Because we weren't setting this flag, our probe of ID_AA64ZFR0
was always returning zero. This also obviates the adjustment
of ID_AA64PFR0, which had sanitized the SVE field.
The effects of the bug are not visible, because the only thing that
ID_AA64ZFR0 is used for within qemu at present is tcg translation.
The other tests for SVE within KVM are via ID_AA64PFR0.SVE.
Reported-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220726045828.53697-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Indication for support for SVE will not depend on whether we
perform the query on the main kvm_state or the temp vcpu.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220726045828.53697-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
kvm_dirty_ring_supported() only checks whether the dirty ring support
is available on the x86 host, but it ignores whether the target QEMU
architecture is x86 or not. Thus the test_vcpu_dirty_limit() test
currently fails with the assert((strcmp(arch, "x86_64") == 0)) statement
in dirtylimit_start_vm() if the users run e.g. "make check-qtest-aarch64"
on their x86 host. Fix it by only executing the tests when we're running
with a x86_64 target QEMU binary with KVM.
Message-Id: <20220801114644.208197-1-thuth@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Some fixes for hw/nvme ioeventfd support.
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmLnpQ4ACgkQTeGvMW1P
Delnywf/fM7Qp5WMR0ExHqVuKfpN1EBK8C6wa3xp7EI0pCDP50ZwJfcMmeZOhDAe
3KXdNTXV43cxygkdzG/uxh7j26Zq8zGzcf1RVLAIUqzL9wTkoFcJ4+aIuzlV4wjU
oS1jK+pItJ9/Kb9SeavVGOzTzyBzs2G9odRvjyjGrwrEfpEBEtncwfXAK7mPqt1V
TNDR0M0qJ9Bheaoqs7miqa4zOevtKKp3pPeG0n2BOhWromGx6MbeHwTuNg96zR0+
VXuEmUyj8r6ezKmQdgnJPoqFCwEJI0iBGPSKhpIp3EGrkAww2IuBAN8C4bo03Bzq
Fj3pne5Sr9iBV/nhz9vN267STQzdsw==
=AL7y
-----END PGP SIGNATURE-----
Merge tag 'nvme-next-pull-request' of git://git.infradead.org/qemu-nvme into staging
hw/nvme fixes
Some fixes for hw/nvme ioeventfd support.
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmLnpQ4ACgkQTeGvMW1P
# Delnywf/fM7Qp5WMR0ExHqVuKfpN1EBK8C6wa3xp7EI0pCDP50ZwJfcMmeZOhDAe
# 3KXdNTXV43cxygkdzG/uxh7j26Zq8zGzcf1RVLAIUqzL9wTkoFcJ4+aIuzlV4wjU
# oS1jK+pItJ9/Kb9SeavVGOzTzyBzs2G9odRvjyjGrwrEfpEBEtncwfXAK7mPqt1V
# TNDR0M0qJ9Bheaoqs7miqa4zOevtKKp3pPeG0n2BOhWromGx6MbeHwTuNg96zR0+
# VXuEmUyj8r6ezKmQdgnJPoqFCwEJI0iBGPSKhpIp3EGrkAww2IuBAN8C4bo03Bzq
# Fj3pne5Sr9iBV/nhz9vN267STQzdsw==
# =AL7y
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 01 Aug 2022 03:03:58 AM PDT
# gpg: using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg: aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468 4272 63D5 6FC5 E55D A838
# Subkey fingerprint: 5228 33AA 75E2 DCE6 A247 66C0 4DE1 AF31 6D4F 0DE9
* tag 'nvme-next-pull-request' of git://git.infradead.org/qemu-nvme:
hw/nvme: do not enable ioeventfd by default
hw/nvme: unregister the event notifier handler on the main loop
hw/nvme: skip queue processing if notifier is cleared
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
A MachineState object is used as a owner of the RAM region and this
asserts in memory_region_init_ram() when QEMU is built with
CONFIG_QOM_CAST_DEBUG :
/* This will assert if owner is neither NULL nor a DeviceState.
* We only want the owner here for the purposes of defining a
* unique name for migration. TODO: Ideally we should implement
* a naming scheme for Objects which are not DeviceStates, in
* which case we can relax this restriction.
*/
owner_dev = DEVICE(owner);
Use the BMC and BIC objects as the owners of their memory regions.
Cc: Peter Delevoryas <peter@pjd.dev>
Fixes: 778e14cc5c ("aspeed: Add AST2600 (BMC) to fby35")
Reviewed-by: Peter Delevoryas <peter@pjd.dev>
Message-Id: <20220727102714.803041-3-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Fixes: 346160cbf2 ("aspeed: Set the dram container at the SoC level")
Message-Id: <20220727102714.803041-2-clg@kaod.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
The existing code assumes that the block size can be generated from p[1] << 8
in multiple places which ignores the top and bottom 8 bits. If the block size
is allowed to be set to an arbitrary value then this causes a mismatch
between the value written by the guest in the block descriptor and the value
subsequently read back using READ CAPACITY causing the guest to generate
requests that can crash QEMU.
For now restrict block size changes to bits 8-15 and also ignore requests to
set the block size to 0 which causes the SCSI emulation to crash in at least
one place with a divide by zero error.
Fixes: 356c4c441e ("scsi-disk: allow MODE SELECT block descriptor to set the block size")
Closes: https://gitlab.com/qemu-project/qemu/-/issues/1112
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220730122656.253448-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
In scsi_disk_emulate_write_same() the number of host sectors to transfer is
calculated as (s->qdev.blocksize / BDRV_SECTOR_SIZE) which is then used to
copy data in block size chunks to the iov buffer.
Since the loop copying the data to the iov buffer uses a fixed increment of
s->qdev.blocksize then using a block size that isn't a multiple of
BDRV_SECTOR_SIZE introduces a rounding error in the iov buffer size calculation
such that the iov buffer copy overflows the space allocated.
Update the iov buffer copy for() loop so that it will use the smallest of either
the current block size or the remaining transfer count to prevent the overflow.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20220730122656.253448-2-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
In one case:
memcpy(sid->inmsg + sid->inlen, buf, len);
if len == 0 then sid->inmsg + sig->inlen can point to one past the inmsg
array if the array is full. We have to allow len == 0 due to some
vagueness in the spec, but we don't have to call memcpy.
Found by Coverity. This is not a problem in practice, but the results
are technically (maybe) undefined. So make Coverity happy.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Do not enable ioeventfd by default. Let the feature mature a bit before
we consider enabling it by default.
Fixes: 2e53b0b450 ("hw/nvme: Use ioeventfd to handle doorbell updates")
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Jinhao Fan <fanjinhao21s@ict.ac.cn>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Make sure the notifier handler is unregistered in the main loop prior to
cleaning it up.
Fixes: 2e53b0b450 ("hw/nvme: Use ioeventfd to handle doorbell updates")
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Jinhao Fan <fanjinhao21s@ict.ac.cn>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
While it is safe to process the queues when they are empty, skip it if
the event notifier callback was invoked spuriously.
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Jinhao Fan <fanjinhao21s@ict.ac.cn>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Some files wrongly contain the same word twice in a row.
One of them should be removed or replaced.
Message-Id: <20220722145859.1952732-1-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220707163720.1421716-5-berrange@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Let's use better, more inclusive wording here.
Message-Id: <20220727092135.302915-4-thuth@redhat.com>
Reviewed-by: Konstantin Kostiuk <kkostiuk@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
We used to stop running all tests if uffd is not detected. However
logically that's only needed for postcopy not the rest of tests.
Keep running the rest when still possible.
Signed-off-by: Peter Xu <peterx@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220728133516.92061-3-peterx@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas reported that auto-converge test will timeout on MacOS CI gatings.
Use the migrate_ensure_converge() helper too in the auto-converge as when
Daniel reworked the other test cases.
Since both max_bandwidth / downtime_limit will not be used for converge
calculations, make it simple by removing the remaining check, then we can
completely remove both variables altogether, since migrate_ensure_converge
is used the remaining check won't make much sense anyway.
Reported-by: Thomas Huth <thuth@redhat.com>
Suggested-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20220728133516.92061-2-peterx@redhat.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
test_socket hangs randomly in connect(), especially when run without
qemu. Apparently the reason is that linux started treating backlog
value of 0 literally instead of rounding it up since v4.4 (commit
ef547f2ac16b).
So set it to 1 instead.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20220725144251.192720-1-iii@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
1) Fixes a bug in qemu-hexagon
2) Fixes a bug in a test case
3) Adds reference file for float_convd test case
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEENjXHiM5iuR/UxZq0ewJE+xLeRCIFAmLnDw8ACgkQewJE+xLe
RCIwVgf/bPvX2cbmAECNJ5y/Galy5n1sMttwyrlwR4VVf8jQbCESDritIiWVn5gw
zvM1Ba4MGH6YSkr/1Om7kBkEp+hqX5eDpUW1Q1qFa6SyF3oIu25MVBq8fkrrU1+f
kJcTKdW7eQ2TfGupUW6Dj/QdoVknBnoIPk7T9lkT/qtmn9YwDyrqDSFnJTgVbrAv
W/gGFzT4HskKuJ5Fy0wzeca7BfR9fl8rencuqyUfDehLk5hbjiR9vGG9Xt1mJyae
LRFaqdy4/OsZHAVad4fnSOvYJp7EN4fR7zmkRfPi7kTNwnQ6ewBOZnUUoK3VQ0bk
TViBl7kNjxdcO4DFjBeLYJUGxVUoww==
=a+hi
-----END PGP SIGNATURE-----
Merge tag 'pull-hex-20220731' of https://github.com/quic/qemu into staging
Hexagon bug fixes and test improvements
1) Fixes a bug in qemu-hexagon
2) Fixes a bug in a test case
3) Adds reference file for float_convd test case
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEENjXHiM5iuR/UxZq0ewJE+xLeRCIFAmLnDw8ACgkQewJE+xLe
# RCIwVgf/bPvX2cbmAECNJ5y/Galy5n1sMttwyrlwR4VVf8jQbCESDritIiWVn5gw
# zvM1Ba4MGH6YSkr/1Om7kBkEp+hqX5eDpUW1Q1qFa6SyF3oIu25MVBq8fkrrU1+f
# kJcTKdW7eQ2TfGupUW6Dj/QdoVknBnoIPk7T9lkT/qtmn9YwDyrqDSFnJTgVbrAv
# W/gGFzT4HskKuJ5Fy0wzeca7BfR9fl8rencuqyUfDehLk5hbjiR9vGG9Xt1mJyae
# LRFaqdy4/OsZHAVad4fnSOvYJp7EN4fR7zmkRfPi7kTNwnQ6ewBOZnUUoK3VQ0bk
# TViBl7kNjxdcO4DFjBeLYJUGxVUoww==
# =a+hi
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 31 Jul 2022 04:23:59 PM PDT
# gpg: using RSA key 3635C788CE62B91FD4C59AB47B0244FB12DE4422
# gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3635 C788 CE62 B91F D4C5 9AB4 7B02 44FB 12DE 4422
* tag 'pull-hex-20220731' of https://github.com/quic/qemu:
Hexagon (tests/tcg/hexagon) reference file for float_convd
Hexagon (tests/tcg/hexagon) Fix alignment in load_unpack.c
Hexagon (target/hexagon) make VyV operands use a unique temp
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The test is in tests/tcg/multiarch/float_convd.c
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220718230320.24444-4-tsimpson@quicinc.com>
The increment used in :brev tests was causing unaligned addresses
Change the increment and the relevant expected values
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220718230320.24444-3-tsimpson@quicinc.com>
VyV operand is only used in the vshuff and vdeal instructions. These
instructions write to both VyV and VxV operands. In the case where
both operands are the same register, we need a separate location for
VyV. We use the existing vtmp field in CPUHexagonState.
Test case added in tests/tcg/hexagon/hvx_misc.c
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220718230320.24444-2-tsimpson@quicinc.com>
Change macro name 'LS7A_XXX' to 'VIRT_XXX', as the loongarch
virt machinue use the GPEX bridge instead of LS7A bridge. So
the macro name should keep consistency.
Signed-off-by: Xiaojuan Yang <yangxiaojuan@loongson.cn>
Message-Id: <20220729073018.27037-3-yangxiaojuan@loongson.cn>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
1. Rename 'loongson3.c' to 'virt.c' and change the meson.build file.
2. Rename 'loongson3.rst' to 'virt.rst'.
Signed-off-by: Xiaojuan Yang <yangxiaojuan@loongson.cn>
Message-Id: <20220729073018.27037-2-yangxiaojuan@loongson.cn>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Yonggang Luo <luoyonggang@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Message-Id: <20220728200422.1502-1-luoyonggang@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
- update to latest libvirt-ci
- echo testlog.txt on failed cirrus runs
- drop containers-layer2 stage
- update handling of symlinks on windows builds
- return 0 for failure of semihosting console write
- don't copy unused buffer after semihost operation
- check for errors in semihosting args
- fix buffer handling for semihosting TMPNAM
- add qapi exit-failure PanicAction
- add lowcore unaligned access test to s390x
- fix documentation of OBJECT_DECLARE_SIMPLE_TYPE
- expand documentation on booting code
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmLjoIQACgkQ+9DbCVqe
KkSLyAf7Byt1jeIHCYYYqOPj8+Zx+kJXgWr59wMRSDFLwd0wWeFkgQhxriSlSUAl
oVOTP8fkczeaMKPhp7CJnqpcQuZzD6iaK9hg/hNzKy0gTQbJgFRtTSP7c0E0iak5
ZfDX5h+BRSAoeDo3I+ulj/bLKlj+KbxRWGf+y4K9rRGHKcTJUbcpkZ7aQlK5J6UD
nqjkrvgnNWslxhdRSI6+2KPzkYaOmbiyPIVGOiBvmyv0N+NuazPvFMp2mFGH25kB
XGsU5zxmm8IskxLGHHFvlwIM19SwB/2vArLtyaTVEPbLDhvdENePrPSL1Lr2BA/A
yStVAvAnyy7Cdr8YmRCAGm3qnY61dg==
=57ZK
-----END PGP SIGNATURE-----
Merge tag 'pull-testing-next-290722-1' of https://github.com/stsquad/qemu into staging
Testing, semihosting and doc fixes:
- update to latest libvirt-ci
- echo testlog.txt on failed cirrus runs
- drop containers-layer2 stage
- update handling of symlinks on windows builds
- return 0 for failure of semihosting console write
- don't copy unused buffer after semihost operation
- check for errors in semihosting args
- fix buffer handling for semihosting TMPNAM
- add qapi exit-failure PanicAction
- add lowcore unaligned access test to s390x
- fix documentation of OBJECT_DECLARE_SIMPLE_TYPE
- expand documentation on booting code
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmLjoIQACgkQ+9DbCVqe
# KkSLyAf7Byt1jeIHCYYYqOPj8+Zx+kJXgWr59wMRSDFLwd0wWeFkgQhxriSlSUAl
# oVOTP8fkczeaMKPhp7CJnqpcQuZzD6iaK9hg/hNzKy0gTQbJgFRtTSP7c0E0iak5
# ZfDX5h+BRSAoeDo3I+ulj/bLKlj+KbxRWGf+y4K9rRGHKcTJUbcpkZ7aQlK5J6UD
# nqjkrvgnNWslxhdRSI6+2KPzkYaOmbiyPIVGOiBvmyv0N+NuazPvFMp2mFGH25kB
# XGsU5zxmm8IskxLGHHFvlwIM19SwB/2vArLtyaTVEPbLDhvdENePrPSL1Lr2BA/A
# yStVAvAnyy7Cdr8YmRCAGm3qnY61dg==
# =57ZK
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 29 Jul 2022 01:55:32 AM PDT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-testing-next-290722-1' of https://github.com/stsquad/qemu:
qemu-options: bring the kernel and image options together
docs/devel: fix description of OBJECT_DECLARE_SIMPLE_TYPE
tests/tcg/s390x: Test unaligned accesses to lowcore
qapi: Add exit-failure PanicAction
semihosting: Fix handling of buffer in TARGET_SYS_TMPNAM
semihosting: Check for errors on SET_ARG()
semihosting: Don't copy buffer after console_write()
semihosting: Don't return negative values on qemu_semihosting_console_write() failure
.gitlab-ci.d/windows.yml: Enable native Windows symlink
.cirrus.yml: Change winsymlinks to 'native'
gitlab: drop 'containers-layer2' stage
gitlab: show testlog.txt contents when cirrus/custom-runner jobs fail
tests: refresh to latest libvirt-ci module
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
How to control the booting of QEMU is often a source of confusion for
users. Bring the options that control this together in the manual
pages and add some verbiage to describe when each option is
appropriate. This attempts to codify some of the knowledge expressed
in:
https://stackoverflow.com/questions/58420670/qemu-bios-vs-kernel-vs-device-loader-file/58434837#58434837
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220725140520.515340-14-alex.bennee@linaro.org>
Since 30b5707c26 (qom: Remove module_obj_name parameter from
OBJECT_DECLARE* macros) we don't need the additional two parameters.
Fix the documentation.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220725140520.515340-13-alex.bennee@linaro.org>
Add a small test to avoid regressions.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220725223746.227063-3-iii@linux.ibm.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Currently QEMU exits with code 0 on both panic an shutdown. For tests
it is useful to return 1 on panic, so that it counts as a test
failure.
Introduce a new exit-failure PanicAction that makes main() return
EXIT_FAILURE. Tests can use -action panic=exit-failure option to
activate this behavior.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20220725223746.227063-2-iii@linux.ibm.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
The TARGET_SYS_TMPNAM implementation has two bugs spotted by
Coverity:
* confusion about whether 'len' has the length of the string
including or excluding the terminating NUL means we
lock_user() len bytes of memory but memcpy() len + 1 bytes
* In the error-exit cases we forget to free() the buffer
that asprintf() returned to us
Resolves: Coverity CID 1490285, 1490289
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-5-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-10-alex.bennee@linaro.org>
The SET_ARG() macro returns an error indication; we check this in the
TARGET_SYS_GET_CMDLINE case but not when we use it in implementing
TARGET_SYS_ELAPSED. Check for and handle the errors via the do_fault
codepath, and update the comment documenting the SET_ARG() and
GET_ARG() macros to note how they handle memory access errors.
Resolves: Coverity CID 1490287
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-4-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-9-alex.bennee@linaro.org>
The console_write() semihosting function outputs guest data from a
buffer; it doesn't update that buffer. It therefore doesn't need to
pass a length value to unlock_user(), but can pass 0, meaning "do not
copy any data back to the guest memory".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-3-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-8-alex.bennee@linaro.org>
The documentation comment for qemu_semihosting_console_write() says
* Returns: number of bytes written -- this should only ever be short
* on some sort of i/o error.
and the callsites rely on this. However, the implementation code
path which sends console output to a chardev doesn't honour this,
and will return negative values on error. Bring it into line with
the other implementation codepaths and the documentation, so that
it returns 0 on error.
Spotted by Coverity, because console_write() passes the return value
to unlock_user(), which doesn't accept a negative length.
Resolves: Coverity CID 1490288
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220719121110.225657-2-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220725140520.515340-7-alex.bennee@linaro.org>
The following error message was seen during the configure:
"ln: failed to create symbolic link
'x86_64-softmmu/qemu-system-x86_64.exe': No such file or directory"
By default the MSYS environment variable is not defined, so the runtime
behavior of winsymlinks is: if <target> does not exist, 'ln -s' fails.
At the configure phase, the qemu-system-x86_64.exe has not been built
so creation of the symbolic link fails hence the error message.
Set winsymlinks to 'native' whose behavior is most similar to the
behavior of 'ln -s' on *nix, that is:
a) if native symlinks are enabled, and whether <target> exists
or not, creates <destination> as a native Windows symlink;
b) else if native symlinks are not enabled, and whether <target>
exists or not, 'ln -s' creates as a Windows shortcut file.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725123000.807608-1-bmeng.cn@gmail.com>
Message-Id: <20220725140520.515340-6-alex.bennee@linaro.org>
At present winsymlinks is set to 'nativestrict', and its behavior is:
a) if native symlinks are enabled and <target> exists, creates
<destination> as a native Windows symlink;
b) else if native symlinks are not enabled or if <target> does
not exist, 'ln -s' fails.
This causes the following error message was seen during the configure:
"ln: failed to create symbolic link
'x86_64-softmmu/qemu-system-x86_64.exe': No such file or directory"
Change winsymlinks to 'native' whose behavior is most similar to the
behavior of 'ln -s' on *nix, that is:
a) if native symlinks are enabled, and whether <target> exists
or not, creates <destination> as a native Windows symlink;
b) else if native symlinks are not enabled, and whether <target>
exists or not, 'ln -s' creates as a Windows shortcut file.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Yonggang Luo <luoyonggang@gmail.com>
Message-Id: <20220719161230.766063-1-bmeng.cn@gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-5-alex.bennee@linaro.org>
Since we express dependencies via a 'needs' clause, we don't need to
split container builds into separate stages. GitLab happily lets jobs
depend on other jobs in the same stage and will run them when possible.
Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220722130431.2319019-4-berrange@redhat.com>
[AJB: fix typo]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220725140520.515340-4-alex.bennee@linaro.org>
When tests fail meson just displays a summary and tells you to look at
the testlog.txt file for details. The native jobs on shared runners
publish testlog.txt as an artifact. For the Cirrus jobs and custom
runner jobs this is not currently possible. The best we can do is cat
the log contents on failure, to give maintainers a fighting chance
of diagnosing the problem.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220722130431.2319019-3-berrange@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220725140520.515340-3-alex.bennee@linaro.org>
Notable changes:
- libvirt-ci source tree was re-arranged, so the script we
run now lives in a bin/ sub-dir
- opensuse 15.2 is replaced by opensuse 15.3
- libslirp is temporarily dropped on opensuse as the
libslirp-version.h is broken
https://bugzilla.opensuse.org/show_bug.cgi?id=1201551
- The incorrectly named python3-virtualenv module was
changed to python3-venv, but most distros don't need
any package as 'venv' is a standard part of python
- glibc-static was renamed to libc-static, to reflect
fact that it isn't going to be glibc on all distros
- The cmocka/json-c deps that were manually added to
the centos dockerfile and are now consistently added
to all targets
Acked-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220722130431.2319019-2-berrange@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220725140520.515340-2-alex.bennee@linaro.org>
probe_target_compiler returns nonempty $target_cc for installed toolchains
and $container_cross_cc for container-based toolchains. In both cases
however the flags (coming from $cross_cc_cflags_${target_arch}) must be
in $target_cflags.
Therefore, do not clear them prior to returning from probe_target_compiler.
Reported-by: Taylor Simpson <tsimpson@quicinc.com>
Fixes: 92e288fcfb ("build: try both native and cross compilers", 2022-07-08)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
perror() is designed to append the decoded errno value to a
string. This, however, only makes sense if we called something that
actually sets errno prior to that.
For the callers that check for split irqchip support that is not the
case, and we end up with confusing error messages that end in
"success". Use error_report() instead.
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20220728142446.438177-1-cohuck@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
When moving this code out of probe_target_compiler(), we failed to adjust
the variable in which the target is located, resulting in e.g.
powerpc64-linux-user-linux-gnu-gcc-10
Fixes: cd362defbb ("tests/tcg: merge configure.sh back into main configure script")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220728183901.1290113-1-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Short queue with 2 Coverity fixes and one fix of the
'wait' insns that is causing hangs if the guest kernel uses
the most up to date wait opcode.
- target/ppc:
- implement new wait variants to fix guest hang when using the new opcode
- ppc440_uc: initialize length passed to cpu_physical_memory_map()
- spapr_nvdimm: check if spapr_drc_index() returns NULL
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQQX6/+ZI9AYAK8oOBk82cqW3gMxZAUCYuK8VgAKCRA82cqW3gMx
ZOc7AQDPMsFY9NHNqJ3O0MiX4Qoy8IGUreZ9dzZSS3zT1nxtEAD+Lwl0/aGO+dk+
+NiIO80A5Agy/0g8PHie4qR3EqHEnwA=
=Q4eR
-----END PGP SIGNATURE-----
Merge tag 'pull-ppc-20220728' of https://gitlab.com/danielhb/qemu into staging
ppc patch queue for 2022-07-28:
Short queue with 2 Coverity fixes and one fix of the
'wait' insns that is causing hangs if the guest kernel uses
the most up to date wait opcode.
- target/ppc:
- implement new wait variants to fix guest hang when using the new opcode
- ppc440_uc: initialize length passed to cpu_physical_memory_map()
- spapr_nvdimm: check if spapr_drc_index() returns NULL
# -----BEGIN PGP SIGNATURE-----
#
# iHUEABYKAB0WIQQX6/+ZI9AYAK8oOBk82cqW3gMxZAUCYuK8VgAKCRA82cqW3gMx
# ZOc7AQDPMsFY9NHNqJ3O0MiX4Qoy8IGUreZ9dzZSS3zT1nxtEAD+Lwl0/aGO+dk+
# +NiIO80A5Agy/0g8PHie4qR3EqHEnwA=
# =Q4eR
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 28 Jul 2022 09:41:58 AM PDT
# gpg: using EDDSA key 17EBFF9923D01800AF2838193CD9CA96DE033164
# gpg: Good signature from "Daniel Henrique Barboza <danielhb413@gmail.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 17EB FF99 23D0 1800 AF28 3819 3CD9 CA96 DE03 3164
* tag 'pull-ppc-20220728' of https://gitlab.com/danielhb/qemu:
target/ppc: Implement new wait variants
hw/ppc/ppc440_uc: Initialize length passed to cpu_physical_memory_map()
hw/ppc: check if spapr_drc_index() returns NULL in spapr_nvdimm.c
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The flatload loader sets the end_code field in the image_info struct
incorrectly, due to a typo.
This is a very long-standing bug (dating all the way back to when
the bFLT loader was added in 2006), but has gone unnoticed because
(a) most people don't use bFLT binaries
(b) we don't actually do anything with the end_code field, except
print it in debugging traces and pass it to TCG plugins
Fix the typo.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1119
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220728151406.2262862-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
ISA v2.06 adds new variations of wait, specified by the WC field. These
are not all compatible with the prior wait implementation, because they
add additional conditions that cause the processor to resume, which can
cause software to hang or run very slowly.
At this moment, with the current wait implementation and a pseries guest
using mainline kernel with new wait upcodes [1], QEMU hangs during boot if
more than one CPU is present:
qemu-system-ppc64 -M pseries,x-vof=on -cpu POWER10 -smp 2 -nographic
-kernel zImage.pseries -no-reboot
QEMU will exit (as there's no filesystem) if the test "passes", or hang
during boot if it hits the bug.
ISA v3.0 changed the wait opcode and removed the new variants (retaining
the WC field but making non-zero values reserved).
ISA v3.1 added new WC values to the new wait opcode, and added a PL
field.
This patch implements the new wait encoding and supports WC variants
with no-op implementations, which provides basic correctness as
explained in comments.
[1] https://lore.kernel.org/all/20220720132132.903462-1-npiggin@gmail.com/
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Reviewed-by: Víctor Colombo <victor.colombo@eldorado.org.br>
Tested-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Message-Id: <20220720133352.904263-1-npiggin@gmail.com>
[danielhb: added information about the bug being fixed]
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
When in CGA modes, QEMU wants to ignore the maximum scan field (bits 0..4) of
the maximum scan length register in the CRTC. It is not clear why this is
needed---for example, Bochs ignores bit 7 instead. The issue is that the
CGA modes are not detected correctly, and in particular mode 6 results in
multi_scan==3 according to how SeaBIOS programs it. The right way to check
for CGA graphics modes is to check whether bit 13 of the address is special
cased by the CRT controller to achieve line interleaving, i.e. whether bit 0
of the CRTC mode control register is clear.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1020
Reported-by: Korneliusz Osmenda <korneliuszo@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
