Commit Graph

113791 Commits

Author SHA1 Message Date
Phil Dennis-Jordan
3e2c6727cb i386/hvf: Fixes dirty memory tracking by page granularity RX->RWX change
When using x86 macOS Hypervisor.framework as accelerator, detection of
dirty memory regions is implemented by marking logged memory region
slots as read-only in the EPT, then setting the dirty flag when a
guest write causes a fault. The area marked dirty should then be marked
writable in order for subsequent writes to succeed without a VM exit.

However, dirty bits are tracked on a per-page basis, whereas the fault
handler was marking the whole logged memory region as writable. This
change fixes the fault handler so only the protection of the single
faulting page is marked as dirty.

(Note: the dirty page tracking appeared to work despite this error
because HVF’s hv_vcpu_run() function generated unnecessary EPT fault
exits, which ended up causing the dirty marking handler to run even
when the memory region had been marked RW. When using
hv_vcpu_run_until(), a change planned for a subsequent commit, these
spurious exits no longer occur, so dirty memory tracking malfunctions.)

Additionally, the dirty page is set to permit code execution, the same
as all other guest memory; changing memory protection from RX to RW not
RWX appears to have been an oversight.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Reviewed-by: Roman Bolshakov <roman@roolebo.dev>
Tested-by: Roman Bolshakov <roman@roolebo.dev>
Message-ID: <20240605112556.43193-5-phil@philjordan.eu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Phil Dennis-Jordan
f21f0cbc2c hvf: Consistent types for vCPU handles
macOS Hypervisor.framework uses different types for identifying vCPUs, hv_vcpu_t or hv_vcpuid_t, depending on host architecture. They are not just differently named typedefs for the same primitive type, but reference different-width integers.

Instead of using an integer type and casting where necessary, this change introduces a typedef which resolves the active architecture’s hvf typedef. It also removes a now-unnecessary cast.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Reviewed-by: Roman Bolshakov <roman@roolebo.dev>
Tested-by: Roman Bolshakov <roman@roolebo.dev>
Message-ID: <20240605112556.43193-4-phil@philjordan.eu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Phil Dennis-Jordan
0e4e622e32 i386/hvf: Fixes some compilation warnings
A bunch of function definitions used empty parentheses instead of (void) syntax, yielding the following warning when building with clang on macOS:

warning: a function declaration without a prototype is deprecated in all versions of C [-Wstrict-prototypes]

In addition to fixing these function headers, it also fixes what appears to be a typo causing a variable to be unused after initialisation.

warning: variable 'entry_ctls' set but not used [-Wunused-but-set-variable]

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Reviewed-by: Roman Bolshakov <roman@roolebo.dev>
Tested-by: Roman Bolshakov <roman@roolebo.dev>
Message-ID: <20240605112556.43193-3-phil@philjordan.eu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Phil Dennis-Jordan
9c267239c7 i386/hvf: Adds support for INVTSC cpuid bit
This patch adds the INVTSC bit to the Hypervisor.framework accelerator's
CPUID bit passthrough allow-list. Previously, specifying +invtsc in the CPU
configuration would fail with the following warning despite the host CPU
advertising the feature:

qemu-system-x86_64: warning: host doesn't support requested feature:
CPUID.80000007H:EDX.invtsc [bit 8]

x86 macOS itself relies on a fixed rate TSC for its own Mach absolute time
timestamp mechanism, so there's no reason we can't enable this bit for guests.
When the feature is enabled, a migration blocker is installed.

Signed-off-by: Phil Dennis-Jordan <phil@philjordan.eu>
Reviewed-by: Roman Bolshakov <roman@roolebo.dev>
Tested-by: Roman Bolshakov <roman@roolebo.dev>
Message-ID: <20240605112556.43193-2-phil@philjordan.eu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Zhao Liu
fcce5287c0 stubs/meson: Fix qemuutil build when --disable-system
Compiling without system, user, tools or guest-agent fails with the
following error message:

./configure --disable-system --disable-user --disable-tools \
--disable-guest-agent

error message:

/usr/bin/ld: libqemuutil.a.p/util_error-report.c.o: in function `error_printf':
/media/liuzhao/data/qemu-cook/build/../util/error-report.c:38: undefined reference to `error_vprintf'
/usr/bin/ld: libqemuutil.a.p/util_error-report.c.o: in function `vreport':
/media/liuzhao/data/qemu-cook/build/../util/error-report.c:215: undefined reference to `error_vprintf'
collect2: error: ld returned 1 exit status

This is because tests/bench and tests/unit both need qemuutil, which
requires error_vprintf stub when system is disabled.

Add error_vprintf stub into stub_ss for all cases other than disabling
system.

Fixes: 3a15604900 ("stubs: include stubs only if needed")
Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Message-ID: <20240605152549.1795762-1-zhao1.liu@intel.com>
[Include error-printf.c unconditionally. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Kevin Wolf
75997e182b scsi-disk: Don't silently truncate serial number
Before this commit, scsi-disk accepts a string of arbitrary length for
its "serial" property. However, the value visible on the guest is
actually truncated to 36 characters. This limitation doesn't come from
the SCSI specification, it is an arbitrary limit that was initially
picked as 20 and later bumped to 36 by commit 48b62063.

Similarly, device_id was introduced as a copy of the serial number,
limited to 20 characters, but commit 48b62063 forgot to actually bump
it.

As long as we silently truncate the given string, extending the limit is
actually not a harmless change, but break the guest ABI. This is the
most important reason why commit 48b62063 was really wrong (and it's
also why we can't change device_id to be in sync with the serial number
again and use 36 characters now, it would be another guest ABI
breakage).

In order to avoid future breakage, don't silently truncate the serial
number string any more, but just error out if it would be truncated.

Buglink: https://issues.redhat.com/browse/RHEL-3542
Suggested-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240604161755.63448-1-kwolf@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
5becdc0ab0 hostmem: simplify the code for merge and dump properties
No semantic change, just simpler control flow.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
a2b6a96505 machine, hostmem: improve error messages for unsupported features
Detect early unsupported MADV_MERGEABLE and MADV_DONTDUMP, and print a clearer
error message that points to the deficiency of the host.

Cc: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Michal Privoznik
5d9a9a6170 backends/hostmem: Report error when memory size is unaligned
If memory-backend-{file,ram} has a size that's not aligned to
underlying page size it is not only wasteful, but also may lead
to hard to debug behaviour. For instance, in case
memory-backend-file and hugepages, madvise() and mbind() fail.
Rightfully so, page is the smallest unit they can work with. And
even though an error is reported, the root cause it not very
clear:

  qemu-system-x86_64: Couldn't set property 'dump' on 'memory-backend-file': Invalid argument

After this commit:

  qemu-system-x86_64: backend 'memory-backend-file' memory size must be multiple of 2 MiB

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Mario Casquero <mcasquer@redhat.com>
Message-ID: <b5b9f9c6bba07879fb43f3c6f496c69867ae3716.1717584048.git.mprivozn@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Michal Privoznik
210b7b2b3c osdep: Make qemu_madvise() return ENOSYS on unsupported OSes
Not every OS is capable of madvise() or posix_madvise() even. In
that case, errno should be set to ENOSYS as it reflects the cause
better.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-ID: <b381c23bd8f413f1453a2c1a66e0979beaf27433.1717584048.git.mprivozn@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Michal Privoznik
bfb8c79f89 osdep: Make qemu_madvise() to set errno in all cases
The unspoken premise of qemu_madvise() is that errno is set on
error. And it is mostly the case except for posix_madvise() which
is documented to return either zero (on success) or a positive
error number. This means, we must set errno ourselves. And while
at it, make the function return a negative value on error, just
like other error paths do.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-ID: <af17113e7c1f2cc909ffd36d23f5a411b63b8764.1717584048.git.mprivozn@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Michal Privoznik
12d7d0c249 meson: Don't even detect posix_madvise() on Darwin
On Darwin, posix_madvise() has the same return semantics as plain
madvise() [1]. That's not really what our usage expects.
Fortunately, madvise() is available and preferred anyways so we
may stop detecting posix_madvise() on Darwin.

1: https://opensource.apple.com/source/xnu/xnu-7195.81.3/bsd/man/man2/madvise.2.auto.html

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Message-ID: <00f71753bdeb8c0f049fda05fb63b84bb5502fb3.1717584048.git.mprivozn@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
75dbebddb6 machine: default -M mem-merge to off is QEMU_MADV_MERGEABLE is not available
Otherwise, starting any guest on a non-Linux guests results in

qemu-system-arm: Couldn't set property 'merge' on 'memory-backend-ram': Invalid argument

Cc: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Mark Cave-Ayland
3973615e7f target/i386: fix size of EBP writeback in gen_enter()
The calculation of FrameTemp is done using the size indicated by mo_pushpop()
before being written back to EBP, but the final writeback to EBP is done using
the size indicated by mo_stacksize().

In the case where mo_pushpop() is MO_32 and mo_stacksize() is MO_16 then the
final writeback to EBP is done using MO_16 which can leave junk in the top
16-bits of EBP after executing ENTER.

Change the writeback of EBP to use the same size indicated by mo_pushpop() to
ensure that the full value is written back.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198
Message-ID: <20240606095319.229650-5-mark.cave-ayland@ilande.co.uk>
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Mark Cave-Ayland
f1b8613da3 target/i386: fix SP when taking a memory fault during POP
When OS/2 Warp configures its segment descriptors, many of them are configured with
the P flag clear to allow for a fault-on-demand implementation. In the case where
the stack value is POPped into the segment registers, the SP is incremented before
calling gen_helper_load_seg() to validate the segment descriptor:

IN:
0xffef2c0c:  66 07                    popl     %es

OP:
 ld_i32 loc9,env,$0xfffffffffffffff8
 sub_i32 loc9,loc9,$0x1
 brcond_i32 loc9,$0x0,lt,$L0
 st16_i32 loc9,env,$0xfffffffffffffff8
 st8_i32 $0x1,env,$0xfffffffffffffffc

 ---- 0000000000000c0c 0000000000000000
 ext16u_i64 loc0,rsp
 add_i64 loc0,loc0,ss_base
 ext32u_i64 loc0,loc0
 qemu_ld_a64_i64 loc0,loc0,noat+un+leul,5
 add_i64 loc3,rsp,$0x4
 deposit_i64 rsp,rsp,loc3,$0x0,$0x10
 extrl_i64_i32 loc5,loc0
 call load_seg,$0x0,$0,env,$0x0,loc5
 add_i64 rip,rip,$0x2
 ext16u_i64 rip,rip
 exit_tb $0x0
 set_label $L0
 exit_tb $0x7fff58000043

If helper_load_seg() generates a fault when validating the segment descriptor then as
the SP has already been incremented, the topmost word of the stack is overwritten by
the arguments pushed onto the stack by the CPU before taking the fault handler. As a
consequence things rapidly go wrong upon return from the fault handler due to the
corrupted stack.

Update the logic for the existing writeback condition so that a POP into the segment
registers also calls helper_load_seg() first before incrementing the SP, so that if a
fault occurs the SP remains unaltered.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2198
Message-ID: <20240606095319.229650-4-mark.cave-ayland@ilande.co.uk>
Fixes: cc1d28bdbe ("target/i386: move 00-5F opcodes to new decoder", 2024-05-07)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Mark Cave-Ayland
aea49fbb01 target/i386: use gen_writeback() within gen_POP()
Instead of directly implementing the writeback using gen_op_st_v(), use the
existing gen_writeback() function.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-ID: <20240606095319.229650-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Mark Cave-Ayland
f41990f552 target/i386: use local X86DecodedOp in gen_POP()
This will make subsequent changes a little easier to read.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-ID: <20240606095319.229650-2-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
b37c0dc852 target/i386: document use of DISAS_NORETURN
DISAS_NORETURN suppresses the work normally done by gen_eob(), and therefore
must be used in special cases only.  Document them.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
cdc829b37d target/i386: document incorrect semantics of watchpoint following MOV/POP SS
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
6dd7d8c649 target/i386: fix TF/RF handling for HLT
HLT uses DISAS_NORETURN because the corresponding helper calls
cpu_loop_exit().  However, while gen_eob() clears HF_RF_MASK and
synthesizes a #DB exception if single-step is active, none of this is
done by HLT.  Note that the single-step trap is generated after the halt
is finished.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
3718523d01 target/i386: fix INHIBIT_IRQ/TF/RF handling for PAUSE
PAUSE uses DISAS_NORETURN because the corresponding helper
calls cpu_loop_exit().  However, while HLT clear HF_INHIBIT_IRQ_MASK
to correctly handle "STI; HLT", the same is missing from PAUSE.
And also gen_eob() clears HF_RF_MASK and synthesizes a #DB exception
if single-step is active; none of this is done by HLT and PAUSE.
Start fixing PAUSE, HLT will follow.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
1a150d331d target/i386: fix INHIBIT_IRQ/TF/RF handling for VMRUN
From vm entry to exit, VMRUN is handled as a single instruction.  It
uses DISAS_NORETURN in order to avoid processing TF or RF before
the first instruction executes in the guest.  However, the corresponding
handling is missing in vmexit.  Add it, and at the same time reorganize
the comments with quotes from the manual about the tasks performed
by a #VMEXIT.

Another gen_eob() task that is missing in VMRUN is preparing the
HF_INHIBIT_IRQ flag for the next instruction, in this case by loading
it from the VMCB control state.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
8aa76496df target/i386: disable/enable breakpoints on vmentry/vmexit
If the required DR7 (either from the VMCB or from the host save
area) disables a breakpoint that was enabled prior to vmentry
or vmexit, it is left enabled and will trigger EXCP_DEBUG.
This causes a spurious #DB on the next crossing of the breakpoint.

To disable it, vmentry/vmexit must use cpu_x86_update_dr7
to load DR7.

Because cpu_x86_update_dr7 takes a 32-bit argument, check
reserved bits prior to calling cpu_x86_update_dr7, and do the
same for DR6 as well for consistency.

This scenario is tested by the "host_rflags" test in kvm-unit-tests.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
57f8dbdbe9 target/i386: implement DR7.GD
DR7.GD triggers a #DB exception on any access to debug registers.
The GD bit is cleared so that the #DB handler itself can access
the debug registers.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
330e6adc1a target/i386: cleanup PAUSE helpers
Use decode.c's support for intercepts, doing the check in TCG-generated
code rather than the helper.  This is cleaner because it allows removing
the eip_addend argument to helper_pause(), even though it adds a bit of
bloat for opcode 0x90's new decoding function.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:38 +02:00
Paolo Bonzini
536032566b target/i386: cleanup HLT helpers
Use decode.c's support for intercepts, doing the check in TCG-generated
code rather than the helper.  This is cleaner because it allows removing
the eip_addend argument to helper_hlt().

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:37 +02:00
Paolo Bonzini
73fb7b3c49 target/i386: fix implementation of ICEBP
ICEBP generates a trap-like exception, while gen_exception() produces
a fault.  Resurrect gen_update_eip_next() to implement the desired
semantics.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:37 +02:00
Paolo Bonzini
69cb498c56 target/i386: fix pushed value of EFLAGS.RF
When preparing an exception stack frame for a fault exception, the value
pushed for RF is 1.  Take that into account.  The same should be true
of interrupts for repeated string instructions, but the situation there
is complicated.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-06-08 10:33:37 +02:00
Richard Henderson
dec9742cbc pull-loongarch-20240606
-----BEGIN PGP SIGNATURE-----
 
 iLMEAAEKAB0WIQS4/x2g0v3LLaCcbCxAov/yOSY+3wUCZmE0HwAKCRBAov/yOSY+
 396sA/90m/zr91pLQlkhFuYLHg958Ow3L5ysblcuAAmcTXGi8iE9IeTTeZru6WEO
 H/CL/njUkIgP+/Tio0n0Lx6rWkxOzGxWCpvzqrabsPGvs4GUtFEjI/2pvEWP6C9/
 S6Jon3py0oZeoVx8D6Tr/CJrhD0IBptbEn1aiQNDRuSzeuCo1Q==
 =xpjH
 -----END PGP SIGNATURE-----

Merge tag 'pull-loongarch-20240606' of https://gitlab.com/gaosong/qemu into staging

pull-loongarch-20240606

# -----BEGIN PGP SIGNATURE-----
#
# iLMEAAEKAB0WIQS4/x2g0v3LLaCcbCxAov/yOSY+3wUCZmE0HwAKCRBAov/yOSY+
# 396sA/90m/zr91pLQlkhFuYLHg958Ow3L5ysblcuAAmcTXGi8iE9IeTTeZru6WEO
# H/CL/njUkIgP+/Tio0n0Lx6rWkxOzGxWCpvzqrabsPGvs4GUtFEjI/2pvEWP6C9/
# S6Jon3py0oZeoVx8D6Tr/CJrhD0IBptbEn1aiQNDRuSzeuCo1Q==
# =xpjH
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 05 Jun 2024 08:59:27 PM PDT
# gpg:                using RSA key B8FF1DA0D2FDCB2DA09C6C2C40A2FFF239263EDF
# gpg: Good signature from "Song Gao <m17746591750@163.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B8FF 1DA0 D2FD CB2D A09C  6C2C 40A2 FFF2 3926 3EDF

* tag 'pull-loongarch-20240606' of https://gitlab.com/gaosong/qemu:
  target/loongarch: fix a wrong print in cpu dump
  hw/loongarch/virt: Enable extioi virt extension
  hw/loongarch/virt: Use MemTxAttrs interface for misc ops
  hw/intc/loongarch_extioi: Add extioi virt extension definition
  tests/qtest: Add numa test for loongarch system
  tests/libqos: Add loongarch virt machine node

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-06-06 11:54:46 -07:00
Richard Henderson
064f26ee39 testing cleanups (ci, vm, lcitool, ansible):
- clean up left over Centos 8 references
   - use -fno-sanitize=function to avoid non-useful errors
   - bump lcitool and update images (alpine, fedora)
   - make sure we have mingw-w64-tools for windows builds
   - drive ansible scripts with lcitool package lists
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmZhgb4ACgkQ+9DbCVqe
 KkQNMAf/eyGgbU6ASgbwGqiJCOrkWo8CM7G1dXZ5GpVvKVnlDioMaefFCWt3ftB6
 kKtiskC1xVx3vM1mmomosSGxTNxT93HMLulKJLXK8/SvOFU9phzzUeZXTqS7JKNb
 NrawL0vkygRn+mmTgr3M+Z7rh4yI9e7e2yeX+oQiXsSGGNM114EdcUqKG82tpO8G
 cDlNtlp2jgptNnmzQ7ufZIRD5ckg+2os6XFB+bhmfaWCu9PXTTNwBfLJkEnXENi3
 NpRHPRGsUwZ3QcGt0JLkxTT/yeHngYBP7us2cwMXuf9lxfFCF3Ixt1jF/9ZJRrRm
 wUYG6TBKh6S24cJSBiu1zguQ/EE7WA==
 =myWO
 -----END PGP SIGNATURE-----

Merge tag 'pull-maintainer-june24-060624-1' of https://gitlab.com/stsquad/qemu into staging

testing cleanups (ci, vm, lcitool, ansible):

  - clean up left over Centos 8 references
  - use -fno-sanitize=function to avoid non-useful errors
  - bump lcitool and update images (alpine, fedora)
  - make sure we have mingw-w64-tools for windows builds
  - drive ansible scripts with lcitool package lists

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmZhgb4ACgkQ+9DbCVqe
# KkQNMAf/eyGgbU6ASgbwGqiJCOrkWo8CM7G1dXZ5GpVvKVnlDioMaefFCWt3ftB6
# kKtiskC1xVx3vM1mmomosSGxTNxT93HMLulKJLXK8/SvOFU9phzzUeZXTqS7JKNb
# NrawL0vkygRn+mmTgr3M+Z7rh4yI9e7e2yeX+oQiXsSGGNM114EdcUqKG82tpO8G
# cDlNtlp2jgptNnmzQ7ufZIRD5ckg+2os6XFB+bhmfaWCu9PXTTNwBfLJkEnXENi3
# NpRHPRGsUwZ3QcGt0JLkxTT/yeHngYBP7us2cwMXuf9lxfFCF3Ixt1jF/9ZJRrRm
# wUYG6TBKh6S24cJSBiu1zguQ/EE7WA==
# =myWO
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 06 Jun 2024 02:30:38 AM PDT
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]

* tag 'pull-maintainer-june24-060624-1' of https://gitlab.com/stsquad/qemu:
  scripts/ci: drive ubuntu/build-environment.yml from lcitool
  tests/lcitool: generate package lists for ansible
  tests/lcitool: Install mingw-w64-tools for the Windows cross-builds
  tests/lcitool: Bump to latest libvirt-ci and update Fedora and Alpine version
  .gitlab-ci.d/buildtest.yml: Use -fno-sanitize=function in the clang-system job
  tests/lcitool: Delete obsolete centos-stream-8.yml file
  docs/ci: clean-up references for consistency
  scripts/ci: remove CentOS bits from common build-environment
  tests/vm: remove plain centos image
  tests/vm: update centos.aarch64 image to 9
  docs/devel: update references to centos to non-versioned container
  ci: remove centos-steam-8 customer runner

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-06-06 08:48:51 -07:00
Alex Bennée
c99064d03f scripts/ci: drive ubuntu/build-environment.yml from lcitool
Now lcitool can write the package list for us we no longer need to
duplicate the information directly in build-environment.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-13-alex.bennee@linaro.org>
2024-06-06 10:26:22 +01:00
Alex Bennée
1417704564 tests/lcitool: generate package lists for ansible
With the new ability to output YAML we can build the package list for
our ansible setup scripts. We will integrate them in the next commit.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-12-alex.bennee@linaro.org>
2024-06-06 10:26:13 +01:00
Thomas Huth
61d1e3cbde tests/lcitool: Install mingw-w64-tools for the Windows cross-builds
Beside g++ we also need the mingw-w64-tools for properly building
the code in qga/vss-win32/ , so let's install that package now, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20240601070543.37786-5-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-11-alex.bennee@linaro.org>
2024-06-06 10:26:13 +01:00
Thomas Huth
06f3330bb0 tests/lcitool: Bump to latest libvirt-ci and update Fedora and Alpine version
Update to the latest version of lcitool. It dropped support for Fedora 38
and Alpine 3.18, so we have to update these to newer versions here, too.

Python 3.12 dropped the "imp" module which we still need for running
Avocado. Fortunately Fedora 40 still ships with a work-around package
that we can use until somebody updates our Avocado to a newer version.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20240601070543.37786-3-thuth@redhat.com>
[AJB: regen on rebase]
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-10-alex.bennee@linaro.org>
2024-06-06 10:26:13 +01:00
Thomas Huth
23ef50ae2d .gitlab-ci.d/buildtest.yml: Use -fno-sanitize=function in the clang-system job
The latest version of Clang (version 18 from Fedora 40) now reports
bad function pointer casts as undefined behavior. Unfortunately, we are
still doing this in quite a lot of places in the QEMU code and some of
them are not easy to fix. So for the time being, temporarily switch this
off in the failing clang-system job until all spots in the QEMU sources
have been tackled.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20240601070543.37786-4-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-9-alex.bennee@linaro.org>
2024-06-06 10:26:13 +01:00
Thomas Huth
8e3034914a tests/lcitool: Delete obsolete centos-stream-8.yml file
We've missed to delete this file when removing support for CentOS 8.
Since the current upstream version of the lcitool removed support
for CentOS 8 now, too, we have to remove the file before updating.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20240601070543.37786-2-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-8-alex.bennee@linaro.org>
2024-06-06 10:26:13 +01:00
Alex Bennée
0eb7fadcfd docs/ci: clean-up references for consistency
Document we have split up build-environment by distro and update the
references that exist in the code base to be correct.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-7-alex.bennee@linaro.org>
2024-06-06 10:26:08 +01:00
Alex Bennée
053d5042ad scripts/ci: remove CentOS bits from common build-environment
Although I've just removed the CentOS specific build-environment its
probably a bit too confusing to have multiple distros mixed up in one
place. Prior to moving clean-up what will be just for ubuntu.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-6-alex.bennee@linaro.org>
2024-06-06 10:26:02 +01:00
Alex Bennée
0f73539676 tests/vm: remove plain centos image
This isn't really used and we have lighter weight docker containers
for testing this stuff directly.

Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-5-alex.bennee@linaro.org>
2024-06-06 10:25:51 +01:00
Alex Bennée
5ed4e5a15c tests/vm: update centos.aarch64 image to 9
As Centos Stream 8 goes out of support we need to update. To do this
powertools is replaced by crb and we don't over specify the python3 we
want.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-4-alex.bennee@linaro.org>
2024-06-06 10:25:41 +01:00
Alex Bennée
cc1d2e04d5 docs/devel: update references to centos to non-versioned container
>From the website:

"After May 31, 2024, CentOS Stream 8 will be archived and no further
updates will be provided."

We have updated a few bits but there are still references that need
fixing. Rather than bump I've replaced them with references to the
Debian image so we don't have to bump at the next update.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-3-alex.bennee@linaro.org>
2024-06-06 10:25:26 +01:00
Alex Bennée
421a22ef8e ci: remove centos-steam-8 customer runner
This broke since eef0bae3a7 (migration: Remove block migration) but
even after that was addressed it still fails to complete. As it will
shortly be EOL lets to remove the runner definition and the related
ansible setup bits.

We still have centos9 docker images build and test.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240603175328.3823123-2-alex.bennee@linaro.org>
2024-06-06 10:20:46 +01:00
lanyanzhi
78f932ea1f target/loongarch: fix a wrong print in cpu dump
description:
    loongarch_cpu_dump_state() want to dump all loongarch cpu
state registers, but there is a tiny typographical error when
printing "PRCFG2".

Cc: qemu-stable@nongnu.org
Signed-off-by: lanyanzhi <lanyanzhi22b@ict.ac.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Song Gao <gaosong@loongson.cn>
Message-Id: <20240604073831.666690-1-lanyanzhi22b@ict.ac.cn>
Signed-off-by: Song Gao <gaosong@loongson.cn>
2024-06-06 11:58:06 +08:00
Song Gao
2b284fa9ea hw/loongarch/virt: Enable extioi virt extension
This patch adds a new board attribute 'v-eiointc'.
A value of true enables the virt extended I/O interrupt controller.
VMs working in kvm mode have 'v-eiointc' enabled by default.

Signed-off-by: Song Gao <gaosong@loongson.cn>
Reviewed-by: Bibo Mao <maobibo@loongson.cn>
Message-Id: <20240528083855.1912757-4-gaosong@loongson.cn>
2024-06-06 11:56:45 +08:00
Song Gao
f2e61edb29 hw/loongarch/virt: Use MemTxAttrs interface for misc ops
Use MemTxAttrs interface read_with_attrs/write_with_attrs
for virt_iocsr_misc_ops.

Signed-off-by: Song Gao <gaosong@loongson.cn>
Reviewed-by: Bibo Mao <maobibo@loongson.cn>
Message-Id: <20240528083855.1912757-3-gaosong@loongson.cn>
2024-06-06 11:56:45 +08:00
Song Gao
dc6f37eb95 hw/intc/loongarch_extioi: Add extioi virt extension definition
On LoongArch, IRQs can be routed to four vcpus with hardware extended
IRQ model. This patch adds the virt extension definition so that
the IRQ can route to 256 vcpus.

    1.Extended IRQ model:
                                    |
    +-----------+     +-------------|--------+     +-----------+
    | IPI/Timer | --> | CPUINTC(0-3)|(4-255) | <-- | IPI/Timer |
    +-----------+     +-------------|--------+     +-----------+
                            ^       |
                            |
                       +---------+
                       | EIOINTC |
                       +---------+
                        ^       ^
                        |       |
                 +---------+ +---------+
                 | PCH-PIC | | PCH-MSI |
                 +---------+ +---------+
                   ^      ^          ^
                   |      |          |
            +--------+ +---------+ +---------+
            | UARTs  | | Devices | | Devices |
            +--------+ +---------+ +---------+

    2.Virt extended IRQ model:

      +-----+    +---------------+     +-------+
      | IPI |--> | CPUINTC(0-255)| <-- | Timer |
      +-----+    +---------------+     +-------+
                        ^
                        |
                  +-----------+
                  | V-EIOINTC |
                  +-----------+
                   ^         ^
                   |         |
            +---------+ +---------+
            | PCH-PIC | | PCH-MSI |
            +---------+ +---------+
              ^      ^          ^
              |      |          |
       +--------+ +---------+ +---------+
       | UARTs  | | Devices | | Devices |
       +--------+ +---------+ +---------+

Signed-off-by: Song Gao <gaosong@loongson.cn>
Reviewed-by: Bibo Mao <maobibo@loongson.cn>
Message-Id: <20240528083855.1912757-2-gaosong@loongson.cn>
2024-06-06 11:56:45 +08:00
Bibo Mao
a73f7a00ee tests/qtest: Add numa test for loongarch system
Add numa test case for loongarch system, it passes to run
with command "make check-qtest".

Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Acked-by: Thomas Huth <thuth@redhat.com>
Tested-by: Song Gao <gaosong@loongson.cn>
Message-Id: <20240528082155.938586-1-maobibo@loongson.cn>
Signed-off-by: Song Gao <gaosong@loongson.cn>
2024-06-06 11:56:45 +08:00
Bibo Mao
fe43cc5bde tests/libqos: Add loongarch virt machine node
Add loongarch virt machine to the graph. It is a modified copy of
the existing riscv virtmachine in riscv-virt-machine.c

It contains a generic-pcihost controller, and an extra function
loongarch_config_qpci_bus() to configure GPEX pci host controller
information, such as ecam and pio_base addresses.

Also hotplug handle checking about TYPE_VIRTIO_IOMMU_PCI device is
added on loongarch virt machine, since virtio_mmu_pci device requires
it.

Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20240528082053.938564-1-maobibo@loongson.cn>
Signed-off-by: Song Gao <gaosong@loongson.cn>
2024-06-06 11:56:36 +08:00
Richard Henderson
db2feb2df8 util/hexdump: Use a GString for qemu_hexdump_line.
system/qtest: Replace sprintf by qemu_hexdump_line
 hw/scsi/scsi-disk: Use qemu_hexdump_line to avoid sprintf
 hw/ide/atapi: Use qemu_hexdump_line to avoid sprintf
 hw/dma/pl330: Use qemu_hexdump_line to avoid sprintf
 disas/microblaze: Reorg to avoid intermediate sprintf
 disas/riscv: Use GString in format_inst
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmZg1RMdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+6mgf6AjEdU91vBXAUxabs
 kmVl5HaAD3NHU1VCM+ruPQkm6xv4kLlMsTibmkiS7+WZYvHfPlGfozjRJxtvZj8K
 8J2Qp9iHjny8NQPkMCValDvmzkxaIT7ZzYCBdS4jfTdIThuYNJnXsI3NNP7ghnl6
 xv8O62dQbc5gjWF8G+q6PKWSxY6BEuFJ3Pt82cJ/Fj/8bhsjd48pgiLv66F/+q1z
 U9Gy8fWqmkKEzTqBigSYU98yae5CA89T6JBKtgFV07pkYa4A7BUyCR5EBirARyhM
 P0OAqR1GCAbSXWFaJ1sSpU8ATq33FoSQYwWwcmEET7FZYZqvbd6Jd4HtpOPqmu9W
 Fc4taw==
 =VgLB
 -----END PGP SIGNATURE-----

Merge tag 'pull-misc-20240605' of https://gitlab.com/rth7680/qemu into staging

util/hexdump: Use a GString for qemu_hexdump_line.
system/qtest: Replace sprintf by qemu_hexdump_line
hw/scsi/scsi-disk: Use qemu_hexdump_line to avoid sprintf
hw/ide/atapi: Use qemu_hexdump_line to avoid sprintf
hw/dma/pl330: Use qemu_hexdump_line to avoid sprintf
disas/microblaze: Reorg to avoid intermediate sprintf
disas/riscv: Use GString in format_inst

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmZg1RMdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+6mgf6AjEdU91vBXAUxabs
# kmVl5HaAD3NHU1VCM+ruPQkm6xv4kLlMsTibmkiS7+WZYvHfPlGfozjRJxtvZj8K
# 8J2Qp9iHjny8NQPkMCValDvmzkxaIT7ZzYCBdS4jfTdIThuYNJnXsI3NNP7ghnl6
# xv8O62dQbc5gjWF8G+q6PKWSxY6BEuFJ3Pt82cJ/Fj/8bhsjd48pgiLv66F/+q1z
# U9Gy8fWqmkKEzTqBigSYU98yae5CA89T6JBKtgFV07pkYa4A7BUyCR5EBirARyhM
# P0OAqR1GCAbSXWFaJ1sSpU8ATq33FoSQYwWwcmEET7FZYZqvbd6Jd4HtpOPqmu9W
# Fc4taw==
# =VgLB
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 05 Jun 2024 02:13:55 PM PDT
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* tag 'pull-misc-20240605' of https://gitlab.com/rth7680/qemu:
  disas/riscv: Use GString in format_inst
  disas/microblaze: Split get_field_special
  disas/microblaze: Print registers directly with PRIrfsl
  disas/microblaze: Print immediates directly with PRIimm
  disas/microblaze: Print registers directly with PRIreg
  disas/microblaze: Merge op->name output into each fprintf
  disas/microblaze: Re-indent print_insn_microblaze
  disas/microblaze: Split out print_immval_addr
  hw/dma/pl330: Use qemu_hexdump_line to avoid sprintf
  hw/ide/atapi: Use qemu_hexdump_line to avoid sprintf
  hw/scsi/scsi-disk: Use qemu_hexdump_line to avoid sprintf
  system/qtest: Replace sprintf by qemu_hexdump_line
  hw/mips/malta: Add re-usable rng_seed_hex_new() method
  util/hexdump: Inline g_string_append_printf "%02x"
  util/hexdump: Add unit_len and block_len to qemu_hexdump_line
  util/hexdump: Use a GString for qemu_hexdump_line

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-06-05 14:17:01 -07:00
Richard Henderson
b89fb575fd disas/riscv: Use GString in format_inst
Allocate and fill a GString instead of snprintf and
appending to a fixed sized buffer.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240412073346.458116-22-richard.henderson@linaro.org>
2024-06-05 12:29:54 -07:00