:00
Michael S. Tsirkin
81d7228647 bios-tables-test: don't disassemble empty files
A recommended way to populate new tables is to have an
empty expected file. In this case, attempts to disassemble
will fail but it is useful to disassemble the actual files.
Detect and skip decompile step in this case.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:44:05 -04:00
Stefan Hajnoczi
515efffc2f vhost-user-blk-test: pass vhost-user socket fds to QSD
qemu-storage-daemon is launched with the vhost-user listen socket path.
The path is first unlinked before opening the listen socket. This
prevents stale UNIX domain socket files from stopping socket
initialization.

This behavior is undesirable in vhost-user-blk-test and the cause of a
bug:

There is a race condition in vhost-user-blk-test when QEMU launches
before QSD. It connects to the old socket that QSD unlinks and the
vhost-user connection is never serviced, resulting in a hang.

Pass the listen socket fd to QSD to maintain listen socket continuity
and prevent the lost connection.

Fixes: 806952026d ("test: new qTest case to test the vhost-user-blk-server")
Cc: Raphael Norwitz <raphael.norwitz@nutanix.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Thomas Huth <thuth@redhat.com>
Cc: Coiby Xu <coiby.xu@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20211019135655.83067-1-stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
220ffd949b tests: bios-tables-test: use qtest_has_accel() API to register TCG only tests
.. only if TCG is available

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-16-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
b72c76033d tests: migration-test: use qtest_has_accel() API
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Suggested-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210902113551.461632-15-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
07e6ed2c79 tests: arm-cpu-features: use qtest_has_kvm() API
and drop custom function that were doing the job

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-14-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
709611cb23 tests: acpi: arm/virt: drop redundant test_acpi_one() in test_acpi_virt_tcg()
follow up call with smbios options generates the same ACPI tables,
so there is no need to run smbios-less variant at all.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-13-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
ef422a1422 tests: acpi: update expected blobs
DSDT:
+            Device (S10)
+            {
+                Name (_ADR, 0x00020000)  // _ADR: Address
+            }

New IVRS table:

[000h 0000   4]                    Signature : "IVRS"    [I/O Virtualization Reporting Structure]
[004h 0004   4]                 Table Length : 00000068
[008h 0008   1]                     Revision : 01
[009h 0009   1]                     Checksum : 43
[00Ah 0010   6]                       Oem ID : "BOCHS "
[010h 0016   8]                 Oem Table ID : "BXPC    "
[018h 0024   4]                 Oem Revision : 00000001
[01Ch 0028   4]              Asl Compiler ID : "BXPC"
[020h 0032   4]        Asl Compiler Revision : 00000001

[024h 0036   4]          Virtualization Info : 00002800
[028h 0040   8]                     Reserved : 0000000000000000

[030h 0048   1]                Subtable Type : 10 [Hardware Definition Block]
[031h 0049   1]                        Flags : D1
[032h 0050   2]                       Length : 0038
[034h 0052   2]                     DeviceId : 0010

[036h 0054   2]            Capability Offset : 0040
[038h 0056   8]                 Base Address : 00000000FED80000
[040h 0064   2]            PCI Segment Group : 0000
[042h 0066   2]          Virtualization Info : 0000
[044h 0068   4]                     Reserved : 00000044

[048h 0072   1]                   Entry Type : 02
[049h 0073   2]                    Device ID : 0000
[04Bh 0075   1]                 Data Setting : 00

[04Ch 0076   1]                   Entry Type : 02
[04Dh 0077   2]                    Device ID : 0008
[04Fh 0079   1]                 Data Setting : 00

[050h 0080   1]                   Entry Type : 02
[051h 0081   2]                    Device ID : 0010
[053h 0083   1]                 Data Setting : 00

[054h 0084   1]                   Entry Type : 02
[055h 0085   2]                    Device ID : 00F8
[057h 0087   1]                 Data Setting : 00

[058h 0088   1]                   Entry Type : 02
[059h 0089   2]                    Device ID : 00FA
[05Bh 0091   1]                 Data Setting : 00

[05Ch 0092   1]                   Entry Type : 02
[05Dh 0093   2]                    Device ID : 00FB
[05Fh 0095   1]                 Data Setting : 00

[060h 0096   1]                   Entry Type : 48
[061h 0097   2]                    Device ID : 0000
[063h 0099   1]                 Data Setting : 00
[064h 0100   1]                       Handle : 00
[065h 0101   2]        Source Used Device ID : 00A0
[067h 0103   1]                      Variety : 01

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-12-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
a4c730cbb2 tests: acpi: add testcase for amd-iommu (IVRS table)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-11-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
c5a7baad29 tests: acpi: whitelist expected blobs for new acpi/q35/ivrs testcase
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-10-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
44d3bdd8a6 tests: acpi: add expected blob for DMAR table
[000h 0000   4]                    Signature : "DMAR"    [DMA Remapping table]
[004h 0004   4]                 Table Length : 00000078
[008h 0008   1]                     Revision : 01
[009h 0009   1]                     Checksum : 15
[00Ah 0010   6]                       Oem ID : "BOCHS "
[010h 0016   8]                 Oem Table ID : "BXPC    "
[018h 0024   4]                 Oem Revision : 00000001
[01Ch 0028   4]              Asl Compiler ID : "BXPC"
[020h 0032   4]        Asl Compiler Revision : 00000001

[024h 0036   1]           Host Address Width : 26
[025h 0037   1]                        Flags : 01
[026h 0038  10]                     Reserved : 00 00 00 00 00 00 00 00 00 00

[030h 0048   2]                Subtable Type : 0000 [Hardware Unit Definition]
[032h 0050   2]                       Length : 0040

[034h 0052   1]                        Flags : 00
[035h 0053   1]                     Reserved : 00
[036h 0054   2]           PCI Segment Number : 0000
[038h 0056   8]        Register Base Address : 00000000FED90000

[040h 0064   1]            Device Scope Type : 03 [IOAPIC Device]
[041h 0065   1]                 Entry Length : 08
[042h 0066   2]                     Reserved : 0000
[044h 0068   1]               Enumeration ID : 00
[045h 0069   1]               PCI Bus Number : FF

[046h 0070   2]                     PCI Path : 00,00

[048h 0072   1]            Device Scope Type : 01 [PCI Endpoint Device]
[049h 0073   1]                 Entry Length : 08
[04Ah 0074   2]                     Reserved : 0000
[04Ch 0076   1]               Enumeration ID : 00
[04Dh 0077   1]               PCI Bus Number : 00

[04Eh 0078   2]                     PCI Path : 00,00

[050h 0080   1]            Device Scope Type : 01 [PCI Endpoint Device]
[051h 0081   1]                 Entry Length : 08
[052h 0082   2]                     Reserved : 0000
[054h 0084   1]               Enumeration ID : 00
[055h 0085   1]               PCI Bus Number : 00

[056h 0086   2]                     PCI Path : 01,00

[058h 0088   1]            Device Scope Type : 01 [PCI Endpoint Device]
[059h 0089   1]                 Entry Length : 08
[05Ah 0090   2]                     Reserved : 0000
[05Ch 0092   1]               Enumeration ID : 00
[05Dh 0093   1]               PCI Bus Number : 00

[05Eh 0094   2]                     PCI Path : 1F,00

[060h 0096   1]            Device Scope Type : 01 [PCI Endpoint Device]
[061h 0097   1]                 Entry Length : 08
[062h 0098   2]                     Reserved : 0000
[064h 0100   1]               Enumeration ID : 00
[065h 0101   1]               PCI Bus Number : 00

[066h 0102   2]                     PCI Path : 1F,02

[068h 0104   1]            Device Scope Type : 01 [PCI Endpoint Device]
[069h 0105   1]                 Entry Length : 08
[06Ah 0106   2]                     Reserved : 0000
[06Ch 0108   1]               Enumeration ID : 00
[06Dh 0109   1]               PCI Bus Number : 00

[06Eh 0110   2]                     PCI Path : 1F,03

[070h 0112   2]                Subtable Type : 0002 [Root Port ATS Capability]
[072h 0114   2]                       Length : 0008

[074h 0116   1]                        Flags : 01
[075h 0117   1]                     Reserved : 00
[076h 0118   2]           PCI Segment Number : 0000

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-9-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
0ff92b6d99 tests: acpi: add testcase for intel_iommu (DMAR table)
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-8-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
f6826ac4ae tests: acpi: whitelist new expected table tests/data/acpi/q35/DMAR.dmar
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-7-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
b59a898458 tests: acpi: update expected tables blobs
Update adds CPU entries to MADT/SRAT/FACP and DSDT to cover 288 CPUs.
Notable changes are that CPUs with APIC ID 255 and higher
use 'Processor Local x2APIC Affinity' structure in SRAT and
"Device" element in DSDT.

FACP:
-                 Use APIC Cluster Model (V4) : 0
+                 Use APIC Cluster Model (V4) : 1

SRAT:
...
+[1010h 4112   1]                Subtable Type : 00 [Processor Local APIC/SAPIC Affinity]
+[1011h 4113   1]                       Length : 10
+
+[1012h 4114   1]      Proximity Domain Low(8) : 00
+[1013h 4115   1]                      Apic ID : FE
+[1014h 4116   4]        Flags (decoded below) : 00000001
+                                     Enabled : 1
+[1018h 4120   1]              Local Sapic EID : 00
+[1019h 4121   3]    Proximity Domain High(24) : 000000
+[101Ch 4124   4]                 Clock Domain : 00000000
+
+[1020h 4128   1]                Subtable Type : 02 [Processor Local x2APIC Affinity]
+[1021h 4129   1]                       Length : 18
+
+[1022h 4130   2]                    Reserved1 : 0000
+[1024h 4132   4]             Proximity Domain : 00000001
+[1028h 4136   4]                      Apic ID : 000000FF
+[102Ch 4140   4]        Flags (decoded below) : 00000001
+                                     Enabled : 1
+[1030h 4144   4]                 Clock Domain : 00000000
+[1034h 4148   4]                    Reserved2 : 00000000

...

+[1320h 4896   1]                Subtable Type : 02 [Processor Local x2APIC Affinity]
+[1321h 4897   1]                       Length : 18
+
+[1322h 4898   2]                    Reserved1 : 0000
+[1324h 4900   4]             Proximity Domain : 00000001
+[1328h 4904   4]                      Apic ID : 0000011F
+[132Ch 4908   4]        Flags (decoded below) : 00000001
+                                     Enabled : 1
+[1330h 4912   4]                 Clock Domain : 00000000
+[1334h 4916   4]                    Reserved2 : 00000000

DSDT:

...
+            Processor (C0FE, 0xFE, 0x00000000, 0x00)
+            {
...
+            }
+
+            Device (C0FF)
+            {
+                Name (_HID, "ACPI0007" /* Processor Device */)  // _HID: Hardware ID
+                Name (_UID, 0xFF)  // _UID: Unique ID
...
+            }

+            Device (C11F)
+            {
+                Name (_HID, "ACPI0007" /* Processor Device */)  // _HID: Hardware ID
+                Name (_UID, 0x011F)  // _UID: Unique ID
...
+            }

APIC:
+[034h 0052   1]                Subtable Type : 00 [Processor Local APIC]
+[035h 0053   1]                       Length : 08
+[036h 0054   1]                 Processor ID : 01
+[037h 0055   1]                Local Apic ID : 01
+[038h 0056   4]        Flags (decoded below) : 00000000
+                           Processor Enabled : 0

...

+[81Ch 2076   1]                Subtable Type : 00 [Processor Local APIC]
+[81Dh 2077   1]                       Length : 08
+[81Eh 2078   1]                 Processor ID : FE
+[81Fh 2079   1]                Local Apic ID : FE
+[820h 2080   4]        Flags (decoded below) : 00000000
+                           Processor Enabled : 0
+
+[824h 2084   1]                Subtable Type : 09 [Processor Local x2APIC]
+[825h 2085   1]                       Length : 10
+[826h 2086   2]                     Reserved : 0000
+[828h 2088   4]          Processor x2Apic ID : 000000FF
+[82Ch 2092   4]        Flags (decoded below) : 00000000
+                           Processor Enabled : 0
+[830h 2096   4]                Processor UID : 000000FF

...

+[A24h 2596   1]                Subtable Type : 09 [Processor Local x2APIC]
+[A25h 2597   1]                       Length : 10
+[A26h 2598   2]                     Reserved : 0000
+[A28h 2600   4]          Processor x2Apic ID : 0000011F
+[A2Ch 2604   4]        Flags (decoded below) : 00000000
+                           Processor Enabled : 0
+[A30h 2608   4]                Processor UID : 0000011F
+
+[A34h 2612   1]                Subtable Type : 01 [I/O APIC]
+[A35h 2613   1]                       Length : 0C
+[A36h 2614   1]                  I/O Apic ID : 00
+[A37h 2615   1]                     Reserved : 00
+[A38h 2616   4]                      Address : FEC00000
+[A3Ch 2620   4]                    Interrupt : 00000000
+
+[A40h 2624   1]                Subtable Type : 02 [Interrupt Source Override]
+[A41h 2625   1]                       Length : 0A
+[A42h 2626   1]                          Bus : 00
+[A43h 2627   1]                       Source : 00
+[A44h 2628   4]                    Interrupt : 00000002
+[A48h 2632   2]        Flags (decoded below) : 0000
                                     Polarity : 0
                                 Trigger Mode : 0

-[04Ah 0074   1]                Subtable Type : 02 [Interrupt Source Override]
-[04Bh 0075   1]                       Length : 0A
-[04Ch 0076   1]                          Bus : 00
-[04Dh 0077   1]                       Source : 05
-[04Eh 0078   4]                    Interrupt : 00000005
-[052h 0082   2]        Flags (decoded below) : 000D
+[A4Ah 2634   1]                Subtable Type : 02 [Interrupt Source Override]
+[A4Bh 2635   1]                       Length : 0A
+[A4Ch 2636   1]                          Bus : 00
+[A4Dh 2637   1]                       Source : 05
+[A4Eh 2638   4]                    Interrupt : 00000005
+[A52h 2642   2]        Flags (decoded below) : 000D
                                     Polarity : 1
                                 Trigger Mode : 3

-[054h 0084   1]                Subtable Type : 02 [Interrupt Source Override]
-[055h 0085   1]                       Length : 0A
-[056h 0086   1]                          Bus : 00
-[057h 0087   1]                       Source : 09
-[058h 0088   4]                    Interrupt : 00000009
-[05Ch 0092   2]        Flags (decoded below) : 000D
+[A54h 2644   1]                Subtable Type : 02 [Interrupt Source Override]
+[A55h 2645   1]                       Length : 0A
+[A56h 2646   1]                          Bus : 00
+[A57h 2647   1]                       Source : 09
+[A58h 2648   4]                    Interrupt : 00000009
+[A5Ch 2652   2]        Flags (decoded below) : 000D
                                     Polarity : 1
                                 Trigger Mode : 3

-[05Eh 0094   1]                Subtable Type : 02 [Interrupt Source Override]
-[05Fh 0095   1]                       Length : 0A
-[060h 0096   1]                          Bus : 00
-[061h 0097   1]                       Source : 0A
-[062h 0098   4]                    Interrupt : 0000000A
-[066h 0102   2]        Flags (decoded below) : 000D
+[A5Eh 2654   1]                Subtable Type : 02 [Interrupt Source Override]
+[A5Fh 2655   1]                       Length : 0A
+[A60h 2656   1]                          Bus : 00
+[A61h 2657   1]                       Source : 0A
+[A62h 2658   4]                    Interrupt : 0000000A
+[A66h 2662   2]        Flags (decoded below) : 000D
                                     Polarity : 1
                                 Trigger Mode : 3

-[068h 0104   1]                Subtable Type : 02 [Interrupt Source Override]
-[069h 0105   1]                       Length : 0A
-[06Ah 0106   1]                          Bus : 00
-[06Bh 0107   1]                       Source : 0B
-[06Ch 0108   4]                    Interrupt : 0000000B
-[070h 0112   2]        Flags (decoded below) : 000D
+[A68h 2664   1]                Subtable Type : 02 [Interrupt Source Override]
+[A69h 2665   1]                       Length : 0A
+[A6Ah 2666   1]                          Bus : 00
+[A6Bh 2667   1]                       Source : 0B
+[A6Ch 2668   4]                    Interrupt : 0000000B
+[A70h 2672   2]        Flags (decoded below) : 000D
                                     Polarity : 1
                                 Trigger Mode : 3

-[072h 0114   1]                Subtable Type : 04 [Local APIC NMI]
-[073h 0115   1]                       Length : 06
-[074h 0116   1]                 Processor ID : FF
-[075h 0117   2]        Flags (decoded below) : 0000
+[A72h 2674   1]                Subtable Type : 0A [Local x2APIC NMI]
+[A73h 2675   1]                       Length : 0C
+[A74h 2676   2]        Flags (decoded below) : 0000
                                     Polarity : 0
                                 Trigger Mode : 0
-[077h 0119   1]         Interrupt Input LINT : 01
+[A76h 2678   4]                Processor UID : FFFFFFFF
+[A7Ah 2682   1]         Interrupt Input LINT : 01
+[A7Bh 2683   3]                     Reserved : 000000

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-6-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
80a2f3387c tests: acpi: q35: test for x2APIC entries in SRAT
Set -smp 1,maxcpus=288 to test for ACPI code that
deal with CPUs with large APIC ID (>255).

PS:
Test requires KVM and in-kernel irqchip support,
so skip test if KVM is not available.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-5-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
c306cdb0cc tests: acpi: whitelist expected tables for acpi/q35/xapic testcase
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-4-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
e741aff0f4 tests: qtest: add qtest_has_accel() to check if tested binary supports accelerator
Currently it is not possible to create tests that have KVM as a hard
requirement on a host that doesn't support KVM for tested target
binary (modulo going through the trouble of compiling out
the offending test case).

Following scenario makes test fail when it's run on non x86 host:
  qemu-system-x86_64 -enable-kvm -M q35,kernel-irqchip=on -smp 1,maxcpus=288

This patch introduces qtest_has_accel() to let users check if accel is
available in advance and avoid executing non run-able test-cases.

It implements detection of TCG and KVM only, the rest could be
added later on, when we actually start testing them in qtest.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-3-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Igor Mammedov
685db13a38 tests: acpi: dump table with failed checksum
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20210902113551.461632-2-imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-10-20 04:37:55 -04:00
Paolo Bonzini
537b724899 configure, meson: move fuzzing configuration to Meson
Cc: Alexander Oleinik <alxndr@bu.edu>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20211007130829.632254-2-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-10-14 09:50:56 +02:00
Paolo Bonzini
654d6b0453 meson: switch minimum meson version to 0.58.2, minimum recommended to 0.59.2
Meson 0.58.2 does not need b_staticpic=$pie anymore, and has
stabilized the keyval module.  Remove the workaround and use a few
replacements for features deprecated in the 0.57.0 release cycle.

One feature that we would like to use is passing dependencies to
summary.  However, that was broken in 0.59.0 and 0.59.1.  Therefore,
use the embedded Meson if the host has anything older than 0.59.2,
but allow --meson= to use 0.58.2.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-10-05 13:10:29 +02:00
Yanan Wang
bbb0c0ec6d qtest/numa-test: Use detailed -smp CLIs in test_def_cpu_split
Since commit 80d7835749 (qemu-options: rewrite help for -smp options),
the preference of sockets/cores in -smp parsing is considered liable
to change, and actually we are going to change it in a coming commit.
So it'll be more stable to use detailed -smp CLIs in the testcases
that have strong dependency on the parsing results.

Currently, test_def_cpu_split use "-smp 8" and will get 8 CPU sockets
based on current parsing rule. But if we change to prefer cores over
sockets we will get one CPU socket with 8 cores, and this testcase
will not get expected numa set by default on x86_64 (Ok on aarch64).

So now explicitly use "-smp 8,sockets=8" to avoid affect from parsing
logic change.

Signed-off-by: Yanan Wang <wangyanan55@huawei.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210929025816.21076-9-wangyanan55@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-10-01 15:27:56 +02:00
Yanan Wang
afc8e9aaa7 qtest/numa-test: Use detailed -smp CLIs in pc_dynamic_cpu_cfg
Since commit 80d7835749 (qemu-options: rewrite help for -smp options),
the preference of sockets/cores in -smp parsing is considered liable
to change, and actually we are going to change it in a coming commit.
So it'll be more stable to use detailed -smp CLIs in testing if we
have strong dependency on the parsing results.

pc_dynamic_cpu_cfg currently assumes/needs that there will be 2 CPU
sockets with "-smp 2". To avoid breaking the test because of parsing
logic change, now explicitly use "-smp 2,sockets=2".

Signed-off-by: Yanan Wang <wangyanan55@huawei.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210929025816.21076-8-wangyanan55@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-10-01 15:27:56 +02:00
Paolo Bonzini
809954efc2 tests: qtest: bios-tables-test depends on the unpacked edk2 ROMs
Skip the test if bzip2 is not available, and run it after they are
uncompressed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210923105529.3845741-2-pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-09-30 15:30:24 +02:00
Yang Zhong
0205c4fa1e target/i386: Add the query-sgx-capabilities QMP command
Libvirt can use query-sgx-capabilities to get the host
sgx capabilities to decide how to allocate SGX EPC size to VM.

Signed-off-by: Yang Zhong <yang.zhong@intel.com>
Message-Id: <20210910102258.46648-3-yang.zhong@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-09-30 15:30:24 +02:00
Yang Zhong
57d874c4c7 target/i386: Add HMP and QMP interfaces for SGX
The QMP and HMP interfaces can be used by monitor or QMP tools to retrieve
the SGX information from VM side when SGX is enabled on Intel platform.

Signed-off-by: Yang Zhong <yang.zhong@intel.com>
Message-Id: <20210910102258.46648-2-yang.zhong@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-09-30 15:30:24 +02:00
Peter Maydell
aca68d95c5 libqtest: check for g_setenv() failure
g_setenv() can fail; check for it when starting a QEMU process
when we set the QEMU_AUDIO_DRV environment variable.

Because this happens after fork() reporting an exact message
via printf() is a bad idea; just exit(1), as we already do
for the case of execlp() failure.

Fixes: Coverity CID 1460117
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210820163750.9106-1-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-09-06 09:07:00 +02:00
Peter Maydell
8664d30a30 Fuzzing Patches for 2021-09-01
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE+tTiv4cTddY0BRfETmYd3lg6lk4FAmEvZwgACgkQTmYd3lg6
 lk6nCw//X5wVWFBHDw+7nQ3lpu/rYTVTdqzdwgcOih5ima4ZeqmRbEMGhKYHcekZ
 YQxAP3r4k11Fp2Jev4CS18c4TVE/jYE7d8RwS5ROGTT8IOhe3Ntgd6d5MNjIdm86
 HwaTmmrxpL2cCWUgCGX8H+BXT0p+sjNpMTXfgu9CYlYEgVQKVRiTBTEsCku12FRM
 kwqHaFzJZoFMd45NhbH2wHt/dmDVuVYp7UuCM/HzNFKLO8E25sBLQip97RRTgInB
 iT9vadTYsgkrdRbIWiQbP8vWKL4D0SS7Sw6DYlxTCYhEEZffiiXPVqEwf+qr9LRX
 sLui6vMyjLB4yhjsg5AEd0IMZSP4H431su6YEuP0XOXG5yh5nSNkGVim0ezt1UBF
 DDvYDumVK0P4seCVhK87fEejW9+GAlTSf65LBcK07JSo5DLyRzfmwBXQM3EKzdCK
 y58Jthkmlhe4zym40WNwM91QFaNuWAD0pdvB9fa9OcidvuLgkhdgN72LJVgZSoq9
 7UuWSV6laTnTAIP1YL4R5fvq1r5gNE1cnzCFf6th87pmvOUhO43Y2dT6Me8UR0v8
 B7tHxtAiZJkfWvOYL4Jy3vaBXuivZCtEYUUDc0Y0Cmzfd9DnvnkxrKirZ6ECoyDs
 RsR6nUO1tbpe0ekdl8EvYG3PRt8iHIahZ25GnKcUSTRFydetPqE=
 =ec6M
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/a1xndr/tags/fuzz-pull-2021-09-01' into staging

Fuzzing Patches for 2021-09-01

# gpg: Signature made Wed 01 Sep 2021 12:42:00 BST
# gpg:                using RSA key FAD4E2BF871375D6340517C44E661DDE583A964E
# gpg: Good signature from "Alexander Bulekov <alxndr@bu.edu>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAD4 E2BF 8713 75D6 3405  17C4 4E66 1DDE 583A 964E

* remotes/a1xndr/tags/fuzz-pull-2021-09-01:
  MAINTAINERS: add fuzzing reviewer
  MAINTAINERS: Add myself as a reviewer for Device Fuzzing
  fuzz: unblock SIGALRM so the timeout works
  fuzz: use ITIMER_REAL for timeouts
  fuzz: add an instrumentation filter
  fuzz: make object-name matching case-insensitive
  fuzz: adjust timeout to allow for longer inputs
  fuzz: fix sparse memory access in the DMA callback

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-09-02 14:59:05 +01:00
Peter Maydell
59a89510b6 Merge tpm 2021/09/01 v1
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmEvbmcACgkQda1lgCoL
 QhEmtggAgWR8p/4awhUoTscEkLBoilxJATTZBkxbN8NrRYmOIIn29QShhEDhvuG9
 t6ch0DrJuSVMISTnMHtE5XJKBBD8vFS04SaD4Op8NgOyKTd2fQSXx6SyqgQVK0ui
 zfZFjcjam9i+onIGVCSoUkGRL5GMOTougTh4SwMndR9sL9cn7lUQEJZbk7kS1II6
 5r6uvKPtY4fyvxsi0wcHOYFSeajJfQOVZkav7JCnvuXiiCjQzZw2Aadsvrkmt3Y4
 oaOTiOvYWJhNqFhWSuyY7gS4E4fjShwr3UuOcsmKUTu56Uf2GgdA9w4+AfZJQSxG
 C1Vi+u5J8+oZzVHna9T1lRKQ5wLfCA==
 =IprO
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2021-09-01-1' into staging

Merge tpm 2021/09/01 v1

# gpg: Signature made Wed 01 Sep 2021 13:13:27 BST
# gpg:                using RSA key B818B9CADF9089C2D5CEC66B75AD65802A0B4211
# gpg: Good signature from "Stefan Berger <stefanb@linux.vnet.ibm.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B818 B9CA DF90 89C2 D5CE  C66B 75AD 6580 2A0B 4211

* remotes/stefanberger/tags/pull-tpm-2021-09-01-1:
  tests: acpi: tpm1.2: Add expected TPM 1.2 ACPI blobs
  tests: acpi: Add test cases for TPM 1.2 with TCPA table
  tests: Use QMP to check whether a TPM device model is available
  tests: acpi: prepare for new TPM 1.2 related tables
  tests: tpm: Create TPM 1.2 response in TPM emulator
  tests: acpi: tpm2: Add the renamed ACPI files and drop old ones
  tests: Add suffix 'tpm2' or 'tpm12' to ACPI table files
  tests: acpi: Prepare for renaming of TPM2 related ACPI files
  tests: Add tpm_version field to TPMTestState and fill it
  tests: Rename TestState to TPMTestState

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-09-02 08:51:31 +01:00
Peter Maydell
079b1252e9 * Refactor M-profile systick to use Clocks instead of system_clock_scale global
* clock: Provide builtin multiplier/divider
  * Add A64FX processor model
  * Enable MVE emulation in Cortex-M55
  * hw: Add compat machines for 6.2
  * hw/intc/arm_gicv3: Replace mis-used MEMTX_* constants by booleans
  * hw/arm/raspi: Remove deprecated raspi2/raspi3 aliases
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmEvV40ZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3gO9EACbRq2XN67/3n8icVlCA/R0
 c1NKdar5yngG7EUoKg8rIHWSG4nlvGQxEsInjqccWpXUBwhRbmjIoI7OWOTVcNKL
 IxZPDgS619CPpUrOPtOouYYl3RiKpNS6v1BAne1IsZrMtydrioRCZIh8Wiz1cAod
 Ok8ts1hZIyg+n5gpYjeXs57Afsms4SCnt0zJT/4/VZXZmi+ohHVOzFX/ZGKmZyMP
 2lUHX8DcBCPW6JPt4poIP9MVs+44v9RajSMHfHFkNkJb0Q8sh+fgKbAdnxOW/6d+
 B381tMPtT5D1FZ5UmIwJl6XzY3JLJyU2ySQOtXlnkGWniuihxIwG0qBxwMsbPFrl
 bcTuJK5C20DmjFNH9jk9LMzKD4rDrLcADfoo/AfPe/JqTpE1t6zXcOzAgVTrPNx/
 tSDAXHAsmnJ2Y5O7h5MRUSG6R4h7+PRoutXQyGRi39VMNkiPmqltQtM9N1UaguOe
 +X3w3yjtsCotN1cLWq0u/UuC7FoDoCge/uBSzYIKoeu/WyJFGjuocWGg7TmwOJyd
 TzqrSOqCsAx9DhVJ1trO82qb31zpyFf4B1C05PMaoudzlgMfWfvXVDrtcRmO+kjn
 DmUB4vqz5g2jGroJWAVuN+wz245KqkSaHA6RRI5wf9n57H56T0Rfxa2o73A9TLZy
 M4T9XiJxDByGODYTu8ejXQ==
 =D5pQ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210901' into staging

 * Refactor M-profile systick to use Clocks instead of system_clock_scale global
 * clock: Provide builtin multiplier/divider
 * Add A64FX processor model
 * Enable MVE emulation in Cortex-M55
 * hw: Add compat machines for 6.2
 * hw/intc/arm_gicv3: Replace mis-used MEMTX_* constants by booleans
 * hw/arm/raspi: Remove deprecated raspi2/raspi3 aliases

# gpg: Signature made Wed 01 Sep 2021 11:35:57 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20210901: (51 commits)
  arm: Remove system_clock_scale global
  hw/timer/stellaris-gptm: Use Clock input instead of system_clock_scale
  hw/arm/stellaris: Split stellaris-gptm into its own file
  hw/arm/stellaris: Fix code style issues in GPTM code
  hw/timer/armv7m_systick: Use clock inputs instead of system_clock_scale
  hw/arm/msf2-soc: Wire up refclk
  hw/arm/msf2: Use Clock input to MSF2_SOC instead of m3clk property
  hw/arm/msf2_soc: Don't allocate separate MemoryRegions
  hw/arm/stellaris: Wire sysclk up to armv7m
  hw/arm/stellaris: split stellaris_sys_init()
  hw/arm/nrf51: Wire up sysclk
  hw/arm/stm32vldiscovery: Delete trailing blank line
  hw/arm/stm32f405: Wire up sysclk and refclk
  hw/arm/stm32f205: Wire up sysclk and refclk
  hw/arm/stm32f100: Wire up sysclk and refclk
  hw/arm: Don't allocate separate MemoryRegions in stm32 SoC realize
  clock: Provide builtin multiplier/divider
  hw/arm/mps2.c: Connect up armv7m clocks
  armsse: Wire up systick cpuclk clock
  hw/arm/armv7m: Create input clocks
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-09-01 17:45:38 +01:00
Alexander Bulekov
aaa94a1b3c fuzz: unblock SIGALRM so the timeout works
The timeout mechanism won't work if SIGALRM is blocked. This changes
unmasks SIGALRM when the timer is installed. This doesn't completely
solve the problem, as the fuzzer could trigger some device activity that
re-masks SIGALRM. However, there are currently no inputs on OSS-Fuzz
that re-mask SIGALRM and timeout. If that turns out to be a real issue,
we could try to hook sigmask-type calls, or use a separate timer thread.

Based-on: <20210713150037.9297-1-alxndr@bu.edu>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
2021-09-01 07:33:13 -04:00
Alexander Bulekov
40c0d963db fuzz: use ITIMER_REAL for timeouts
Using ITIMER_VIRTUAL is a bad idea, if the fuzzer hits a blocking
syscall - e.g. ppoll with a NULL timespec. This causes timeout issues
while fuzzing some block-device code. Fix that by using wall-clock time.
This might cause inputs to timeout sometimes due to scheduling
effects/ambient load, but it is better than bringing the entire fuzzing
process to a halt.

Based-on: <20210713150037.9297-1-alxndr@bu.edu>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
2021-09-01 07:33:13 -04:00
Alexander Bulekov
f2e8b87a1a fuzz: make object-name matching case-insensitive
We have some configs for devices such as the AC97 and ES1370 that were
not matching memory-regions correctly, because the configs provided
lowercase names. To resolve these problems and prevent them from
occurring again in the future, convert both the pattern and names to
lower-case, prior to checking for a match.

Suggested-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
2021-09-01 07:33:13 -04:00
Alexander Bulekov
993f52f4d4 fuzz: adjust timeout to allow for longer inputs
Using a custom timeout is useful to continue fuzzing complex devices,
even after we run into some slow code-path. However, simply adding a
fixed timeout to each input effectively caps the maximum input
length/number of operations at some artificial value. There are two
major problems with this:
1. Some code might only be reachable through long IO sequences.
2. Longer inputs can actually be _better_ for performance. While the
   raw number of fuzzer executions decreases with larger inputs, the
   number of MMIO/PIO/DMA operation/second actually increases, since
   were are speding proportionately less time fork()ing.

With this change, we keep the custom-timeout, but we renew it, prior to
each MMIO/PIO/DMA operation. Thus, we time-out only when a specific
operation takes a long time.

Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
2021-09-01 07:33:13 -04:00
Alexander Bulekov
af16990a1b fuzz: fix sparse memory access in the DMA callback
The code mistakenly relied on address_space_translate to store the
length remaining until the next memory-region. We care about this
because when there is RAM or sparse-memory neighboring on an MMIO
region, we should only write up to the border, to prevent inadvertently
invoking MMIO handlers within the DMA callback.

However address_space_translate_internal only stores the length until
the end of the MemoryRegion if memory_region_is_ram(mr). Otherwise
the *len is left unmodified. This caused some false-positive issues,
where the fuzzer found a way to perform a nested MMIO write through a
DMA callback on an [address, length] that started within sparse memory
and spanned some device MMIO regions.

To fix this, write to sparse memory in small chunks of
memory_access_size (similar to the underlying address_space_write code),
which will prevent accidentally hitting MMIO handlers through large
writes.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2021-09-01 07:33:13 -04:00
Shuuichirou Ishii
499243e189 tests/arm-cpu-features: Add A64FX processor related tests
Add tests that the A64FX CPU model exposes the expected features.

Signed-off-by: Shuuichirou Ishii <ishii.shuuichir@fujitsu.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
[PMM: added commit message body]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-09-01 11:08:18 +01:00
Philippe Mathieu-Daudé
cd066eea60 tests: Remove uses of deprecated raspi2/raspi3 machine names
Commit 155e1c82ed deprecated the raspi2/raspi3 machine names.
Use the recommended new names: raspi2b and raspi3b.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20210827060815.2384760-2-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-09-01 11:08:15 +01:00
Stefan Berger
75539b886a tests: acpi: tpm1.2: Add expected TPM 1.2 ACPI blobs
The TCPA.tis.tpm12 file contains the following:

[000h 0000   4]                    Signature : "TCPA"    [Trusted Computing Platform Alliance table]
[004h 0004   4]                 Table Length : 00000032
[008h 0008   1]                     Revision : 02
[009h 0009   1]                     Checksum : 32
[00Ah 0010   6]                       Oem ID : "BOCHS "
[010h 0016   8]                 Oem Table ID : "BXPC    "
[018h 0024   4]                 Oem Revision : 00000001
[01Ch 0028   4]              Asl Compiler ID : "BXPC"
[020h 0032   4]        Asl Compiler Revision : 00000001

[024h 0036   2]               Platform Class : 0000
[026h 0038   4]         Min Event Log Length : 00010000
[02Ah 0042   8]            Event Log Address : 0000000007FF0000

Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-11-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
33660128d4 tests: acpi: Add test cases for TPM 1.2 with TCPA table
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-10-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
58edc32cfc tests: Use QMP to check whether a TPM device model is available
Use QMP to check whether a given TPM device model is available and if it
is not the case then do not register the tests that require it.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20210802215246.1433175-9-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
343776a685 tests: acpi: prepare for new TPM 1.2 related tables
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-8-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
044d55dcd4 tests: tpm: Create TPM 1.2 response in TPM emulator
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-7-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
4a42dda7c1 tests: acpi: tpm2: Add the renamed ACPI files and drop old ones
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-6-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
bf8443ef99 tests: Add suffix 'tpm2' or 'tpm12' to ACPI table files
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-5-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
a003dbc69e tests: acpi: Prepare for renaming of TPM2 related ACPI files
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-4-stefanb@linux.ibm.com
2021-08-31 17:33:12 -04:00
Stefan Berger
09b20a148a tests: Add tpm_version field to TPMTestState and fill it
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-3-stefanb@linux.ibm.com
2021-08-31 17:33:11 -04:00
Stefan Berger
9bd0e32a19 tests: Rename TestState to TPMTestState
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210802215246.1433175-2-stefanb@linux.ibm.com
2021-08-31 17:33:10 -04:00
Qiang Liu
2b3a98255c hw/display/xlnx_dp: fix an out-of-bounds read in xlnx_dp_read
xlnx_dp_read allows an out-of-bounds read at its default branch because
of an improper index.

According to
https://www.xilinx.com/html_docs/registers/ug1087/ug1087-zynq-ultrascale-registers.html
(DP Module), registers 0x3A4/0x3A4/0x3AC are allowed.

DP_INT_MASK     0x000003A4      32      mixed   0xFFFFF03F      Interrupt Mask Register for intrN.
DP_INT_EN       0x000003A8      32      mixed   0x00000000      Interrupt Enable Register.
DP_INT_DS       0x000003AC      32      mixed   0x00000000      Interrupt Disable Register.

In xlnx_dp_write, when the offset is 0x3A8 and 0x3AC, the virtual device
will write s->core_registers[0x3A4
>> 2]. That is to say, the maxize of s->core_registers could be ((0x3A4
>> 2) + 1). However, the current size of s->core_registers is (0x3AF >>
>> 2), that is ((0x3A4 >> 2) + 2), which is out of the range.
In xlxn_dp_read, the access to offset 0x3A8 or 0x3AC will be directed to
the offset 0x3A8 (incorrect functionality) or 0x3AC (out-of-bounds read)
rather than 0x3A4.

This patch enforces the read access to offset 0x3A8 and 0x3AC to 0x3A4,
but does not adjust the size of s->core_registers to avoid breaking
migration.

Fixes: 58ac482a66 ("introduce xlnx-dp")
Signed-off-by: Qiang Liu <cyruscyliu@gmail.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Acked-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <1628059910-12060-1-git-send-email-cyruscyliu@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-08-31 14:34:36 +02:00
Peter Maydell
a8ca0033c2 tests/qtest/ipmi-bt-test: Zero-initialize sockaddr struct
Zero-initialize the sockaddr_in struct that we're about to fill in
and pass to bind(), to ensure we don't leave possible
implementation-defined extension fields as uninitialized garbage.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Corey Minyard <cminyard@mvista.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-id: 20210813150506.7768-4-peter.maydell@linaro.org
2021-08-26 17:02:00 +01:00
Thomas Huth
b063c290f3 tests/qtest/vhost-user-blk-test: Check whether qemu-storage-daemon is available
The vhost-user-blk-test currently hangs if QTEST_QEMU_STORAGE_DAEMON_BINARY
points to a non-existing binary. Let's improve this situation by checking
for the availability of the binary first, so we can fail gracefully if
it is not accessible.

Message-Id: <20210811095949.133462-1-thuth@redhat.com>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-08-11 13:40:01 +02:00
Thomas Huth
cc1838c25d storage-daemon: Add missing build dependency to the vhost-user-blk-test
vhost-user-blk-test needs the qemu-storage-daemon, otherwise it
currently hangs. So make sure that we build the daemon before running
the tests.

Message-Id: <20210811094705.131314-1-thuth@redhat.com>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-08-11 13:39:50 +02:00
Philippe Mathieu-Daudé
4ac0b72bae hw/sd/sdcard: Fix assertion accessing out-of-range addresses with CMD30
OSS-Fuzz found sending illegal addresses when querying the write
protection bits triggers the assertion added in commit 84816fb63e
("hw/sd/sdcard: Assert if accessing an illegal group"):

  qemu-fuzz-i386-target-generic-fuzz-sdhci-v3: ../hw/sd/sd.c:824: uint32_t sd_wpbits(SDState *, uint64_t):
  Assertion `wpnum < sd->wpgrps_size' failed.
  #3 0x7f62a8b22c91 in __assert_fail
  #4 0x5569adcec405 in sd_wpbits hw/sd/sd.c:824:9
  #5 0x5569adce5f6d in sd_normal_command hw/sd/sd.c:1389:38
  #6 0x5569adce3870 in sd_do_command hw/sd/sd.c:1737:17
  #7 0x5569adcf1566 in sdbus_do_command hw/sd/core.c💯16
  #8 0x5569adcfc192 in sdhci_send_command hw/sd/sdhci.c:337:12
  #9 0x5569adcfa3a3 in sdhci_write hw/sd/sdhci.c:1186:9
  #10 0x5569adfb3447 in memory_region_write_accessor softmmu/memory.c:492:5

It is legal for the CMD30 to query for out-of-range addresses.
Such invalid addresses are simply ignored in the response (write
protection bits set to 0).

In commit 84816fb63e ("hw/sd/sdcard: Assert if accessing an illegal
group") we misplaced the assertion *before* we test the address is
in range. Move it *after*.

Include the qtest reproducer provided by Alexander Bulekov:

  $ make check-qtest-i386
  ...
  Running test qtest-i386/fuzz-sdcard-test
  qemu-system-i386: ../hw/sd/sd.c:824: sd_wpbits: Assertion `wpnum < sd->wpgrps_size' failed.

Cc: qemu-stable@nongnu.org
Reported-by: OSS-Fuzz (Issue 29225)
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Fixes: 84816fb63e ("hw/sd/sdcard: Assert if accessing an illegal group")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/495
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210802235524.3417739-3-f4bug@amsat.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
2021-08-03 19:34:51 +02:00
Peter Xu
61c32485b7 tests: Fix migration-test build failure for sparc
Even if <linux/kvm.h> seems to exist for all archs on linux, however including
it with __linux__ defined seems to be not working yet as it'll try to include
asm/kvm.h and that can be missing for archs that do not support kvm.

To fix this (instead of any attempt to fix linux headers..), we can mark the
header to be x86_64 only, because it's so far only service for adding the kvm
dirty ring test.

Fixes: 1f546b709d ("tests: migration-test: Add dirty ring test")
Reported-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210728214128.206198-1-peterx@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-07-29 08:07:28 +02:00
Peter Maydell
202abcd389 hw/nvme fixes
* new PMR test (Gollu Appalanaidu)
 * pmr/sgl mapping fix (Padmakar Kalghatgi)
 * hotplug fixes (me)
 * mmio out-of-bound read fix (me)
 * big-endian host fixes (me)
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmD/CnQACgkQTeGvMW1P
 DenrlQgAhiKhfKQAJPpP59noKaVNgHFCJySNFQdrPmnD8xDehn4wNRiP4pcdc4aL
 wpB28S5GN9LopzMpLtQBfQZaLygMPFa4QnuJ0ZFJnVoZZa5+T0yQUbBDt8xBJEM5
 gVXBeB4rjnP4TjyTipgtRhSUZt7wieul60z9oFUbJwg4ntt0Jp36DFRzSdXAhTXY
 MubNZy+jqf8p2R4icL97kZISI/phPbWBBMVDSmyqlU5E/pCnip/n5pdISJ/MTPgl
 amqBA93Zs9d2jzhZlhfiKMT+qtdUuItGUk8NV9L2IKxE7ZTdT+tujKfQ1c54JvGM
 J70NjthZApzV4EJwZyrqD0UXNYwFIg==
 =jXUw
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/nvme/tags/nvme-next-pull-request' into staging

hw/nvme fixes

* new PMR test (Gollu Appalanaidu)
* pmr/sgl mapping fix (Padmakar Kalghatgi)
* hotplug fixes (me)
* mmio out-of-bound read fix (me)
* big-endian host fixes (me)

# gpg: Signature made Mon 26 Jul 2021 20:18:12 BST
# gpg:                using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg:                 aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468  4272 63D5 6FC5 E55D A838
#      Subkey fingerprint: 5228 33AA 75E2 DCE6 A247  66C0 4DE1 AF31 6D4F 0DE9

* remotes/nvme/tags/nvme-next-pull-request:
  tests/qtest/nvme-test: add mmio read test
  hw/nvme: fix mmio read
  hw/nvme: fix out-of-bounds reads
  hw/nvme: use symbolic names for registers
  hw/nvme: split pmrmsc register into upper and lower
  hw/nvme: fix controller hot unplugging
  tests/qtest/nvme-test: add persistent memory region test
  hw/nvme: error handling for too many mappings
  hw/nvme: unregister controller with subsystem at exit
  hw/nvme: mark nvme-subsys non-hotpluggable
  hw/nvme: remove NvmeCtrl parameter from ns setup/check functions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 13:24:56 +01:00
Klaus Jensen
9631a8ab21 tests/qtest/nvme-test: add mmio read test
Add a regression test for mmio read on big-endian hosts.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
2021-07-26 21:09:39 +02:00
Gollu Appalanaidu
51e90178f7 tests/qtest/nvme-test: add persistent memory region test
This will test the PMR functionality.

Signed-off-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
[k.jensen: replaced memory-backend-file with memory-backend-ram]
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Dr. David Alan Gilbert
5e32ffd346 tests/qtest/migration-test.c: use 127.0.0.1 instead of 0
OpenBSD doesn't like :0 as an address, switch to using 127.0.0.1
in baddest; it's really testing the :0 port number that isn't allowed
on anything.

(The test doesn't currently run anyway because of the userfault
problem that Peter noticed, but this gets us closer to being able to
reenable it)

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20210719185217.122105-1-dgilbert@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-26 12:17:16 +01:00
Philippe Mathieu-Daudé
59b63d78be hw/sd/sdcard: Check for valid address range in SEND_WRITE_PROT (CMD30)
OSS-Fuzz found sending illegal addresses when querying the write
protection bits triggers an assertion:

  qemu-fuzz-i386: hw/sd/sd.c:824: uint32_t sd_wpbits(SDState *, uint64_t): Assertion `wpnum < sd->wpgrps_size' failed.
  ==11578== ERROR: libFuzzer: deadly signal
  #8 0x7ffff628e091 in __assert_fail
  #9 0x5555588f1a3c in sd_wpbits hw/sd/sd.c:824:9
  #10 0x5555588dd271 in sd_normal_command hw/sd/sd.c:1383:38
  #11 0x5555588d777c in sd_do_command hw/sd/sd.c
  #12 0x555558cb25a0 in sdbus_do_command hw/sd/core.c💯16
  #13 0x555558e02a9a in sdhci_send_command hw/sd/sdhci.c:337:12
  #14 0x555558dffa46 in sdhci_write hw/sd/sdhci.c:1187:9
  #15 0x5555598b9d76 in memory_region_write_accessor softmmu/memory.c:489:5

Similarly to commit 8573378e62 ("hw/sd: fix out-of-bounds check
for multi block reads"), check the address range before sending
the status of the write protection bits.

Include the qtest reproducer provided by Alexander Bulekov:

  $ make check-qtest-i386
  ...
  Running test qtest-i386/fuzz-sdcard-test
  qemu-system-i386: ../hw/sd/sd.c:824: sd_wpbits: Assertion `wpnum < sd->wpgrps_size' failed.

Reported-by: OSS-Fuzz (Issue 29225)
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/450
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20210702155900.148665-4-f4bug@amsat.org>
2021-07-12 12:27:38 +02:00
Peter Maydell
9516034d05 Some qemu updates for IPMI and I2C
Move some ADC file to where they belong and move some sensors to a
 sensor directory, since with new BMCs coming in lots of different
 sensors should be coming in.  Keep from cluttering things up.
 
 Add support for I2C PMBus devices.
 
 Replace the confusing and error-prone i2c_send_recv and i2c_transfer with
 specific send and receive functions.  Several errors have already been
 made with these, avoid any new errors.
 
 Fix the watchdog_expired field in the IPMI watchdog, it's not a bool,
 it's a u8.  After a vmstate transfer, the new value could be wrong.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE/Q1c5nzg9ZpmiCaGYfOMkJGb/4EFAmDoeGAACgkQYfOMkJGb
 /4HpkQ//YLAddy3Kqo5LbyI0BPxcx567htHH34XXp4Pz22DcAoPvZRyRlsGiAAcR
 HRmqjSXNBan+KhlA82coczHUami8C+9NQAfnABf7Mv4CQnvf9Hziy9YR0riTAgEk
 Xfc25eYYK5dzfOHVVbp2KJ2IWPo/sY3UqbIKu9MyYzriNpzIuT5NW1aGjIrhW7Js
 2feeIHxH4fEXzhkkgMKMJfXdxkYyD78mB3IfnpVCnoODq3fMZXtMskRDHWjdMEnT
 0u53zeQd5T0jElLZXlwDKAd9QpiPWVnfTJwND3fwWjSMIAVkd7kTqJbVtHpYJMWB
 amOR9qsw72r/WIOow4lLbSjS57GbyEjB344dtlrzHhhW68y9SGbtaSXWD/imkAfB
 NhLlMzNzsIb+dHZhAwdEgmg4Nz/1HZngiK4Awk2YFBVCn7G6BqAvpMwLGdYYr3Az
 P4EPs0aVdGYBbcN5XxAwkKEqESrzF+iF7iZvNTocdSJSCV+ebFNLlZWIq/aXS1TA
 IED1mBmyc/drWF+jA0D520uafT1m+zN4HhPvHpRyK65bqqiH2veDpK20kz0lwQe8
 e2ZeDVG2oVTMIQ+mmyu7kD9xgxjmapoHz64K1VkUwsnXE3jp9yqfa17B9vHOjqkq
 e/iaHiek8xeTWWyoShGk2zoAHBChkwSy/Y2JuZA6FXRnoU6kKsg=
 =8708
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cminyard/tags/for-qemu-6.1-2' into staging

Some qemu updates for IPMI and I2C

Move some ADC file to where they belong and move some sensors to a
sensor directory, since with new BMCs coming in lots of different
sensors should be coming in.  Keep from cluttering things up.

Add support for I2C PMBus devices.

Replace the confusing and error-prone i2c_send_recv and i2c_transfer with
specific send and receive functions.  Several errors have already been
made with these, avoid any new errors.

Fix the watchdog_expired field in the IPMI watchdog, it's not a bool,
it's a u8.  After a vmstate transfer, the new value could be wrong.

# gpg: Signature made Fri 09 Jul 2021 17:25:04 BST
# gpg:                using RSA key FD0D5CE67CE0F59A6688268661F38C90919BFF81
# gpg: Good signature from "Corey Minyard <cminyard@mvista.com>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@acm.org>" [unknown]
# gpg:                 aka "Corey Minyard <corey@minyard.net>" [unknown]
# gpg:                 aka "Corey Minyard <minyard@mvista.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FD0D 5CE6 7CE0 F59A 6688  2686 61F3 8C90 919B FF81

* remotes/cminyard/tags/for-qemu-6.1-2: (24 commits)
  tests/qtest: add tests for MAX34451 device model
  hw/misc: add MAX34451 device
  tests/qtest: add tests for ADM1272 device model
  hw/misc: add ADM1272 device
  hw/i2c: add support for PMBus
  ipmi/sim: fix watchdog_expired data type error in IPMIBmcSim struct
  hw/i2c: Introduce i2c_start_recv() and i2c_start_send()
  hw/i2c: Extract i2c_do_start_transfer() from i2c_start_transfer()
  hw/i2c: Make i2c_start_transfer() direction argument a boolean
  hw/i2c: Rename i2c_set_slave_address() -> i2c_slave_set_address()
  hw/i2c: Remove confusing i2c_send_recv()
  hw/misc/auxbus: Replace i2c_send_recv() by i2c_recv() & i2c_send()
  hw/misc/auxbus: Replace 'is_write' boolean by its value
  hw/misc/auxbus: Explode READ_I2C / WRITE_I2C_MOT cases
  hw/misc/auxbus: Fix MOT/classic I2C mode
  hw/i2c/ppc4xx_i2c: Replace i2c_send_recv() by i2c_recv() & i2c_send()
  hw/i2c/ppc4xx_i2c: Add reference to datasheet
  hw/display/sm501: Replace i2c_send_recv() by i2c_recv() & i2c_send()
  hw/display/sm501: Simplify sm501_i2c_write() logic
  hw/input/lm832x: Define TYPE_LM8323 in public header
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-11 14:32:49 +01:00
Peter Maydell
3cfcc329af target-arm queue:
* New machine type: stm32vldiscovery
  * hw/intc/arm_gicv3_cpuif: Fix virtual irq number check in icv_[dir|eoir]_write
  * hw/gpio/pl061: Honour Luminary PL061 PUR and PDR registers
  * virt: Fix implementation of GPIO-based powerdown/shutdown mechanism
  * Correct the encoding of MDCCSR_EL0 and DBGDSCRint
  * hw/intc: Improve formatting of MEMTX_ERROR guest error message
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmDodKYZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3lLWD/9Ux5FW5GfJstzcLyMaEQCA
 KMw9I18YYDXKnynxn8vqBYPV49pN8Hc/4xFcCuhVhsNMBiLMvRpNrnzCad2hylVJ
 JrFkyHO78ibdTRqUCWtnToFnNR37gBei1sL8jlcaex789ifDX7KOpfERqvIa313o
 5iMEDLOtbkqauyNXPpMxmS/imP13VLD0iuChQwYM6tYnVKja7uFScJRlU6/3ayRL
 sZC0Yc8WUuwICmYOxXTu/ANhJo3XsTWMLN9RMlpDQ7PV4nT4hJP2MPtdkEiUpNZo
 aon/w/Fe+PB1DW6MSfyYYrrJTh9SmpylB+kiEVnZtf5RQB7URpTo0Oyb1CF4xz97
 YbUqgSwJtTAeYku6H/2tmXvD87I1w7i7Y6E16Gjo5WXqs7bULYEAR9/l0dt3FMSW
 MoKAlhnwB7eU/p2kd5NZEkPPx9W/Z0B/nFFctVEKkQpo2CrJoOJX08RsPpFrwGSE
 Sr8wnyvRQr7YzWwkG/q11Y+uS9SIszuEYZYqEGw1AVBgi78dMVPSFiXktRnV3ERI
 FQWb7xzQe2pTtTc0W4yrudMxk8bCJvGIa9SYTW4Z5CxO0EJkBOOPTwoIGoNEeLLC
 NYGDGeaDYy5aCdqRwBz+oguBhRgqIiQagSjPljnJ4vJPQhJvdFik2nuK5JYbKnPl
 7G0GxqlDhMQs9tXTQ523Rw==
 =AkRd
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210709' into staging

target-arm queue:
 * New machine type: stm32vldiscovery
 * hw/intc/arm_gicv3_cpuif: Fix virtual irq number check in icv_[dir|eoir]_write
 * hw/gpio/pl061: Honour Luminary PL061 PUR and PDR registers
 * virt: Fix implementation of GPIO-based powerdown/shutdown mechanism
 * Correct the encoding of MDCCSR_EL0 and DBGDSCRint
 * hw/intc: Improve formatting of MEMTX_ERROR guest error message

# gpg: Signature made Fri 09 Jul 2021 17:09:10 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20210709:
  hw/intc: Improve formatting of MEMTX_ERROR guest error message
  target/arm: Correct the encoding of MDCCSR_EL0 and DBGDSCRint
  hw/arm/stellaris: Expand comment about handling of OLED chipselect
  hw/gpio/pl061: Document a shortcoming in our implementation
  hw/gpio/pl061: Convert to 3-phase reset and assert GPIO lines correctly on reset
  hw/arm/virt: Make PL061 GPIO lines pulled low, not high
  hw/gpio/pl061: Make pullup/pulldown of outputs configurable
  hw/gpio/pl061: Honour Luminary PL061 PUR and PDR registers
  hw/gpio/pl061: Document the interface of this device
  hw/gpio/pl061: Add tracepoints for register read and write
  hw/gpio/pl061: Clean up read/write offset handling logic
  hw/gpio/pl061: Convert DPRINTF to tracepoints
  hw/intc/arm_gicv3_cpuif: Fix virtual irq number check in icv_[dir|eoir]_write
  tests/boot-serial-test: Add STM32VLDISCOVERY board testcase
  docs/system: arm: Add stm32 boards description
  stm32vldiscovery: Add the STM32VLDISCOVERY Machine
  stm32f100: Add the stm32f100 SoC

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-11 13:11:32 +01:00
Alexandre Iooss
7cb4097f2d tests/boot-serial-test: Add STM32VLDISCOVERY board testcase
New mini-kernel test for STM32VLDISCOVERY USART1.

Signed-off-by: Alexandre Iooss <erdnaxe@crans.org>
Acked-by: Thomas Huth <thuth@redhat.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210617165647.2575955-5-erdnaxe@crans.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-09 16:09:12 +01:00
Alexey Kardashevskiy
fc8c745d50 spapr: Implement Open Firmware client interface
The PAPR platform describes an OS environment that's presented by
a combination of a hypervisor and firmware. The features it specifies
require collaboration between the firmware and the hypervisor.

Since the beginning, the runtime component of the firmware (RTAS) has
been implemented as a 20 byte shim which simply forwards it to
a hypercall implemented in qemu. The boot time firmware component is
SLOF - but a build that's specific to qemu, and has always needed to be
updated in sync with it. Even though we've managed to limit the amount
of runtime communication we need between qemu and SLOF, there's some,
and it has become increasingly awkward to handle as we've implemented
new features.

This implements a boot time OF client interface (CI) which is
enabled by a new "x-vof" pseries machine option (stands for "Virtual Open
Firmware). When enabled, QEMU implements the custom H_OF_CLIENT hcall
which implements Open Firmware Client Interface (OF CI). This allows
using a smaller stateless firmware which does not have to manage
the device tree.

The new "vof.bin" firmware image is included with source code under
pc-bios/. It also includes RTAS blob.

This implements a handful of CI methods just to get -kernel/-initrd
working. In particular, this implements the device tree fetching and
simple memory allocator - "claim" (an OF CI memory allocator) and updates
"/memory@0/available" to report the client about available memory.

This implements changing some device tree properties which we know how
to deal with, the rest is ignored. To allow changes, this skips
fdt_pack() when x-vof=on as not packing the blob leaves some room for
appending.

In absence of SLOF, this assigns phandles to device tree nodes to make
device tree traversing work.

When x-vof=on, this adds "/chosen" every time QEMU (re)builds a tree.

This adds basic instances support which are managed by a hash map
ihandle -> [phandle].

Before the guest started, the used memory is:
0..e60 - the initial firmware
8000..10000 - stack
400000.. - kernel
3ea0000.. - initramdisk

This OF CI does not implement "interpret".

Unlike SLOF, this does not format uninitialized nvram. Instead, this
includes a disk image with pre-formatted nvram.

With this basic support, this can only boot into kernel directly.
However this is just enough for the petitboot kernel and initradmdisk to
boot from any possible source. Note this requires reasonably recent guest
kernel with:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=df5be5be8735

The immediate benefit is much faster booting time which especially
crucial with fully emulated early CPU bring up environments. Also this
may come handy when/if GRUB-in-the-userspace sees light of the day.

This separates VOF and sPAPR in a hope that VOF bits may be reused by
other POWERPC boards which do not support pSeries.

This assumes potential support for booting from QEMU backends
such as blockdev or netdev without devices/drivers used.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Message-Id: <20210625055155.2252896-1-aik@ozlabs.ru>
Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu>
[dwg: Adjusted some includes which broke compile in some more obscure
 compilation setups]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-09 10:38:19 +10:00
Titus Rwantare
7649086f45 tests/qtest: add tests for MAX34451 device model
Signed-off-by: Titus Rwantare <titusr@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-Id: <20210708172556.1868139-6-titusr@google.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2021-07-08 14:42:00 -05:00
Titus Rwantare
c0167539ba tests/qtest: add tests for ADM1272 device model
Signed-off-by: Titus Rwantare <titusr@google.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-Id: <20210708172556.1868139-4-titusr@google.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2021-07-08 14:41:59 -05:00
Peter Maydell
9aef095419 * More Meson test conversions and configure cleanups
* Generalize XSAVE area offset so that it matches AMD processors on KVM
 * Improvements for -display and deprecation of -no-quit
 * Enable SMP configuration as a compound machine property ("-M smp.cpus=...")
 * Haiku compilation fix
 * Add icon on Darwin
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmDkB7sUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroOISgf+Nn5BiXQRY52DK/2PoG330F6UeOcp
 kWFAE4k4qEktDiCcd5xKekiUd7h+TiRS8bLeycmRtiSXvbzXioE2eCelui0SZDQl
 zpIb8wV2WaxrD/zUYPV7r5n+VFAaTCm9lUEzzqnwaThBG/Oat45gnossZEIWv85g
 KtQMsSh3pc+KpTjWbIA8V01ohzwFE2q7cA9CB/pDgR3h8M5p4K0ZdaPoAO2auhvu
 2sbu9oBl1JwqpIhPme9JR6Je5fMCILBRlXTvPgJ/0iaGdxcNmZxoflO/TZVFB1pl
 tUiCu0GB0yEasMO1E6+cP7ezhm15Lz3vKqjr/boV5Y9osfU36k9xkLTvAg==
 =itIm
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

* More Meson test conversions and configure cleanups
* Generalize XSAVE area offset so that it matches AMD processors on KVM
* Improvements for -display and deprecation of -no-quit
* Enable SMP configuration as a compound machine property ("-M smp.cpus=...")
* Haiku compilation fix
* Add icon on Darwin

# gpg: Signature made Tue 06 Jul 2021 08:35:23 BST
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream: (40 commits)
  config-host.mak: remove unused compiler-related lines
  Set icon for QEMU binary on Mac OS
  qemu-option: remove now-dead code
  machine: add smp compound property
  vl: switch -M parsing to keyval
  keyval: introduce keyval_parse_into
  keyval: introduce keyval_merge
  qom: export more functions for use with non-UserCreatable objects
  configure: convert compiler tests to meson, part 6
  configure: convert compiler tests to meson, part 5
  configure: convert compiler tests to meson, part 4
  configure: convert compiler tests to meson, part 3
  configure: convert compiler tests to meson, part 2
  configure: convert compiler tests to meson, part 1
  configure: convert HAVE_BROKEN_SIZE_MAX to meson
  configure, meson: move CONFIG_IVSHMEM to meson
  meson: store dependency('threads') in a variable
  meson: sort existing compiler tests
  configure, meson: convert libxml2 detection to meson
  configure, meson: convert liburing detection to meson
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-06 11:24:58 +01:00
Paolo Bonzini
fe68090e8f machine: add smp compound property
Make -smp syntactic sugar for a compound property "-machine
smp.{cores,threads,cpu,...}".  machine_smp_parse is replaced by the
setter for the property.

numa-test will now cover the new syntax, while other tests
still use -smp.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-07-06 08:33:51 +02:00
Peter Maydell
9bef7ea9d9 9pfs: misc patches
* Add link to 9p developer docs.
 
 * Fix runtime check whether client supplied relative path is the export
   root.
 
 * Performance optimization of Twalk requests.
 
 * Code cleanup.
 -----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCgA1FiEEltjREM96+AhPiFkBNMK1h2Wkc5UFAmDi6V4XHHFlbXVfb3Nz
 QGNydWRlYnl0ZS5jb20ACgkQNMK1h2Wkc5WsiA//dwLfbNFE9dxAZF3JzwYPmgID
 ino0zruJxC2UdHaVYr2r0A6H+uL/K1zFTWj53R1EKo6udhsx5avqJvmuLU5np9MA
 CEflB99YvwEQWLNyM7IRT+IXa+ebe+UvqC7ouRmJeTRuBaSEu7TMj5S2zMj+AD4b
 uNGVylm6T8yAt+r8QQar+TvK9KYuPuHt/yJgzXqg8tDfly1GGzLh2uoS/0EZoJQU
 4emyYadMsBMVOh+E29sqFMBpUnHwlLl+t9JpUl3xVXM1ZShcqHBl2QbQGJIDsfh7
 HxXBMKHLiSzJrFJCc2DklsOlaRlP5nZdCVEcO4B0/Sq1kZpmf6r+4V6uYrdu8cCE
 tP33QNhC1yWQk9FgvItGkqRfAOI/KK02TE8WWJuLxbyo2n62lE0rEU1gBJOGPkxQ
 rJTGUiFgweV5Ky+NMRbrB4P8EurPLvcgFEhz7qfOEBanmZKHylzI3vwQg5e9Um/t
 ZABjIfjm95/QB6ufeCvVuktGnmyfBC/WJSZwiDyRG+tBf1V1TJF1P9EwoBOyYexv
 WGHoYfAExytKbyzgsKPZ32zTGzzKLtTBko+ATIEFPCpsf5TWiSzralzz3c2/DF3j
 5PHuPOdL+7nhUN3CSRi2MJzhg+LKW34ca1G8XRpob0u9RkKSjH6VbqKhysB8eQNm
 kE1lfhSe00ZtuZoTPto=
 =WqCY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cschoenebeck/tags/pull-9p-20210705' into staging

9pfs: misc patches

* Add link to 9p developer docs.

* Fix runtime check whether client supplied relative path is the export
  root.

* Performance optimization of Twalk requests.

* Code cleanup.

# gpg: Signature made Mon 05 Jul 2021 12:13:34 BST
# gpg:                using RSA key 96D8D110CF7AF8084F88590134C2B58765A47395
# gpg:                issuer "qemu_oss@crudebyte.com"
# gpg: Good signature from "Christian Schoenebeck <qemu_oss@crudebyte.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: ECAB 1A45 4014 1413 BA38  4926 30DB 47C3 A012 D5F4
#      Subkey fingerprint: 96D8 D110 CF7A F808 4F88  5901 34C2 B587 65A4 7395

* remotes/cschoenebeck/tags/pull-9p-20210705:
  9pfs: reduce latency of Twalk
  9pfs: drop root_qid
  9pfs: replace not_same_qid() by same_stat_id()
  9pfs: drop fid_to_qid()
  9pfs: capture root stat
  9pfs: fix not_same_qid()
  9pfs: simplify v9fs_walk()
  9pfs: add link to 9p developer docs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-05 17:25:02 +01:00
Christian Schoenebeck
6f56908427 9pfs: add link to 9p developer docs
To lower the entry level for new developers, add a link to the 9p
developer docs (i.e. qemu wiki) to MAINTAINERS and to the beginning of
9p source files, that is to: https://wiki.qemu.org/Documentation/9p

Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Acked-by: Greg Kurz <groug@kaod.org>
Message-Id: <E1leeDf-0008GZ-9q@lizzy.crudebyte.com>
2021-07-05 13:03:16 +02:00
Peter Xu
1f546b709d tests: migration-test: Add dirty ring test
Add dirty ring test if kernel supports it.  Add the dirty ring parameter on
source should be mostly enough, but let's change the dest too to make them
match always.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20210615175523.439830-3-peterx@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2021-07-05 10:51:26 +01:00
Peter Maydell
5d2d18ae39 audio: bugfixes
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEoDKM/7k6F6eZAf59TLbY7tPocTgFAmDUd5AACgkQTLbY7tPo
 cTjq/Q/+PL8+B9milDJCdBU+tTTOZDB+8V/aWLE5U8VbHF0kkj+eqtWWDgdqmDMf
 TQDolpZhYtp0UKmzQo6RQivbZX1TZMTVj67mgLw9lQEu0VVjrgUHZOqY4jMNSKCP
 RikxeVkv90elwJbUdjAtw1gSIepph2sySaNemjZzXT+mDQm1bV3hTwh/s1T8N6TU
 nVioJGUzHksBQr1hq6OxcMQmMN56ampCrEmmsiPcR3n5dS6IhGD1WfkGWTDSur9H
 d2UncTzLXb58l3ZaLYujv6n4ArIERcNUDWvi7j93Tcem62YQc+EcxC75nl+5mFSQ
 8rnv/8Jli3n3o11ShAAtS1uPSPlGl9euE7FXkDkb28OS3dItxl5R4YbYRy45ZitJ
 OcS6zatrEUcMBHqO1xXhPSKEAoJ2oBJ82GPRHeQnyRRWId9lJJvfiIe9E0GDbE8P
 hGmLk7v1txz5ZMG7bFWyC+Ol0HMgvwH+TSSt5XbtFYwmwrVucUarHqh1F8Yi7lqm
 wLOP8sFtFZalfimhbv8GkZafiFw0qJ3UDot6ISBSLKZLhQXTnGi0Kl+lLJh8wijT
 z8Ut+LJQKH3//g1hfR73EHUiP60WRX2zL9Xw6JcX8GE2CNaQNRHlQxduO7vLum8v
 SWn+KqOjk5bFPPhB6OrLW5+KgvmbD2ITiM8Lt+KuHmSiyZHWSIs=
 =XgQF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/audio-20210624-pull-request' into staging

audio: bugfixes

# gpg: Signature made Thu 24 Jun 2021 13:16:16 BST
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/audio-20210624-pull-request:
  hw/audio/sb16: Restrict I/O sampling rate range for command 41h/42h
  coreaudio: Lock only the buffer

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-06-25 18:55:58 +01:00
Qiang Liu
60e543f5ce hw/audio/sb16: Restrict I/O sampling rate range for command 41h/42h
The I/O sampling rate range is enforced to 5000 to 45000HZ according to
commit a2cd86a9. Setting I/O sampling rate with command 41h/42h, a guest
user can break this assumption and trigger an assertion in audio_calloc
via command 0xd4. This patch restricts the I/O sampling rate range for
command 41h/42h.

Fixes: 85571bc741 ("audio merge (malc)")
Signed-off-by: Qiang Liu <cyruscyliu@gmail.com>
Message-Id: <1624502687-5214-1-git-send-email-cyruscyliu@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-06-24 11:42:54 +02:00
Philippe Mathieu-Daudé
a8fbec7ed8 fuzz: Display hexadecimal value with '0x' prefix
Use memory_region_size() to get the MemoryRegion size,
and display it with the '0x' prefix.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210612195842.1595999-1-f4bug@amsat.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-06-21 05:50:57 +02:00
Ahmed Abouzied
e52ee00dab Remove leading underscores from QEMU defines
Leading underscores followed by a capital letter or underscore are
reserved by the C standard.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/369

Signed-off-by: Ahmed Abouzied <email@aabouzied.com>
Message-Id: <20210605174938.13782-1-email@aabouzied.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-06-21 05:49:01 +02:00
Corey Minyard
5e9ae4b1a3 sensor: Move hardware sensors from misc to a sensor directory
Lots of this are expected to be coming in, create a directory for them.

Also move the tmp105.h file into the include directory where it
should be.

Cc: Cédric Le Goater <clg@kaod.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Andrew Jeffery <andrew@aj.id.au>
Cc: Joel Stanley <joel@jms.id.au>
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: qemu-arm@nongnu.org
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Acked-by: Cédric Le Goater <clg@kaod.org>
2021-06-17 07:10:32 -05:00
Philippe Mathieu-Daudé
a2cd86a94a hw/audio/sb16: Avoid assertion by restricting I/O sampling rate range
While the SB16 seems to work up to 48000 Hz, the "Sound Blaster Series
Hardware Programming Guide" limit the sampling range from 4000 Hz to
44100 Hz (Section 3-9, 3-10: Digitized Sound I/O Programming, tables
3-2 and 3-3).

Later, section 6-15 (DSP Commands) is more specific regarding the 41h /
42h registers (Set digitized sound output sampling rate):

  Valid sampling rates range from 5000 to 45000 Hz inclusive.

There is no comment regarding error handling if the register is filled
with an out-of-range value.  (See also section 3-28 "8-bit or 16-bit
Auto-initialize Transfer"). Assume limits are enforced in hardware.

This fixes triggering an assertion in audio_calloc():

  #1 abort
  #2 audio_bug audio/audio.c:119:9
  #3 audio_calloc audio/audio.c:154:9
  #4 audio_pcm_sw_alloc_resources_out audio/audio_template.h:116:15
  #5 audio_pcm_sw_init_out audio/audio_template.h:175:11
  #6 audio_pcm_create_voice_pair_out audio/audio_template.h:410:9
  #7 AUD_open_out audio/audio_template.h:503:14
  #8 continue_dma8 hw/audio/sb16.c:216:20
  #9 dma_cmd8 hw/audio/sb16.c:276:5
  #10 command hw/audio/sb16.c:0
  #11 dsp_write hw/audio/sb16.c:949:13
  #12 portio_write softmmu/ioport.c:205:13
  #13 memory_region_write_accessor softmmu/memory.c:491:5
  #14 access_with_adjusted_size softmmu/memory.c:552:18
  #15 memory_region_dispatch_write softmmu/memory.c:0:13
  #16 flatview_write_continue softmmu/physmem.c:2759:23
  #17 flatview_write softmmu/physmem.c:2799:14
  #18 address_space_write softmmu/physmem.c:2891:18
  #19 cpu_outw softmmu/ioport.c:70:5

[*] http://www.baudline.com/solutions/full_duplex/sb16_pci/index.html

OSS-Fuzz Report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29174

Fixes: 85571bc741 ("audio merge (malc)")
Buglink: https://bugs.launchpad.net/bugs/1910603
Tested-by: Qiang Liu <cyruscyliu@gmail.com>
Reviewed-by: Qiang Liu <cyruscyliu@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210616104349.2398060-1-f4bug@amsat.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2021-06-17 11:55:23 +02:00
Kit Westneat
6b731a96aa tests/qtest/virtio-scsi-test: add unmap large LBA with 4k blocks test
Add test for issue #345

Signed-off-by: Kit Westneat <kit.westneat@gmail.com>
Message-Id: <20210603142022.676395-1-kit.westneat@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-06-04 13:47:08 +02:00
Peter Maydell
d2304612b5 tests/qtest/tpm-tests: Remove unnecessary NULL checks
Coverity points out that in tpm_test_swtpm_migration_test() we
assume that src_tpm_addr and dst_tpm_addr are non-NULL (we
pass them to tpm_util_migration_start_qemu() which will
unconditionally dereference them) but then later explicitly
check them for NULL. Remove the pointless checks.

Fixes: Coverity CID 1432367, 1432359

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-id: 20210525134458.6675-6-peter.maydell@linaro.org
2021-06-03 16:43:27 +01:00
Peter Maydell
909e4a0826 tests/qtest/pflash-cfi02-test: Avoid potential integer overflow
Coverity points out that we calculate a 64-bit value using 32-bit
arithmetic; add the cast to force the multiply to be done as 64-bits.
(The overflow will never happen with the current test data.)

Fixes: Coverity CID 1432320
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-id: 20210525134458.6675-5-peter.maydell@linaro.org
2021-06-03 16:43:27 +01:00
Peter Maydell
2c398ee5e3 tests/qtest/hd-geo-test: Fix checks on mkstemp() return value
Coverity notices that the checks against mkstemp() failing in
create_qcow2_with_mbr() are wrong: mkstemp returns -1 on failure but
the check is just "g_assert(fd)".  Fix to use "g_assert(fd >= 0)",
matching the correct check in create_test_img().

Fixes: Coverity CID 1432274
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-id: 20210525134458.6675-4-peter.maydell@linaro.org
2021-06-03 16:43:27 +01:00
Peter Maydell
380822edb3 tests/qtest/e1000e-test: Check qemu_recv() succeeded
The e1000e_send_verify() test calls qemu_recv() but doesn't
check that the call succeeded, which annoys Coverity. Add
an explicit test check for the length of the data.

(This is a test check, not a "we assume this syscall always
succeeds", so we use g_assert_cmpint() rather than g_assert().)

Fixes: Coverity CID 1432324
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-id: 20210525134458.6675-3-peter.maydell@linaro.org
2021-06-03 16:43:27 +01:00
Peter Maydell
3c65e439b2 tests/qtest/bios-tables-test: Check for dup2() failure
Coverity notes that we don't check for dup2() failing.  Add some
assertions so that if it does ever happen we get some indication.
(This is similar to how we handle other "don't expect this syscall to
fail" checks in this test code.)

Fixes: Coverity CID 1432346
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Message-id: 20210525134458.6675-2-peter.maydell@linaro.org
2021-06-03 16:43:27 +01:00
Philippe Mathieu-Daudé
aaad026480 tests/qtest/fuzz: Fix build failure
On Fedora 32, using clang (version 10.0.1-3.fc32) we get:

  tests/qtest/fuzz/fuzz.c:237:5: error: implicit declaration of function 'qemu_init' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
      qemu_init(result.we_wordc, result.we_wordv, NULL);
      ^

qemu_init() is declared in "sysemu/sysemu.h", include this
header to fix.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210513162008.3922223-1-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-05-26 14:49:46 +02:00
Stefan Hajnoczi
7999e3136d vhost-user-blk-test: test discard/write zeroes invalid inputs
Exercise input validation code paths in
block/export/vhost-user-blk-server.c.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20210309094106.196911-5-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210322092327.150720-4-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-05-18 12:57:38 +02:00
Stefan Hajnoczi
9c4e99e879 tests/qtest: add multi-queue test case to vhost-user-blk-test
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20210309094106.196911-4-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210322092327.150720-3-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-05-18 12:57:38 +02:00
Coiby Xu
806952026d test: new qTest case to test the vhost-user-blk-server
This test case has the same tests as tests/virtio-blk-test.c except for
tests have block_resize. Since the vhost-user-blk export only serves one
client one time, two exports are started by qemu-storage-daemon for the
hotplug test.

Suggested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Coiby Xu <coiby.xu@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20210309094106.196911-3-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210322092327.150720-2-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-05-18 12:57:38 +02:00
Peter Maydell
2ed765fdee tests/qtest/migration-test: Use g_autofree to avoid leaks on error paths
Coverity notices that several places in the migration-test code fail
to free memory in error-exit paths.  This is pretty unimportant in
test case code, but we can avoid having to manually free the memory
entirely by using g_autofree.

The places where Coverity spotted a leak were relating to early exits
not freeing 'uri' in test_precopy_unix(), do_test_validate_uuid(),
migrate_postcopy_prepare() and test_migrate_auto_converge().  This
patch converts all the string-allocation in the test code to
g_autofree for consistency.

Fixes: Coverity CID 1432313, 1432315, 1432352, 1432364
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20210506185819.9010-1-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:37:00 +02:00
Peter Maydell
bfaa3b05a9 tests: Avoid side effects inside g_assert() arguments
For us, assertions are always enabled, but side-effect expressions
inside the argument to g_assert() are bad style anyway. Fix three
occurrences in IPMI related tests, which will silence some Coverity
nits.

Fixes: CID 1432322, CID 1432287, CID 1432291
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210503165525.26221-4-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Peter Maydell
6c054176db tests/qtest/rtc-test: Remove pointless NULL check
In rtc-test.c we know that s is non-NULL because qtest_start()
will return a non-NULL value, and we assume this when we
pass s to qtest_irq_intercept_in(). So we can drop the
initial assignment of NULL and the "if (s)" condition at
the end of the function.

Fixes: Coverity CID 1432353
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210503165525.26221-3-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Peter Maydell
e7b13acdf2 tests/qtest/tpm-util.c: Free memory with correct free function
tpm_util_migration_start_qemu() allocates memory with g_strdup_printf()
but frees it with free() rather than g_free(), which provokes Coverity
complaints (CID 1432379, 1432350). Use the correct free function.

Fixes: Coverity CID 1432379, CID 1432350
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20210503165525.26221-2-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Dr. David Alan Gilbert
3a46f81676 tests/migration-test: Fix "true" vs true
Accidental use of "true" as a boolean; spotted by coverity
and Peter.

Fixes: b99784ef6c
Fixes: d795f47466
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Coverity (CID 1432373, 1432292, 1432288)
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210504100545.112213-1-dgilbert@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Peter Maydell
302585450c tests/qtest/npcm7xx_pwm-test.c: Avoid g_assert_true() for non-test assertions
In the glib API, the distinction between g_assert() and
g_assert_true() is that the former is for "bug, terminate the
application" and the latter is for "test check, on failure either
terminate or just mark the testcase as failed".  For QEMU, g_assert()
is always fatal, so code can assume that if the assertion fails
execution does not proceed, but this is not true of g_assert_true().

In npcm7xx_pwm-test, the pwm_index() and pwm_module_index() functions
include some assertions that are just guarding against possible bugs
in the test code that might lead us to out-of-bounds array accesses.
These should use g_assert() because they aren't part of what the test
is testing and the code does not correctly handle the case where the
condition was false.

This fixes some Coverity issues where Coverity knows that
g_assert_true() can continue when the condition is false and
complains about the possible array overrun at various callsites.

Fixes: Coverity CID 1442340, 1442341, 1442343, 1442344, 1442345, 1442346
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Havard Skinnemoen <hskinnemoen@google.com>
Message-Id: <20210505135516.21097-1-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Peter Maydell
423dbce5a2 tests/qtest/ahci-test.c: Calculate iso_size with 64-bit arithmetic
Coverity notes that when calculating the 64-bit iso_size value in
ahci_test_cdrom() we actually only do it with 32-bit arithmetic.
This doesn't matter for the current test code because nsectors is
always small; but adding the cast avoids the coverity complaints.

Fixes: Coverity CID 1432343
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-Id: <20210506194358.3925-1-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Stefan Hajnoczi
20868330a9 libqtest: refuse QTEST_QEMU_BINARY=qemu-kvm
Some downstreams rename the QEMU binary to "qemu-kvm". This breaks
qtest_get_arch(), which attempts to parse the target architecture from
the QTEST_QEMU_BINARY environment variable.

Print an error instead of returning the architecture "kvm". Things fail
in weird ways when the architecture string is bogus.

Arguably qtests should always be run in a build directory instead of
against an installed QEMU. In any case, printing a clear error when this
happens is helpful.

Since this is an error that is triggered by the user and not a test
failure, use exit(1) instead of abort(). Change the existing abort()
call in qtest_get_arch() to exit(1) too for the same reason and to be
consistent.

Reported-by: Qin Wang <qinwang@rehdat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Cc: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Message-Id: <20210412143050.725918-1-stefanha@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Stefan Hajnoczi
f62215298a libqos/qgraph: fix "UNAVAILBLE" typo
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20210412143437.727560-2-stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-05-14 12:28:01 +02:00
Markus Armbruster
4369223902 Drop the deprecated unicore32 target
Target unicore32 was deprecated in commit 8e4ff4a8d2, v5.2.0.  See
there for rationale.

Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20210503084034.3804963-3-armbru@redhat.com>
Acked-by: Thomas Huth <thuth@redhat.com>
2021-05-12 18:20:52 +02:00
Markus Armbruster
9d49bcf699 Drop the deprecated lm32 target
Target lm32 was deprecated in commit d849800512, v5.2.0.  See there
for rationale.

Some of its code lives on in device models derived from milkymist
ones: hw/char/digic-uart.c and hw/display/bcm2835_fb.c.

Cc: Michael Walle <michael@walle.cc>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20210503084034.3804963-2-armbru@redhat.com>
Acked-by: Michael Walle <michael@walle.cc>
[Trivial conflicts resolved, reST markup fixed]
2021-05-12 18:20:25 +02:00
Thomas Huth
875bb7e35b Remove the deprecated moxie target
There are no known users of this CPU anymore, and there are no
binaries available online which could be used for regression tests,
so the code has likely completely bit-rotten already. It's been
marked as deprecated since two releases now and nobody spoke up
that there is still a need to keep it, thus let's remove it now.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210430160355.698194-1-thuth@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[Commit message typos fixed, trivial conflicts resolved]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2021-05-12 17:42:23 +02:00
Peter Maydell
d45a5270d0 Trivial patches pull request 20210503
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAmCPtbASHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L748I3wP/Al7yi77BMpts1t3lGMm7EBjKgkppnpr
 wZYEM68bJonvvGiEKQjexn1CUfnDcq7f5SZkzcUNLI4oP57pyywb4/gshN0k/Zz8
 uCDveMfnhbio2sqlXiMsH9TOhcv/4wtXAek/ghP7EOjkBvyXrAFIQ7eEPEB9cp+X
 xxs9DxqfWmrGB6vt7Er78zjfUETSMa+UrheVLwbRMhJcc0Bg8hT2DCn9Lw6IjfOy
 usWdrLTGc6qg1zdZzi8QR7jZ+bNx0h+aJLlm8M4cVitXq9v2wb3+6KdsOAeYioAE
 AsnClw0m8j/xtMh3g4/hB4oCxMj0jRdZ9GIGs8Didw5ZwkXTRvFM1GK1PHxqX4pF
 8xMW6Qq0bSUr4II6bPOukBUMUAnPYdkh+iHXsYSZG0I3u6VZLgMK3AXmKRukAYqe
 kQ1lcRe3Lwsp2h+jMBBsbCWhwYdA3THFO4YO31cUaZ191A7z57905QMbqJG/H3HB
 7IUBYBNbrhgysPsNBvY6Lr7yUJIocMgcfP36UHYcBPsDdZgjNCQZneJlkaRlQb8+
 CtUSF8D614EguzGsWaIn3uBSm9THKKLd1rSXCyTSgrXDI285mXlKmEWZvm236ew0
 OEmIz/Ach/R4268j76enYGa1aubsxnrphUfC3aePu0Wzd3QW4RxnCSq7wc4ARPw7
 WTL7J00P578h
 =aCeG
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-for-6.1-pull-request' into staging

Trivial patches pull request 20210503

# gpg: Signature made Mon 03 May 2021 09:34:56 BST
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/trivial-branch-for-6.1-pull-request: (23 commits)
  hw/rx/rx-gdbsim: Do not accept invalid memory size
  docs: More precisely describe memory-backend-*::id's user
  scripts: fix generation update-binfmts templates
  docs/system: Document the removal of "compat" property for POWER CPUs
  mc146818rtc: put it into the 'misc' category
  Do not include exec/address-spaces.h if it's not really necessary
  Do not include cpu.h if it's not really necessary
  Do not include hw/boards.h if it's not really necessary
  Do not include sysemu/sysemu.h if it's not really necessary
  hw: Do not include qemu/log.h if it is not necessary
  hw: Do not include hw/irq.h if it is not necessary
  hw: Do not include hw/sysbus.h if it is not necessary
  hw: Remove superfluous includes of hw/hw.h
  ui: Fix memory leak in qemu_xkeymap_mapping_table()
  hw/usb: Constify VMStateDescription
  hw/display/qxl: Constify VMStateDescription
  hw/arm: Constify VMStateDescription
  vmstate: Constify some VMStateDescriptions
  Fix typo in CFI build documentation
  hw/pcmcia: Do not register PCMCIA type if not required
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-05-05 13:52:00 +01:00
Thomas Huth
ee86213aa3 Do not include exec/address-spaces.h if it's not really necessary
Stop including exec/address-spaces.h in files that don't need it.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210416171314.2074665-5-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-05-02 17:24:51 +02:00
Thomas Huth
4c386f8064 Do not include sysemu/sysemu.h if it's not really necessary
Stop including sysemu/sysemu.h in files that don't need it.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20210416171314.2074665-2-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-05-02 17:24:50 +02:00
Cédric Le Goater
5fde7f10c0 tests/qtest: Rename m25p80 test in aspeed_smc test
The m25p80 test depends on the Aspeed SMC controller to test our
SPI-NOR flash support. Reflect this dependency by changing the name.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Message-Id: <20210407171637.777743-17-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2021-05-01 10:03:52 +02:00
Joel Stanley
666099520a tests/qtest: Add test for Aspeed HACE
This adds a test for the Aspeed Hash and Crypto (HACE) engine. It tests
the currently implemented behavior of the hash functionality.

The tests are similar, but are cut/pasted instead of broken out into a
common function so the assert machinery produces useful output when a
test fails.

Co-developed-by: Cédric Le Goater <clg@kaod.org>
Co-developed-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Joel Stanley <joel@jms.id.au>
Message-Id: <20210409000253.1475587-4-joel@jms.id.au>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
2021-05-01 10:03:51 +02:00
Mark Cave-Ayland
ce94fa7aa6 tests/qtest: add tests for am53c974 device
Use the autogenerated fuzzer test cases as the basis for a set of am53c974
regression tests.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20210407195801.685-13-mark.cave-ayland@ilande.co.uk>
2021-04-12 22:37:11 +01:00
Jason Wang
22317309df Revert "tests: Add tests for query-netdev command"
Several issues has been reported for query-netdev series. Consider
it's late in the rc, this reverts commit
3c3b656885.

Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-04-08 17:33:59 +08:00
Paolo Bonzini
90a66f4847 x86: rename oem-id and oem-table-id properties
After introducing non-scalar machine properties, it would be preferrable
to have a single acpitable property which includes both generic
information (such as the OEM ids) and custom tables currently
passed via -acpitable.

Do not saddle ourselves with legacy oem-id and oem-table-id
properties, instead mark them as experimental.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210402082128.13854-1-pbonzini@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-04-04 17:44:08 -04:00
Doug Evans
a62ee00aa0 net/npcm7xx_emc.c: Fix handling of receiving packets when RSDR not set
Turning REG_MCMDR_RXON is enough to start receiving packets.

Signed-off-by: Doug Evans <dje@google.com>
Message-id: 20210319195044.741821-1-dje@google.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-30 14:05:33 +01:00
Peter Maydell
b3566001d4 memory: Add offset_in_region to flatview_cb arguments
The function flatview_for_each_range() calls a callback for each
range in a FlatView.  Currently the callback gets the start and
length of the range and the MemoryRegion involved, but not the offset
within the MemoryRegion.  Add this to the callback's arguments; we're
going to want it for a new use in the next commit.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210318174823.18066-4-peter.maydell@linaro.org
2021-03-23 11:47:31 +00:00
Peter Maydell
d1e8cf77f1 memory: Make flatview_cb return bool, not int
The return value of the flatview_cb callback passed to the
flatview_for_each_range() function is zero if the iteration through
the ranges should continue, or non-zero to break out of it.  Use a
bool for this rather than int.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210318174823.18066-2-peter.maydell@linaro.org
2021-03-23 11:47:31 +00:00
Philippe Mathieu-Daudé
7d6a4f123e net/eth: Read ip6_ext_hdr_routing buffer before accessing it
We can't know the caller read enough data in the memory pointed
by ext_hdr to cast it as a ip6_ext_hdr_routing.
Declare rt_hdr on the stack and fill it again from the iovec.

Since we already checked there is enough data in the iovec buffer,
simply add an assert() call to consume the bytes_read variable.

This fix a 2 bytes buffer overrun in eth_parse_ipv6_hdr() reported
by QEMU fuzzer:

  $ cat << EOF | ./qemu-system-i386 -M pc-q35-5.0 \
    -accel qtest -monitor none \
    -serial none -nographic -qtest stdio
  outl 0xcf8 0x80001010
  outl 0xcfc 0xe1020000
  outl 0xcf8 0x80001004
  outw 0xcfc 0x7
  write 0x25 0x1 0x86
  write 0x26 0x1 0xdd
  write 0x4f 0x1 0x2b
  write 0xe1020030 0x4 0x190002e1
  write 0xe102003a 0x2 0x0807
  write 0xe1020048 0x4 0x12077cdd
  write 0xe1020400 0x4 0xba077cdd
  write 0xe1020420 0x4 0x190002e1
  write 0xe1020428 0x4 0x3509d807
  write 0xe1020438 0x1 0xe2
  EOF
  =================================================================
  ==2859770==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdef904902 at pc 0x561ceefa78de bp 0x7ffdef904820 sp 0x7ffdef904818
  READ of size 1 at 0x7ffdef904902 thread T0
      #0 0x561ceefa78dd in _eth_get_rss_ex_dst_addr net/eth.c:410:17
      #1 0x561ceefa41fb in eth_parse_ipv6_hdr net/eth.c:532:17
      #2 0x561cef7de639 in net_tx_pkt_parse_headers hw/net/net_tx_pkt.c:228:14
      #3 0x561cef7dbef4 in net_tx_pkt_parse hw/net/net_tx_pkt.c:273:9
      #4 0x561ceec29f22 in e1000e_process_tx_desc hw/net/e1000e_core.c:730:29
      #5 0x561ceec28eac in e1000e_start_xmit hw/net/e1000e_core.c:927:9
      #6 0x561ceec1baab in e1000e_set_tdt hw/net/e1000e_core.c:2444:9
      #7 0x561ceebf300e in e1000e_core_write hw/net/e1000e_core.c:3256:9
      #8 0x561cef3cd4cd in e1000e_mmio_write hw/net/e1000e.c:110:5

  Address 0x7ffdef904902 is located in stack of thread T0 at offset 34 in frame
      #0 0x561ceefa320f in eth_parse_ipv6_hdr net/eth.c:486

    This frame has 1 object(s):
      [32, 34) 'ext_hdr' (line 487) <== Memory access at offset 34 overflows this variable
  HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
        (longjmp and C++ exceptions *are* supported)
  SUMMARY: AddressSanitizer: stack-buffer-overflow net/eth.c:410:17 in _eth_get_rss_ex_dst_addr
  Shadow bytes around the buggy address:
    0x10003df188d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df188e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df188f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18910: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
  =>0x10003df18920:[02]f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x10003df18970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  Shadow byte legend (one shadow byte represents 8 application bytes):
    Addressable:           00
    Partially addressable: 01 02 03 04 05 06 07
    Stack left redzone:      f1
    Stack right redzone:     f3
  ==2859770==ABORTING

Add the corresponding qtest case with the fuzzer reproducer.

FWIW GCC 11 similarly reported:

  net/eth.c: In function 'eth_parse_ipv6_hdr':
  net/eth.c:410:15: error: array subscript 'struct ip6_ext_hdr_routing[0]' is partly outside array bounds of 'struct ip6_ext_hdr[1]' [-Werror=array-bounds]
    410 |     if ((rthdr->rtype == 2) && (rthdr->segleft == 1)) {
        |          ~~~~~^~~~~~~
  net/eth.c:485:24: note: while referencing 'ext_hdr'
    485 |     struct ip6_ext_hdr ext_hdr;
        |                        ^~~~~~~
  net/eth.c:410:38: error: array subscript 'struct ip6_ext_hdr_routing[0]' is partly outside array bounds of 'struct ip6_ext_hdr[1]' [-Werror=array-bounds]
    410 |     if ((rthdr->rtype == 2) && (rthdr->segleft == 1)) {
        |                                 ~~~~~^~~~~~~~~
  net/eth.c:485:24: note: while referencing 'ext_hdr'
    485 |     struct ip6_ext_hdr ext_hdr;
        |                        ^~~~~~~

Cc: qemu-stable@nongnu.org
Buglink: https://bugs.launchpad.net/qemu/+bug/1879531
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Reported-by: Miroslav Rezanina <mrezanin@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Miroslav Rezanina <mrezanin@redhat.com>
Fixes: eb700029c7 ("net_pkt: Extend packet abstraction as required by e1000e functionality")
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-22 17:34:31 +08:00
Peter Maydell
bdee969c0e * fixes for i386 TCG paging
* fixes for Hyper-V enlightenments
 * avoid uninitialized variable warning
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmBUt1QUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroNa+QgAjcOo9t4cP9CMAM+BwI3qe+iVo1Ug
 OzfLEtACd7BWeB7gZLzbX0ga926/ZQ5WJpgvKQmIdOOCM1PY07WbFogOkpk1B3IZ
 XyCSBneyqrlojSBsSzW3L//GNCyCD0aY8dIWPipsNenz5S/ObS7VMDzEoWOOElva
 wDctnxNRcGmRjs1HnXADyG3yBm8+vEhMImMXxTZdWAlxyL+wI/Aq+VdfkeAD47kZ
 uO0Z291KgYy3iyeZGxqJJJtVZGK8RPp8toM/ociMrk65gG+igctJdR/FRZY6SP7x
 2TkPoohJLwEehTBM7qP+36VVRvskwKwG/jwVxwORXFv4KNxBRaOCtaAMVQ==
 =OBel
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

* fixes for i386 TCG paging
* fixes for Hyper-V enlightenments
* avoid uninitialized variable warning

# gpg: Signature made Fri 19 Mar 2021 14:38:12 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream:
  tests/qtest: cleanup the testcase for bug 1878642
  hw/intc/i8259: Refactor pic_read_irq() to avoid uninitialized variable
  i386: Make migration fail when Hyper-V reenlightenment was enabled but 'user_tsc_khz' is unset
  i386: Fix 'hypercall_hypercall' typo
  target/i386: svm: do not discard high 32 bits of EXITINFO1
  target/i386: fail if toggling LA57 in 64-bit mode
  target/i386: allow modifying TCG phys-addr-bits
  qom: use qemu_printf to print help for user-creatable objects

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-19 18:01:17 +00:00
Paolo Bonzini
af05ffffd7 tests/qtest: cleanup the testcase for bug 1878642
Clean up the writes to the configuration space and the PM region, and
rename the test to lpc-ich9-test.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-19 10:37:46 -04:00
Markus Armbruster
9585376ab5 fuzz: Avoid deprecated misuse of -drive if=sd
qemu-fuzz-i386-target-generic-fuzz-sdhci-v3 uses -drive=sd where it
should use -drive if=none instead.  This prints a deprecation warning:

    $ ./build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-sdhci-v3 -runs=1 -seed=1
    [ASan warnings snipped...]
--> i386: -drive if=sd,index=0,file=null-co://,format=raw,id=mydrive: warning: bogus if=sd is deprecated, use if=none
    INFO: Seed: 1
    [More normal output snipped...]

Support for this usage will be gone soon.  Adjust the test.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20210319132008.1830950-1-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2021-03-19 15:18:43 +01:00
Kevin Wolf
9695c3af3a tests: Drop 'props' from object-add calls
The 'props' option has been deprecated in 5.0 in favour of a flattened
object-add command. Time to change our test cases to drop the deprecated
option.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2021-03-19 10:15:06 +01:00
Peter Maydell
1b507e55f8 Remove many old deprecated features
The following features have been deprecated for well over the 2
 release cycle we promise
 
   ``-drive file=json:{...{'driver':'file'}}`` (since 3.0)
   ``-vnc acl`` (since 4.0.0)
   ``-mon ...,control=readline,pretty=on|off`` (since 4.1)
   ``migrate_set_downtime`` and ``migrate_set_speed`` (since 2.8.0)
   ``query-named-block-nodes`` result ``encryption_key_missing`` (since 2.10.0)
   ``query-block`` result ``inserted.encryption_key_missing`` (since 2.10.0)
   ``migrate-set-cache-size`` and ``query-migrate-cache-size`` (since 2.11.0)
   ``query-named-block-nodes`` and ``query-block`` result dirty-bitmaps[i].status (since 4.0)
   ``query-cpus`` (since 2.12.0)
   ``query-cpus-fast`` ``arch`` output member (since 3.0.0)
   ``query-events`` (since 4.0)
   chardev client socket with ``wait`` option (since 4.0)
   ``acl_show``, ``acl_reset``, ``acl_policy``, ``acl_add``, ``acl_remove`` (since 4.0.0)
   ``ide-drive`` (since 4.2)
   ``scsi-disk`` (since 4.2)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmBTHBsACgkQvobrtBUQ
 T9/6cA//QVlWFvNJjmYuXMFOkYdokqde9W66iMO2vt+p3LSqlcxVa59+ZOcb5XWc
 7xYcZlDHEHRMe8DWrTwUyjftJ7Ild+/HY5Nz8NqDFvX08umIhC6qmzBSG64O3fU5
 KtSLWe+KfbUH2usmczQO1zGG8mSIAMnOdugpLln9W13v7X9NO4yC+/O36Mm8l4VK
 VEF+o9w7+s2l7QloLdhVe7RVOrqz6+9TFHx1+q1pPhMbzlv5vbfp9vIreiCgmqiO
 rPLXB4bjklktWSkJBe/2Jt7ixNQZrT0DfnCmshHJmmBxTCI1+b798Xy+7j9Dz8ER
 LzKHhlsilCv/jb8QKlIZSxvoDE02vAgwyVXlqxc7FdyaLmg/Emwr5LGUFHKCyhDR
 3hmJafNokdWPcHwBYwRTdbG1OlgKA+yHSBzQ4OnjsTsKrrzlBrm9B9DiDVABXadS
 5NnhvjZfaRmzjXZinf1th7fdMtLs4k+9XKn6szkrp2QhtlX9gyhkXuOhdwRVcyJB
 V/8dLZDdOB3Kpbu5DGlmmIzdHQx5bo/tQqZlvJJNmcOWe+TKwHg56WRUYQ3PFQZK
 M2A4XTd5kil6+PT7AnDHLoYAFdfScq6R32V38AI7S34kPrejftbSbDz8EVRXnrzj
 zzXGNWtSQpIDZGgNEg3Ta6aIf28TxLCA7nRhuPYIDcswlUsHn4c=
 =cFRH
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange-gitlab/tags/dep-many-pull-request' into staging

Remove many old deprecated features

The following features have been deprecated for well over the 2
release cycle we promise

  ``-drive file=json:{...{'driver':'file'}}`` (since 3.0)
  ``-vnc acl`` (since 4.0.0)
  ``-mon ...,control=readline,pretty=on|off`` (since 4.1)
  ``migrate_set_downtime`` and ``migrate_set_speed`` (since 2.8.0)
  ``query-named-block-nodes`` result ``encryption_key_missing`` (since 2.10.0)
  ``query-block`` result ``inserted.encryption_key_missing`` (since 2.10.0)
  ``migrate-set-cache-size`` and ``query-migrate-cache-size`` (since 2.11.0)
  ``query-named-block-nodes`` and ``query-block`` result dirty-bitmaps[i].status (since 4.0)
  ``query-cpus`` (since 2.12.0)
  ``query-cpus-fast`` ``arch`` output member (since 3.0.0)
  ``query-events`` (since 4.0)
  chardev client socket with ``wait`` option (since 4.0)
  ``acl_show``, ``acl_reset``, ``acl_policy``, ``acl_add``, ``acl_remove`` (since 4.0.0)
  ``ide-drive`` (since 4.2)
  ``scsi-disk`` (since 4.2)

# gpg: Signature made Thu 18 Mar 2021 09:23:39 GMT
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange-gitlab/tags/dep-many-pull-request:
  block: remove support for using "file" driver with block/char devices
  block: remove 'dirty-bitmaps' field from 'BlockInfo' struct
  block: remove dirty bitmaps 'status' field
  block: remove 'encryption_key_missing' flag from QAPI
  hw/scsi: remove 'scsi-disk' device
  hw/ide: remove 'ide-drive' device
  chardev: reject use of 'wait' flag for socket client chardevs
  machine: remove 'arch' field from 'query-cpus-fast' QMP command
  machine: remove 'query-cpus' QMP command
  migrate: remove QMP/HMP commands for speed, downtime and cache size
  monitor: remove 'query-events' QMP command
  monitor: raise error when 'pretty' option is used with HMP
  ui, monitor: remove deprecated VNC ACL option and HMP commands

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-18 19:00:50 +00:00
Daniel P. Berrangé
8af54b9172 machine: remove 'query-cpus' QMP command
The newer 'query-cpus-fast' command avoids side effects on the guest
execution. Note that some of the field names are different in the
'query-cpus-fast' command.

Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Tested-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-18 09:22:55 +00:00
Daniel P. Berrangé
cbde7be900 migrate: remove QMP/HMP commands for speed, downtime and cache size
The generic 'migrate_set_parameters' command handle all types of param.

Only the QMP commands were documented in the deprecations page, but the
rationale for deprecating applies equally to HMP, and the replacements
exist. Furthermore the HMP commands are just shims to the QMP commands,
so removing the latter breaks the former unless they get re-implemented.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-18 09:22:55 +00:00
Alexander Bulekov
25d309fb0d fuzz: configure a sparse-mem device, by default
The generic-fuzzer often provides randomized DMA addresses to
virtual-devices. For a 64-bit address-space, the chance of these
randomized addresses coinciding with RAM regions, is fairly small. Even
though the fuzzer's instrumentation eventually finds valid addresses,
this can take some-time, and slows-down fuzzing progress (especially,
when multiple DMA buffers are involved). To work around this, create
"fake" sparse-memory that spans all of the 64-bit address-space. Adjust
the DMA call-back to populate this sparse memory, correspondingly

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-16 14:30:30 -04:00
Alexander Bulekov
d7da0e5601 fuzz: add a am53c974 generic-fuzzer config
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-16 14:30:30 -04:00
Alexander Bulekov
d0614b8e7a fuzz: don't leave orphan llvm-symbolizers around
I noticed that with a sufficiently small timeout, the fuzzer fork-server
sometimes locks up. On closer inspection, the issue appeared to be
caused by entering our SIGALRM handler, while libfuzzer is in it's crash
handlers. Because libfuzzer relies on pipe communication with an
external child process to print out stack-traces, we shouldn't exit
early, and leave an orphan child. Check for children in the SIGALRM
handler to avoid this issue.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Acked-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-16 14:19:54 -04:00
Alexander Bulekov
e8a2a62106 fuzz: fix the pro100 generic-fuzzer config
The device-type names for the pro100 network cards, are i8255.. We were
matching "eepro", which catches the PCI PIO/MMIO regions for those
devices, however misses the actual PCI device, which we use to map the
BARs, before fuzzing. Fix that

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-16 14:19:54 -04:00
Philippe Mathieu-Daudé
b43957dcdd tests/qtest: Only run fuzz-virtio-scsi when virtio-scsi is available
This test fails when QEMU is built without the virtio-scsi device,
restrict it to its availability.

Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-16 14:19:54 -04:00
Philippe Mathieu-Daudé
c887d3339e tests/qtest: Only run fuzz-megasas-test if megasas device is available
This test fails when QEMU is built without the megasas device,
restrict it to its availability.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-16 14:19:54 -04:00
Alexey Kirillov
3c3b656885 tests: Add tests for query-netdev command
A simply qtest that checks for correct number of netdevs in the response
of the query-netdev.

Signed-off-by: Alexey Kirillov <lekiravi@yandex-team.ru>
Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-03-15 16:41:22 +08:00
Hao Wu
999be4a2d3 tests/qtest: Test PWM fan RPM using MFT in PWM test
This patch adds testing of PWM fan RPMs in the existing npcm7xx pwm
test. It tests whether the MFT module can measure correct fan values
for a PWM fan in NPCM7XX boards.

Reviewed-by: Doug Evans <dje@google.com>
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
Signed-off-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210311180855.149764-6-wuhaotsh@google.com
[PMM: fixed format strings for printing uint64_t]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-12 12:50:36 +00:00
Peter Maydell
6f34661b6c Pull request
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAmBJQHkSHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L748EdsP/2U2CGTM95tjDunTs9uZV/7zM6PWt85M
 vAPItNVU2jYPfzmaJN8twrzlj0PEDhvB9Q+OJjE4HEGxEbPcdblLg/R6Zs/EaWuY
 N6oKHPXnOnHb+e80UUJdiAq+Y5RUnJbb5L3ArycnVzBgws+Oj3DtqjB2VDccY4C/
 Gkt23tZ7ikU4958e5VBqW2NUUrr+BQO0mqsW+sbbeE3WPj75NQc6srvS3TWvsg7W
 OYEyVYwm52/q2W/1a3Knfv/YO6UU9NGMpGyDLD2kwQwKbgUWYLW2BiWVwOAUldo9
 De3nfKbKnFezLCZAZro20lfCa/aKwNGCOXWzlrKxqUQCmGYUx7gM1+3ahrSd5N0v
 zUgLdZm7O428ZHL6GujWGLA1UwwzpM9X3P3yo4c0S1J6fHypbI6a9jtewrUFvFgP
 TuQ7dp6cn2DTBYUcsrWilPHbTZMADYQNRD/xUtKqalYBEWy3FX5W75+OYBJKKh+X
 Qip68m6JBzgkszXhCcu6xlLb8ynZJr2VsHvtvIgf4NnLqNOIEgVLcMtoMZT8DPrp
 rIoRc5oUFz8zj5lHnJuLADBUvlCMqoCCoU3h2aqHwH8a7RGb180f+82BW9aBcb2u
 Jk+WgAhBUjWBBC97ReFgrINUD/qZRXVoOq8LthTuQSSyr/i1zq+oLM1F0EDXcMDm
 ssATku2IxL24
 =moUF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-for-6.0-pull-request' into staging

Pull request

# gpg: Signature made Wed 10 Mar 2021 21:56:09 GMT
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/trivial-branch-for-6.0-pull-request: (22 commits)
  sysemu: Let VMChangeStateHandler take boolean 'running' argument
  sysemu/runstate: Let runstate_is_running() return bool
  hw/lm32/Kconfig: Have MILKYMIST select LM32_DEVICES
  hw/lm32/Kconfig: Rename CONFIG_LM32 -> CONFIG_LM32_DEVICES
  hw/lm32/Kconfig: Introduce CONFIG_LM32_EVR for lm32-evr/uclinux boards
  qemu-common.h: Update copyright string to 2021
  tests/fp/fp-test: Replace the word 'blacklist'
  qemu-options: Replace the word 'blacklist'
  seccomp: Replace the word 'blacklist'
  scripts/tracetool: Replace the word 'whitelist'
  ui: Replace the word 'whitelist'
  virtio-gpu: Adjust code space style
  exec/memory: Use struct Object typedef
  fuzz-test: remove unneccessary debugging flags
  net: Use id_generate() in the network subsystem, too
  MAINTAINERS: Fix the location of tools manuals
  vhost_user_gpu: Drop dead check for g_malloc() failure
  backends/dbus-vmstate: Fix short read error handling
  target/hexagon/gen_tcg_funcs: Fix a typo
  hw/elf_ops: Fix a typo
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-11 18:55:27 +00:00
Peter Maydell
821e7ed167 * Add some missing gitlab-CI job dependencies
* Re-enable "make check SPEED=slow"
 * Improve the gitlab-pipeline-status script
 * Clean up inclusing of qtest.h headers
 * Improve libqos/qgraph documentation
 * Fix downloading problem in the acceptance tests
 * Remove deprecated target tilegx
 * Add new bsd-user maintainers
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmBHTZERHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbW1bA//Xkqv1MXiTllIp9/MaayzrCXE4QI1yosA
 onaEQWBuchw2oO/riyayskD516J5q0dyMlQAWx2tv9N1wFC+F8gUcP/q0zpckqhu
 79DyRj9upDYrCgmGUi+0O9qelv3f7VHB6B1bBZlJzA+W7WskrXYk97dXkezvGDQa
 a+D95upQiOLu2cxvEWTx+Z4Gz1R4NMM/JaudnMkNy/WECLOrEQr/bEgk60dwomO2
 Vdb2t1DLwmjFXXQgBvP5olVk/4vHGcDCMOD3gy8TTt7sNv3VR7re18rUdWnOQcB8
 hm3IRGLYZ/JYTqKutJ4QYpOFA1hUyKOLysi3Wj/jhuzV/n028izpPbeCsuWGZ1Ck
 QmdOdP/g8XZzPWekEEG+pL8gZgVM/HdJAm+Ameiwq2F6ybDXS75EgBzCjFC3p1kF
 KA6UFUD9tw2ZGIjy5vzJToTn4wtku6n9B9sP3nHeVQYbQtSFQhfQwP02NVM66dua
 PLSlIPP09jtmGS/LO9j+aw72bNhMJzpEORQvnoAOsbH8cgTpu6auzvKDg2+cMqGb
 pXBihfvhRvfk3RV8dn2nk929FS6hxybjW3aU9iZAG+Dg0YIPwFOk/w/awgbAjhYe
 bwywmRZSE1mkqm6brE8J1y6SORlcvontv6PLy5NYLe6gGHJex4j8U0zWKW0qDjNr
 hot+/3Mstsw=
 =8JHZ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/thuth-gitlab/tags/pull-request-2021-03-09' into staging

* Add some missing gitlab-CI job dependencies
* Re-enable "make check SPEED=slow"
* Improve the gitlab-pipeline-status script
* Clean up inclusing of qtest.h headers
* Improve libqos/qgraph documentation
* Fix downloading problem in the acceptance tests
* Remove deprecated target tilegx
* Add new bsd-user maintainers

# gpg: Signature made Tue 09 Mar 2021 10:27:29 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/thuth-gitlab/tags/pull-request-2021-03-09:
  bsd-user: Add new maintainers
  Remove deprecated target tilegx
  Acceptance Tests: restore filtering of tests by target arch
  Acceptance Tests: restore downloading of VM images
  docs/devel/qgraph: improve qgraph documentation
  libqos/qgraph: format qgraph comments for sphinx documentation
  scripts/ci/gitlab-pipeline-status: give more info when pipeline not found
  scripts/ci/gitlab-pipeline-status: give more information on failures
  scripts/ci/gitlab-pipeline-status: split utlity function for HTTP GET
  meson: Re-enable the possibility to run "make check SPEED=slow"
  docker: OpenSBI build job depends on OpenSBI container
  docker: EDK2 build job depends on EDK2 container
  docker: Alpine build job depends on Alpine container
  qtest: delete superfluous inclusions of qtest.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-10 17:22:45 +00:00
Peter Maydell
5c6295a45b target-arm queue:
* Add new mps3-an547 board
  * target/arm: Restrict v7A TCG cpus to TCG accel
  * Implement a Xilinx CSU DMA model
  * hw/timer/renesas_tmr: Fix use of uninitialized data in read_tcnt()
 -----BEGIN PGP SIGNATURE-----
 
 iQJMBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmBI0AQZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3n1WD/iXrX/YMZDrBOzP5h6sE5W/
 W5tiTJBCKskRW1HduJjObFFl29yuiTzYld7+zfOTQUFgecpCN8q7AHuN0y9Sg+9B
 cyHNHwseOfkHE4CGe2ImjmpYSZUUEkQBtCN2OmJjsaiEoK/eZCIErPw4JMUcusLL
 VPccPjXS92WtqQkGshNYribMOhZnuBcvX/LsT7IL8THDVPv8OECIeq8ewTZtLMe/
 l/x3D3PJ56q69EFMnYt6TS1cd9OtD7pw3Jnbfv0iStE/TiJQB92ft8H07kpE6KVI
 jhRkhyVBnrVI2deTFcFC+rZDQggzWGRVAbUzMikZOZycUML/zjJKEIGM2V6iCHmL
 bQMUOTR4GLFbVyabJ/IH6YoCFS+8hUboyQXQL0gOKtcJiryoDI3AjyKNjxRbIY3b
 qEV3xQYTtrS7mdrwQZqwH6Rs/54jDyX7eBNWfZwq4dOQKvnTQPQEj6iWmj4rOvma
 McWbhu6bAfU6ZINOxkr8HcG/AxF3IYw9Gtb8KRg7/87JRvNvxj++kqqjSRRLU4Co
 QUYuQnpd+ux7eSXKcRfnzd27iaZ++dKJMct4Gq8i0VASb+uk+xmkG2MiGEBVSJv8
 kIK5NLzDGjWjrZd366uAUtHBnWktP/5J4DKq1XKx0mtrkt7tbU6Oh90a7rSiOgur
 LtpGH4IPQDwp/YGXZD86
 =Qu2a
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210310' into staging

target-arm queue:
 * Add new mps3-an547 board
 * target/arm: Restrict v7A TCG cpus to TCG accel
 * Implement a Xilinx CSU DMA model
 * hw/timer/renesas_tmr: Fix use of uninitialized data in read_tcnt()

# gpg: Signature made Wed 10 Mar 2021 13:56:20 GMT
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20210310: (54 commits)
  hw/timer/renesas_tmr: Fix use of uninitialized data in read_tcnt()
  hw/timer/renesas_tmr: Prefix constants for CSS values with CSS_
  hw/ssi: xilinx_spips: Remove DMA related dead codes from zynqmp_spips
  hw/ssi: xilinx_spips: Clean up coding convention issues
  hw/arm: xlnx-zynqmp: Connect a Xilinx CSU DMA module for QSPI
  hw/arm: xlnx-zynqmp: Clean up coding convention issues
  hw/dma: Implement a Xilinx CSU DMA model
  target/arm: Restrict v7A TCG cpus to TCG accel
  tests/qtest/sse-timer-test: Test counter scaling changes
  tests/qtest/sse-timer-test: Test the system timer
  tests/qtest/sse-timer-test: Add simple test of the SSE counter
  docs/system/arm/mps2.rst: Document the new mps3-an547 board
  hw/arm/mps2-tz: Add new mps3-an547 board
  hw/arm/mps2-tz: Make initsvtor0 setting board-specific
  hw/arm/mps2-tz: Support running APB peripherals on different clock
  hw/misc/mps2-scc: Implement changes for AN547
  hw/misc/mps2-fpgaio: Support AN547 DBGCTRL register
  hw/misc/mps2-fpgaio: Fold counters subsection into main vmstate
  hw/arm/mps2-tz: Make UART overflow IRQ board-specific
  hw/arm/armsse: Add SSE-300 support
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-10 13:57:31 +00:00
Peter Maydell
a557b00469 Block layer patches:
- qemu-storage-daemon: add --pidfile option
 - qemu-storage-daemon: CLI error messages include the option name now
 - vhost-user-blk export: Misc fixes
 - docs: Improvements for qemu-storage-daemon documentation
 - parallels: load bitmap extension
 - backup-top: Don't crash on post-finalize accesses
 - Improve error messages related to node-name options
 - iotests improvements
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAmBGWHURHGt3b2xmQHJl
 ZGhhdC5jb20ACgkQfwmycsiPL9ZpyxAAk0gRiayMUidSzgvzU/CeUhzBsC4ayEkn
 dLtTZ8hl7cW/w3GjDK1Wri4MANRN/0YHjiLSzO38lfVpK0z8SJr5aU4CwhRlOKVm
 VWgx+OLlV4Azht9fMNF4SwUXgXhl7pUNiFMNnomb++gvqhjMCedDZcWlnVKhbuQ+
 O3TKGO4tToSGaXP85jCM4xukw5HZ//4QMYg6MH0gDk8ahfE2MhyTHz64oDp412os
 qhxvc4bU2S5xGLaBfLGhsc6VPQFKjblG704P/Y73zeoxq12A0L2Ru98WvrNaXw7Z
 m54jJUINiDkJ7ZOl6W04zdeiLvs3BOrNe+7mxawOTmdkBsLOKErrhrTO1gJmHHmX
 kJLWEh9VYWxVbvE7C3KQt9bclR6wt+aPup4X1XE8pHtocPVONVq5bvctrVgxgK0b
 btN06NcK+2jQxcQkG4MnBJ8S41qmxHyIEQlQWKyUWXvKt6zsFU/NuWKMQrAfYZZi
 5J+RPU/fB073LY4lpAgou0OP1/RIvQmi5zWzjWm/Qbp3JpgC+azcYvxn7UU7J71P
 +u8IEQ4+Q9s0gvXQAh/U8AQg2eOqAwEAyFUJl9wpPN56O03dbI8KyCV5ECIRJu49
 CC8uKlJxZkbw9ZBs11SAmm/0J64WcNb2AMWxDPC8Z6oQbVaRRRznoRwRP2H6odUu
 uBolS43+5cI=
 =eAjH
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- qemu-storage-daemon: add --pidfile option
- qemu-storage-daemon: CLI error messages include the option name now
- vhost-user-blk export: Misc fixes
- docs: Improvements for qemu-storage-daemon documentation
- parallels: load bitmap extension
- backup-top: Don't crash on post-finalize accesses
- Improve error messages related to node-name options
- iotests improvements

# gpg: Signature made Mon 08 Mar 2021 17:01:41 GMT
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (30 commits)
  blockdev: Clarify error messages pertaining to 'node-name'
  block: Clarify error messages pertaining to 'node-name'
  docs: qsd: Explain --export nbd,name=... default
  MAINTAINERS: update parallels block driver
  iotests: add parallels-read-bitmap test
  iotests.py: add unarchive_sample_image() helper
  parallels: support bitmap extension for read-only mode
  block/parallels: BDRVParallelsState: add cluster_size field
  parallels.txt: fix bitmap L1 table description
  qcow2-bitmap: make bytes_covered_by_bitmap_cluster() public
  block/export: port virtio-blk read/write range check
  block/export: port virtio-blk discard/write zeroes input validation
  block/export: fix vhost-user-blk export sector number calculation
  block/export: use VIRTIO_BLK_SECTOR_BITS
  block/export: fix blk_size double byteswap
  libqtest: add qtest_remove_abrt_handler()
  libqtest: add qtest_kill_qemu()
  libqtest: add qtest_socket_server()
  vhost-user-blk: fix blkcfg->num_queues endianness
  docs: replace insecure /tmp examples in qsd docs
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-09 21:31:18 +00:00
Alexander Bulekov
c8ffacbf7c fuzz-test: remove unneccessary debugging flags
These flags cause the output to look strange for 'make check', and
they aren't needed to reproduce bugs, if they reappear.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210216181316.794276-1-alxndr@bu.edu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2021-03-09 21:48:53 +01:00
Emanuele Giuseppe Esposito
222455ef81 libqos/qgraph: format qgraph comments for sphinx documentation
Change documentation style and fix minor typos in tests/qtest/libqos/qgraph.h
to automatically generate sphinx documentation in docs/devel/qgraph.rst

The mechanism explanation that once was in qgraph.h is now moved to qgraph.rst

There is no functional change intended.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Message-Id: <20210308073240.6363-1-eesposit@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-03-09 11:26:31 +01:00
Peter Maydell
bf7ca80386 tests/qtest/sse-timer-test: Test counter scaling changes
Test that when we change the scaling of the system counter that the
system timer responds appropriately.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2021-03-08 17:20:03 +00:00
Peter Maydell
f277d1c373 tests/qtest/sse-timer-test: Test the system timer
Add a test which tests various parts of the functionality of the
SSE system timer.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2021-03-08 17:20:03 +00:00
Peter Maydell
1eca58aa1d tests/qtest/sse-timer-test: Add simple test of the SSE counter
Add a simple qtest to exercise the new system counter device in the
SSE-300.

We'll add tests of the system timer device here too, so this includes
scaffolding (register definitions, etc) for those.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210219144617.4782-45-peter.maydell@linaro.org
2021-03-08 17:20:03 +00:00
Stefan Hajnoczi
e1fa7f5591 libqtest: add qtest_remove_abrt_handler()
Add a function to remove previously-added abrt handler functions.

Now that a symmetric pair of add/remove functions exists we can also
balance the SIGABRT handler installation. The signal handler was
installed each time qtest_add_abrt_handler() was called. Now it is
installed when the abrt handler list becomes non-empty and removed again
when the list becomes empty.

The qtest_remove_abrt_handler() function will be used by
vhost-user-blk-test.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20210223144653.811468-5-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-03-08 14:55:19 +01:00
Stefan Hajnoczi
7a23c52376 libqtest: add qtest_kill_qemu()
Tests that manage multiple processes may wish to kill QEMU before
destroying the QTestState. Expose a function to do that.

The vhost-user-blk-test testcase will need this.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20210223144653.811468-4-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-03-08 14:55:19 +01:00
Stefan Hajnoczi
9fb7bb0698 libqtest: add qtest_socket_server()
Add an API that returns a new UNIX domain socket in the listen state.
The code for this was already there but only used internally in
init_socket().

This new API will be used by vhost-user-blk-test.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20210223144653.811468-3-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2021-03-08 14:55:19 +01:00
Peter Maydell
0436c55edf * fix tracing vs -daemonize (Daniel)
* detect invalid CFI configuration (Daniele)
 * 32-bit PVH fix (David)
 * forward SCSI passthrough host-status to the SCSI HBA (Hannes)
 * detect ill-formed id in QMP object-add (Kevin)
 * miscellaneous bugfixes and cleanups (Keqian, Kostiantyn, myself, Peng Liang)
 * add nodelay option for chardev (myself)
 * deprecate -M kernel-irqchip=off on x86 (myself)
 * keep .d files (myself)
 * Fix -trace file (myself)
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmBDXMAUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroPYPwf/YeM8TYqCFCt3Th4Ap2IuMqI/7HRq
 iNFlKWfM2S7Gk87RaNINL96MHadOteeYSQLuh4Y6FHL1OGpWX2ZByXR//z2DARLC
 AuV1IncevVyQiSDQzwZj6BU7G4b8xSU3Ey5yseYv+hjUhVbiscDvpioV2USkUvD5
 IJFXwL5+eRAOGma0SAcumgwu5xc5/GGh5D63vZ0R7q5eDCu69Q6/ZYvK93b6+TP7
 GWboGJFcbTvYku56S4ip8VdEzxiNhfQgGNa3nNDx4ejiTt4mYAft7wy+j/iQjPW9
 P0y4AYuvInCrUy1RBR1BqAE+ZXNxqby3AQ0ZTujG+YMiWLIvz5FZtGEvyg==
 =aCET
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

* fix tracing vs -daemonize (Daniel)
* detect invalid CFI configuration (Daniele)
* 32-bit PVH fix (David)
* forward SCSI passthrough host-status to the SCSI HBA (Hannes)
* detect ill-formed id in QMP object-add (Kevin)
* miscellaneous bugfixes and cleanups (Keqian, Kostiantyn, myself, Peng Liang)
* add nodelay option for chardev (myself)
* deprecate -M kernel-irqchip=off on x86 (myself)
* keep .d files (myself)
* Fix -trace file (myself)

# gpg: Signature made Sat 06 Mar 2021 10:43:12 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream: (23 commits)
  meson: Stop if cfi is enabled with system slirp
  trace: skip qemu_set_log_filename if no "-D" option was passed
  trace: fix "-trace file=..."
  meson: adjust timeouts for some slower tests
  build-sys: invoke ninja with -d keepdepfile
  qemu-option: do not suggest using the delay option
  scsi: move host_status handling into SCSI drivers
  scsi: inline sg_io_sense_from_errno() into the callers.
  scsi-generic: do not snoop the output of failed commands
  scsi: Add mapping for generic SCSI_HOST status to sense codes
  scsi: Rename linux-specific SG_ERR codes to generic SCSI_HOST error codes
  qemu-config: add error propagation to qemu_config_parse
  x86/pvh: extract only 4 bytes of start address for 32 bit kernels
  elf_ops: correct loading of 32 bit PVH kernel
  lsilogic: Use PCIDevice::exit instead of DeviceState::unrealize
  accel: kvm: Add aligment assert for kvm_log_clear_one_slot
  accel: kvm: Fix memory waste under mismatch page size
  vl.c: do not execute trace_init_backends() before daemonizing
  qom: Check for wellformed id in user_creatable_add_type()
  chardev: add nodelay option
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-08 13:51:41 +00:00
Paolo Bonzini
dc1d91ac56 meson: adjust timeouts for some slower tests
Adjust the timeouts for the benchmarks (Meson 0.57 allows 0 to mean
infinite) and for the longest running tests.  These are the
times that I measured and the corresponding timeouts.  For generic
qtests, the target that reported the longest runtime is included.

unit tests:
    test-crypto-tlscredsx509        13.15s   45s
    test-crypto-tlssession          14.12s   45s

qtests:
    qos-test                        21.26s   60s   (i386)
    ahci-test                       22.18s   60s
    pxe-test                        26.51s   60s
    boot-serial-test                28.02s   60s   (sparc)
    prom-env-test                   28.86s   60s
    bios-tables-test                50.17s   120s   (aarch64)
    test-hmp                        57.15s   120s   (aarch64)
    npcm7xx_pwm-test                71.27s   150s
    migration-test                  97.09s   150s  (aarch64)
    qom-test                        139.20s  240s  (aarch64)

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-03-06 11:42:57 +01:00
Doug Evans
e6646167cc tests/qtests: Add npcm7xx emc model test
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Reviewed-by: Avi Fishman <avi.fishman@nuvoton.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Doug Evans <dje@google.com>
Message-id: 20210218212453.831406-4-dje@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-05 15:17:34 +00:00
Peter Maydell
07dbfdd290 * fix --enable-fuzzing linker failures (Alexander)
* target/i386: Add bus lock debug exception support (Chenyi)
 * update documentation for preferred boolean option syntax (Daniel)
 * make SCSI io_timeout configurable (Hannes)
 * fix handling of guest recoverable SCSI errors (myself)
 * misc fixes (Pavel, Zheng Zhan Liang, Zihao)
 * fix installation of binaries with entitlements (Akihiko)
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmA3tzQUHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroMsngf+OkbgTDouxq3qnn1K89n6j2wKlAj0
 qPP+57o1sv5u5MjX0BkawXCMJfvTKJaOt/Cs8S0FaPTehfR5H0T2tL76KZBEdlEP
 /+V3EC0Qmd1S47LKIOuDkV15szvnccyjpgwaL7Osjb0Eh0SxeXd4pBTc3yYtkacu
 zb/srZ63U2iJZr93QwGmEJjuW57WNym6QWXF3Mrg9PFXybkXFTGumB2vZMlQc+MN
 RWPTUKZKAiIr/HfdvpIETXY+HzJhylvIQ8OVWtM3XDorl48OWcOat/jyeNEVYgG3
 o+gxIRnfvIL+42GkmUFbOKLzT5SV6p9EYYGLTuE1kU7nc6HWoD0CdPxA3A==
 =UBVO
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

* fix --enable-fuzzing linker failures (Alexander)
* target/i386: Add bus lock debug exception support (Chenyi)
* update documentation for preferred boolean option syntax (Daniel)
* make SCSI io_timeout configurable (Hannes)
* fix handling of guest recoverable SCSI errors (myself)
* misc fixes (Pavel, Zheng Zhan Liang, Zihao)
* fix installation of binaries with entitlements (Akihiko)

# gpg: Signature made Thu 25 Feb 2021 14:41:56 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream: (29 commits)
  tcg/i386: rdpmc: fix the the condtions
  chardev: do not use short form boolean options in non-QemuOpts character device descriptions
  vl: deprecate -writeconfig
  target/i386: Add bus lock debug exception support
  qom/object.c: Fix typo
  target/i386: update to show preferred boolean syntax for -cpu
  docs: update to show preferred boolean syntax for -cpu
  docs: update to show preferred boolean syntax for -vnc
  docs: update to show preferred boolean syntax for -chardev
  qemu-options: update to show preferred boolean syntax for -vnc
  qemu-options: update to show preferred boolean syntax for -incoming
  qemu-options: update to show preferred boolean syntax for -netdev
  qemu-options: update to show preferred boolean syntax for -spice
  qemu-options: update to show preferred boolean syntax for -chardev
  gdbstub: use preferred boolean option syntax
  char: don't fail when client is not connected
  scsi: drop 'result' argument from command_complete callback
  scsi-disk: pass guest recoverable errors through even for rerror=stop
  scsi-disk: pass SCSI status to scsi_handle_rw_error
  scsi: introduce scsi_sense_from_errno()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-03-02 15:17:45 +00:00
Daniel P. Berrangé
b7d77f5a8e target/i386: update to show preferred boolean syntax for -cpu
The preferred syntax is to use "foo=on|off", rather than a bare
"+foo" or "-foo"

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210216191027.595031-11-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-02-25 14:14:33 +01:00
Isaku Yamahata
7b630d937a qtest/acpi/bios-tables-test: update acpi tables
update golden master acpi tables and empty
bios-tables-test-allowed-diff.h.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <de5a7f88563d39ed0cec34ff1d4cd6a1bdc927f0.1613615732.git.isaku.yamahata@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-02-23 10:58:42 -05:00
Isaku Yamahata
9a70e04359 acpi: add test case for -no-hpet
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <5ef9a81e49793afb42ffd19bbf1f44e269c65e93.1613615732.git.isaku.yamahata@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-02-23 10:58:42 -05:00
Isaku Yamahata
0dabb2e802 acpi: add test case for smm unsupported -machine smm=off
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <22f774a51255af1608b07b00b257af426adcf4ab.1613615732.git.isaku.yamahata@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-02-23 10:58:42 -05:00
Isaku Yamahata
7995d9a399 qtest: update tests/qtest/bios-tables-test-allowed-diff.h
The following tests will modify acpi tables.
prepare qtests to allow acpi table change.
add new tables for new tests.
- tests/data/acpi/pc/DSDT.nohpet
- tests/data/acpi/pc/FACP.nosmm
- tests/data/acpi/q35/DSDT.nohpet
- tests/data/acpi/q35/FACP.nosmm

Acked-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Message-Id: <c8285f54deab362ed839d31f0fb5bb590ab71fdd.1613615732.git.isaku.yamahata@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-02-23 10:58:42 -05:00
Xingang Wang
2182e4058c tests/data/acpi/virt/DSDT.pxb: update with _CCA
Update expected DSDT files accordingly, and re-enable their testing.
diff of disassembly of changed expected files:

    diff -ru -IDisassembly old/tests/data/acpi/virt/DSDT.pxb.dsl new/tests/data/acpi/virt/DSDT.pxb.dsl
    --- old/tests/data/acpi/virt/DSDT.pxb.dsl       2021-02-23 09:54:18.566781350 -0500
    +++ new/tests/data/acpi/virt/DSDT.pxb.dsl       2021-02-23 09:57:51.952816428 -0500
                 Name (_BBN, 0x80)  // _BBN: BIOS Bus Number
                 Name (_UID, 0x80)  // _UID: Unique ID
                 Name (_STR, Unicode ("pxb Device"))  // _STR: Description String
    +            Name (_CCA, One)  // _CCA: Cache Coherency Attribute
                 Name (_PRT, Package (0x80)  // _PRT: PCI Routing Table
                 {
                     Package (0x04)

Signed-off-by: Jiahui Cen <cenjiahui@huawei.com>
Signed-off-by: Xingang Wang <wangxingang5@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-02-23 10:58:42 -05:00
Xingang Wang
451730cfe4 acpi: Allow pxb DSDT acpi table changes
Signed-off-by: Jiahui Cen <cenjiahui@huawei.com>
Signed-off-by: Xingang Wang <wangxingang5@huawei.com>
Message-Id: <1612490205-48788-2-git-send-email-wangxingang5@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2021-02-23 10:06:55 -05:00
Thomas Huth
45d10d724b tests/qtest/boot-sector: Check that the guest did not panic
The s390-ccw bios code panics if it can not boot successfully. In
this case, it does not make sense that we wait the full 600 seconds
for the boot sector test to finish and can signal the failure
immediately, thus let's check the status of the guest with the
"query-status" QMP command here, too.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20210212113141.854871-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-02-19 06:29:05 +01:00
Philippe Mathieu-Daudé
421954f43b tests/qtest/boot-serial-test: Test Virt machine with 'max'
When using KVM, using a specific cpu type will only work if the
host CPU really is that exact CPU type.

During testing we can simply use the 'max' CPU which will select
all the features available from the host.

This allow running this test on a Cavium CN8890 (ThunderX cores).

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210205144345.2068758-4-f4bug@amsat.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-02-19 06:29:04 +01:00
Peter Maydell
f0f75dc174 * HVF fixes
* Extra qos-test debugging output (Christian)
 * SEV secret address autodetection (James)
 * SEV-ES support (Thomas)
 * Relocatable paths bugfix (Stefan)
 * RR fix (Pavel)
 * EventNotifier fix (Greg)
 -----BEGIN PGP SIGNATURE-----
 
 iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmAr778UHHBib256aW5p
 QHJlZGhhdC5jb20ACgkQv/vSX3jHroNVLwf/V3lb/HbyqFkhacB9eqEsEXGC3Hdp
 hU4J11P3lGS84muByxCdfw1axCGZ5x2cJmJSE71LfCcHXxEQSx4FmfxX5xeKbp1n
 vHPJ1XKhsFkOYA2O6mCW4yynTfizmp+JK36wwjmG3BEXTMMC5o2V8gAnzkP1sT9l
 0h454CtPq2lD0upgVIvI7AStpWXZwysh0hQEDk8TsIfFfzLNs+MJyvlPGn4pj+kN
 k+G3475FinPdncIBGsnRNMfiBmA4/L0L4lriQzZPV57lDfZ8sJkrmh1+/JfK6vsb
 FWIe6Suior6JGorzATbXrFhmNJ+FxNNEmlzSdqRxRz7CDv0SDZb7Ckv37Q==
 =FDIr
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

* HVF fixes
* Extra qos-test debugging output (Christian)
* SEV secret address autodetection (James)
* SEV-ES support (Thomas)
* Relocatable paths bugfix (Stefan)
* RR fix (Pavel)
* EventNotifier fix (Greg)

# gpg: Signature made Tue 16 Feb 2021 16:15:59 GMT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream: (21 commits)
  replay: fix icount request when replaying clock access
  event_notifier: Set ->initialized earlier in event_notifier_init()
  hvf: Fetch cr4 before evaluating CPUID(1)
  target/i386/hvf: add rdmsr 35H MSR_CORE_THREAD_COUNT
  hvf: x86: Remove unused definitions
  target/i386/hvf: add vmware-cpuid-freq cpu feature
  hvf: Guard xgetbv call
  util/cutils: Skip "." when looking for next directory component
  tests/qtest/qos-test: dump QEMU command if verbose
  tests/qtest/qos-test: dump environment variables if verbose
  tests/qtest/qos-test: dump qos graph if verbose
  libqos/qgraph_internal: add qos_printf() and qos_printf_literal()
  libqos/qgraph: add qos_node_create_driver_named()
  sev/i386: Enable an SEV-ES guest based on SEV policy
  kvm/i386: Use a per-VM check for SMM capability
  sev/i386: Don't allow a system reset under an SEV-ES guest
  sev/i386: Allow AP booting under SEV-ES
  sev/i386: Require in-kernel irqchip support for SEV-ES guests
  sev/i386: Add initial support for SEV-ES
  sev: update sev-inject-launch-secret to make gpa optional
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-02-17 13:04:48 +00:00