Commit Graph

76983 Commits

Author SHA1 Message Date
Max Reitz
bf8e925eb5 block: Pass BdrvChildRole to bdrv_child_perm()
For now, all callers pass 0 and no callee evaluates this value.  Later
patches will change both.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200513110544.176672-7-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
258b776515 block: Add BdrvChildRole to BdrvChild
For now, it is always set to 0.  Later patches in this series will
ensure that all callers pass an appropriate combination of flags.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200513110544.176672-6-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
3284bcf430 block: Add BdrvChildRole and BdrvChildRoleBits
This mask will supplement BdrvChildClass when it comes to what role (or
combination of roles) a child takes for its parent.  It consists of
BdrvChildRoleBits values (which is an enum).

Because empty enums are not allowed, let us just start with it filled.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200513110544.176672-5-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
bd86fb990c block: Rename BdrvChildRole to BdrvChildClass
This structure nearly only contains parent callbacks for child state
changes.  It cannot really reflect a child's role, because different
roles may overlap (as we will see when real roles are introduced), and
because parents can have custom callbacks even when the child fulfills a
standard role.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-Id: <20200513110544.176672-4-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
d67066d8bc block: Add BlockDriver.is_format
We want to unify child_format and child_file at some point.  One of the
important things that set format drivers apart from other drivers is
that they do not expect other format nodes under them (except in the
backing chain), i.e. we must not probe formats inside of formats.  That
means we need something on which to distinguish format drivers from
others, and hence this flag.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Message-Id: <20200513110544.176672-3-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
6540fd153c block: Mark commit, mirror, blkreplay as filters
The commit, mirror, and blkreplay block nodes are filters, so they should
be marked as such.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200513110544.176672-2-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
f844ec01b3 block: Use bdrv_make_empty() where possible
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200429141126.85159-3-mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Kevin Wolf
6ecbc6c526 replication: Avoid blk_make_empty() on read-only child
This is just a bandaid to keep tests/test-replication working after
bdrv_make_empty() starts to assert that we're not trying to call it on a
read-only child.

For the real solution in the future, replication should not steal the
BdrvChild from its backing file (this is never correct to do!), but
instead have its own child node references, with the appropriate
permissions.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
2d97fde439 block: Use blk_make_empty() after commits
bdrv_commit() already has a BlockBackend pointing to the BDS that we
want to empty, it just has the wrong permissions.

qemu-img commit has no BlockBackend pointing to the old backing file
yet, but introducing one is simple.

After this commit, bdrv_make_empty() is the only remaining caller of
BlockDriver.bdrv_make_empty().

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200429141126.85159-5-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
[kwolf: Fixed up reference output for 098]
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
2b7bbdbdef block: Add blk_make_empty()
Two callers of BlockDriver.bdrv_make_empty() remain that should not call
this method directly.  Both do not have access to a BdrvChild, but they
can use a BlockBackend, so we add this function that lets them use it.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200429141126.85159-4-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Max Reitz
6f7a3b535f block: Add bdrv_make_empty()
Right now, all users of bdrv_make_empty() call the BlockDriver method
directly.  That is not only bad style, it is also wrong, unless the
caller has a BdrvChild with a WRITE or WRITE_UNCHANGED permission.
(WRITE_UNCHANGED suffices, because callers generally use this function
to clear a node with a backing file after a commit operation.)

Introduce bdrv_make_empty() that verifies that it does.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20200429141126.85159-2-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Kevin Wolf
19b7868eff iotests: Run pylint and mypy in a testcase
We made sure that iotests.py passes pylint. It would be a shame if we
allowed new patches in that break this again, so let's just add a
meta-test case that runs pylint on it.

While we don't pass mypy --strict yet, we can already run it with a few
options that would be part of --strict to make sure that we won't
regress on these aspects at least until we can enable the full thing.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200511163529.349329-3-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Kevin Wolf
cd8f5b7592 iotests: Fix incomplete type declarations
We need to fix only a few places so that iotests.py can pass
mypy --disallow-incomplete-defs, which seems to be a desirable option to
have enabled in the long run.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200511163529.349329-2-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Lukas Straub
e140f4b7b8 block/replication.c: Avoid cancelling the job twice
If qemu in colo secondary mode is stopped, it crashes because
s->backup_job is canceled twice: First with job_cancel_sync_all()
in qemu_cleanup() and then in replication_stop().

Fix this by assigning NULL to s->backup_job when the job completes
so replication_stop() and replication_do_checkpoint() won't touch
the job.

Signed-off-by: Lukas Straub <lukasstraub2@web.de>
Message-Id: <20200511090801.7ed5d8f3@luklap>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Kevin Wolf
16cea4ee1c iotests: Mirror with different source/target size
This tests that the mirror job catches situations where the target node
has a different size than the source node. It must also forbid resize
operations when the job is already running.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200511135825.219437-5-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:25 +02:00
Kevin Wolf
e83dd6808c mirror: Make sure that source and target size match
If the target is shorter than the source, mirror would copy data until
it reaches the end of the target and then fail with an I/O error when
trying to write past the end.

If the target is longer than the source, the mirror job would complete
successfully, but the target wouldn't actually be an accurate copy of
the source image (it would contain some additional garbage at the end).

Fix this by checking that both images have the same size when the job
starts.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200511135825.219437-4-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:24 +02:00
Kevin Wolf
d89ac3cf30 iotests/229: Use blkdebug to inject an error
229 relies on the mirror running into an I/O error when the target is
smaller than the source. After changing mirror to catch this condition
while starting the job, this test case won't get a job that is paused
for an I/O error any more. Use blkdebug instead to inject an error.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200511135825.219437-3-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:24 +02:00
Kevin Wolf
ffa41a62d0 iotests/109: Don't mirror with mismatched size
This patch makes the raw image the same size as the file in a different
format that is mirrored as raw to it to avoid errors when mirror starts
to enforce that source and target are the same size.

We check only that the first 512 bytes are zeroed (instead of 64k)
because some image formats create image files that are smaller than 64k,
so trying to read 64k would result in I/O errors. Apart from this, 512
is more appropriate anyway because the raw format driver protects
specifically the first 512 bytes.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20200511135825.219437-2-kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-05-18 19:05:24 +02:00
Peter Maydell
debe78ce14 floatx80 x87 pseudo-denormal fixes
-----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAl6+2xMdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9vuQf/cxuZV8JkewohGv/7
 7RmtiSvsvJcSx/iT2uGr/MhTy5pRkBGEtVwU7z3YDLpX6ZKl1mUXC9FXjutXpohE
 gbtJiYSFUP10m2/+WtkfFeKl4gPMsl/BQ1aVDz2Cdt1X1MsfYT/tWb7W/Bs8p4z2
 cTBr791tzyg9coGjJOXMUebxiciSoFrVEgNCN+SHXF8x3EhOOEuS79dP1bFCgLBk
 0lMoLupKqWVZv/tsQJVNl8a8gwauKhd7fPpwmQCtszgCRBo/l2NUX5kj/gzGdji9
 BEM+bxlZocKMmXuEiFB5IPtf3Wi8TocHeaJ6rLuK1RhL7yQdt5zE3lOU/E5K8pvs
 VGMjsA==
 =eBK6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-fpu-20200515' into staging

floatx80 x87 pseudo-denormal fixes

# gpg: Signature made Fri 15 May 2020 19:10:27 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-fpu-20200515:
  softfloat: fix floatx80 pseudo-denormal round to integer
  softfloat: fix floatx80 pseudo-denormal comparisons
  softfloat: fix floatx80 pseudo-denormal addition / subtraction
  softfloat: silence sNaN for conversions to/from floatx80

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-15 19:51:16 +01:00
Joseph Myers
9ecaf5ccec softfloat: fix floatx80 pseudo-denormal round to integer
The softfloat function floatx80_round_to_int incorrectly handles the
case of a pseudo-denormal where only the high bit of the significand
is set, ignoring that bit (treating the number as an exact zero)
rather than treating the number as an alternative representation of
+/- 2^-16382 (which may round to +/- 1 depending on the rounding mode)
as hardware does.  Fix this check (simplifying the code in the
process).

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005042339420.22972@digraph.polyomino.org.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2020-05-15 11:04:50 -07:00
Joseph Myers
be53fa785a softfloat: fix floatx80 pseudo-denormal comparisons
The softfloat floatx80 comparisons fail to allow for pseudo-denormals,
which should compare equal to corresponding values with biased
exponent 1 rather than 0.  Add an adjustment for that case when
comparing numbers with the same sign.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005042338470.22972@digraph.polyomino.org.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2020-05-15 11:04:50 -07:00
Joseph Myers
4160280776 softfloat: fix floatx80 pseudo-denormal addition / subtraction
The softfloat function addFloatx80Sigs, used for addition of values
with the same sign and subtraction of values with opposite sign, fails
to handle the case where the two values both have biased exponent zero
and there is a carry resulting from adding the significands, which can
occur if one or both values are pseudo-denormals (biased exponent
zero, explicit integer bit 1).  Add a check for that case, so making
the results match those seen on x86 hardware for pseudo-denormals.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005042337570.22972@digraph.polyomino.org.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2020-05-15 11:04:50 -07:00
Joseph Myers
7537c2b4a3 softfloat: silence sNaN for conversions to/from floatx80
Conversions between IEEE floating-point formats should convert
signaling NaNs to quiet NaNs.  Most of those in QEMU's softfloat code
do so, but those for floatx80 fail to.  Fix those conversions to
silence signaling NaNs as well.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2005042336170.22972@digraph.polyomino.org.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2020-05-15 11:04:50 -07:00
Peter Maydell
66706192de Various testing, tcg and plugin updates
- fix bug in gdbstub tests that leave hanging QEMUs
   - tweak s390x travis test
   - re-factor guest_base handling
   - support "notes" in disassembler output
   - include guest address notes in out_asm
   - cleanup plugin headers and and constify hwaddr
   - updates MAINTAINERS for cpu-common.c
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAl6+qegACgkQ+9DbCVqe
 KkT2sQf+Kcypx3RzZXrMrqKKSWDOmyvEIjRwwyCTBgkjBE2vU7lVlkWAL5DkRxiN
 MBPpR5zwlU1enRFUVhB//M1kj+lOLh/WeLvipE6FE5c45/onU1KNXo1LQnUHOIkT
 /j9mMxrPL4beVhUH1PZyJNQo0sPHcB9mELLCUXenxBVv29ym/WZ90ORbNaB6lQE+
 PSH99K3PFCFo/UIQA612dypfR130C2rikHd19/mfvAXYTuE4p52G83sutqB+3eg7
 CiahqEIwGDV+g4pxN4FA1xopRjCVvUZahaVGRDY3gzCAZi4ug2/ROoZOta9jP6SR
 n986kWycqJwn42X6yFPTzcEpz/84sg==
 =GIEt
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-tcg-plugins-150520-2' into staging

Various testing, tcg and plugin updates

  - fix bug in gdbstub tests that leave hanging QEMUs
  - tweak s390x travis test
  - re-factor guest_base handling
  - support "notes" in disassembler output
  - include guest address notes in out_asm
  - cleanup plugin headers and and constify hwaddr
  - updates MAINTAINERS for cpu-common.c

# gpg: Signature made Fri 15 May 2020 15:40:40 BST
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-testing-tcg-plugins-150520-2:
  MAINTAINERS: update the orphaned cpus-common.c file
  qemu/qemu-plugin: Make qemu_plugin_hwaddr_is_io() hwaddr argument const
  qemu/plugin: Move !CONFIG_PLUGIN stubs altogether
  qemu/plugin: Trivial code movement
  translate-all: include guest address in out_asm output
  disas: add optional note support to cap_disas
  disas: include an optional note for the start of disassembly
  accel/tcg: don't disable exec_tb trace events
  accel/tcg: Relax va restrictions on 64-bit guests
  exec/cpu-all: Use bool for have_guest_base
  linux-user: completely re-write init_guest_space
  travis.yml: Improve the --disable-tcg test on s390x
  tests/guest-debug: catch hanging guests

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-15 15:47:47 +01:00
Alex Bennée
adf1cfbdc2 MAINTAINERS: update the orphaned cpus-common.c file
We forgot to update MAINTAINERS when this code was re-factored.

Fixes: 267f685b8b
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200513173200.11830-5-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Philippe Mathieu-Daudé
308e754964 qemu/qemu-plugin: Make qemu_plugin_hwaddr_is_io() hwaddr argument const
Rename qemu_plugin_hwaddr_is_io() address argument 'haddr'
similarly to qemu_plugin_hwaddr_device_offset(), and make
it const.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200510171119.20827-4-f4bug@amsat.org>
Message-Id: <20200513173200.11830-4-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Philippe Mathieu-Daudé
1b9905ca0a qemu/plugin: Move !CONFIG_PLUGIN stubs altogether
Simplify the ifdef'ry by moving all stubs together.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200510171119.20827-3-f4bug@amsat.org>
Message-Id: <20200513173200.11830-3-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Philippe Mathieu-Daudé
d2f6dc0790 qemu/plugin: Trivial code movement
Move the qemu_plugin_event enum declaration earlier.
This will make the next commit easier to review.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200510171119.20827-2-f4bug@amsat.org>
Message-Id: <20200513173200.11830-2-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Alex Bennée
5f0df0333b translate-all: include guest address in out_asm output
We already have information about where each guest instructions
representation starts stored in the tcg_ctx->gen_insn_data so we can
rectify the PC for faults. We can re-use this information to annotate
the out_asm output with guest instruction address which makes it a bit
easier to work out where you are especially with longer blocks. A
minor wrinkle is that some instructions get optimised away so we have
to scan forward until we find some actual generated code.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

Message-Id: <20200513175134.19619-11-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Alex Bennée
16b22e02b5 disas: add optional note support to cap_disas
Include support for outputting a note at the top of a chunk of
disassembly to capstone as well.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Message-Id: <20200513175134.19619-10-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Alex Bennée
e5ef4ec28b disas: include an optional note for the start of disassembly
This will become useful shortly for providing more information about
output assembly inline. While there fix up the indenting and code
formatting in disas().

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Message-Id: <20200513175134.19619-9-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Alex Bennée
6a7aa856c5 accel/tcg: don't disable exec_tb trace events
I doubt the well predicted trace event check is particularly special in
the grand context of TCG code execution.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200513175134.19619-8-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Richard Henderson
7d8cbbabcb accel/tcg: Relax va restrictions on 64-bit guests
We cannot at present limit a 64-bit guest to a virtual address
space smaller than the host.  It will mostly work to ignore this
limitation, except if the guest uses high bits of the address
space for tags.  But it will certainly work better, as presently
we can wind up failing to allocate the guest stack.

Widen our user-only page tree to the host or abi pointer width.
Remove the workaround for this problem from target/alpha.
Always validate guest addresses vs reserved_va, as there we
control allocation ourselves.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

Message-Id: <20200513175134.19619-7-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Richard Henderson
e307c192ff exec/cpu-all: Use bool for have_guest_base
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200513175134.19619-6-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Alex Bennée
ee94743034 linux-user: completely re-write init_guest_space
First we ensure all guest space initialisation logic comes through
probe_guest_base once we understand the nature of the binary we are
loading. The convoluted init_guest_space routine is removed and
replaced with a number of pgb_* helpers which are called depending on
what requirements we have when loading the binary.

We first try to do what is requested by the host. Failing that we try
and satisfy the guest requested base address. If all those options
fail we fall back to finding a space in the memory map using our
recently written read_self_maps() helper.

There are some additional complications we try and take into account
when looking for holes in the address space. We try not to go directly
after the system brk() space so there is space for a little growth. We
also don't want to have to use negative offsets which would result in
slightly less efficient code on x86 when it's unable to use the
segment offset register.

Less mind-binding gotos and hopefully clearer logic throughout.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Laurent Vivier <laurent@vivier.eu>

Message-Id: <20200513175134.19619-5-alex.bennee@linaro.org>
2020-05-15 15:25:16 +01:00
Thomas Huth
aae8b87e9c travis.yml: Improve the --disable-tcg test on s390x
Since the s390x containers do not allow KVM, we only compile-test
the --disable-tcg build on s390x and do not run the qtests. Thus,
it does not make sense to install genisoimage here, and it also does
not make sense to build the s390-ccw.img here again - it is simply
not used without the qtests.
On the other hand, if we do not build the s390-ccw.img anymore, we
can also compile with Clang - so let's use that compiler here to
get some additional test coverage.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200512133849.10624-1-thuth@redhat.com>
Message-Id: <20200513175134.19619-3-alex.bennee@linaro.org>
2020-05-15 15:25:07 +01:00
Alex Bennée
b03e4ffffb tests/guest-debug: catch hanging guests
If gdb never actually connected with the guest we need to catch that
and clean-up after ourselves.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200513175134.19619-2-alex.bennee@linaro.org>
2020-05-15 15:25:07 +01:00
Peter Maydell
2478b8ecd4 ui: sdl bugfix, -show-cursor deprecation message
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCgAGBQJevlEJAAoJEEy22O7T6HE4yp8P/jgRuXuw2emm2aBF6Hn7/My3
 ZIKZu4UYNjFhYruIrqOsxsbN5Qs1Hkfh0Ab3Wj6Y+65gDwQDRR5BTwyX18+PA2XF
 RWOkF0GKZo4pPt+lcSNEkU58YPb56bUdwnZ5/oP/XX/uAxU0n4h63r0TyVXrzz1X
 wpdX5hjMpcUsFyVbxekOZryVHdT391rdxGcbREwh9yIYbafaPcbZNAvFsHuR3Y2Z
 j3wWUbjDKpVbHOEvW/+bhgqsRzanA7uw/w4i5GrqaDB2dWb4+f7ikaBhm5bhrLjG
 fmsTYSq39jxU6SFCc/ub3jLF5yR9HK0tZvB3vTA30ppOF2L3Qw3v+V6DD8L9+u1m
 fsG0RNDF6RWur930L9jWUWGkG2I+x9Jd+UsNItc4/y4PYlKG3r2/ru2HRGlLl6Mr
 5vC4LHCfjmaE+MkKeTsrllV/3rUc5SYdrd7uPS9Ohpkd/XeKH1hrkU/6Fh00v+CR
 JczNdBYZWVKdOhMNeDwN51jhQfx5I1aLxCRW5/SW6FrrcKJGgy/mWFhHqo+VNYoH
 SfP/eJOQYgRT19Pm37kTlbpDMhR89dAew5Q2e4jTmx86xfZLdZHH8a8YLbtEl53k
 bhVG8g5QiPrD20mQcwowSxHy0+MdzrZYGoC9XV/Ln83MZPgFV4sE0n5XBov+G1Ft
 VONdmcejxZvwM09j6gmQ
 =8rHW
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/ui-20200515-pull-request' into staging

ui: sdl bugfix, -show-cursor deprecation message

# gpg: Signature made Fri 15 May 2020 09:21:29 BST
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/ui-20200515-pull-request:
  ui/sdl2: fix segment fault caused by null pointer dereference
  ui: improve -show-cursor deprecation message

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-15 11:18:13 +01:00
Peter Maydell
0db949f181 QOM patches for 2020-05-15
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAl6+L4USHGFybWJydUBy
 ZWRoYXQuY29tAAoJEDhwtADrkYZTM5QQAJvaXZkLGJZR9VVjnMudByiyYfxZmL0U
 4CwCY3MzkYB5Htrd9n6H1sd1AbdRwW6D0zbriHg3r7TmEXG99qoifecUCpOg110P
 tr8UYmxm40hLTOy2tY6fJ5eVDll4wBmIkCQ5B1RUUmN4HgixqOrApw+2ZSaI6ubJ
 GQ0/k3w4yx3GT09CaE2i7vemtevfhwXIef5Bta9nyu7aVsZit92+P4SzHP4jqAc8
 oZ2tbIiyM0dp8Nlem3M2c8W1tEYj3U9TmK3wbj4bCQRVNKRP7pms15QkJm2FUKJC
 U+oEfOhaHwO4Lx/7I/5Z7Gb/5iLTeo+7Cehpx4dpAf71VkQe9uu8xXoM1RWHhOjY
 UtEqn5e5MzBkvqw4KXHDY+/DSfe3XESUHEw4aAT+eVU4S4D/PdXerKyYSELSTKjx
 nkwbe1RuwPkPTbOS3Ay49UmDqB+k+0mNrOIsZlFyQELSCGIyLV0zgbDXI6L2sik2
 PzEzJmEpvzU5iV5EckdbW5i5BwMpp3Va1JEzg/NbAXS5iiQD03SPreRPHptIW139
 jqvycEWQGB4HmZWAfHQHtAiDFvrTRyGuWx3J84CY1ygMtrDMA6DsYS0/lCoJP6pP
 jaCIGYtnGv02+GcrjuY/cTnoLk9oh0FNJ/jwNVDIkm+YUOFNx0gO9pf8l3hxg/hJ
 +TovRhtBbhHG
 =+Qby
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-qom-2020-05-15' into staging

QOM patches for 2020-05-15

# gpg: Signature made Fri 15 May 2020 06:58:29 BST
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qom-2020-05-15: (21 commits)
  hw: Remove unnecessary DEVICE() cast
  various: Remove unnecessary OBJECT() cast
  target: Remove unnecessary CPU() cast
  qom: Drop @errp parameter of object_property_del()
  spapr_pci: Drop some dead error handling
  qdev: Unrealize must not fail
  Drop more @errp parameters after previous commit
  qom: Drop parameter @errp of object_property_add() & friends
  qdev: Clean up qdev_connect_gpio_out_named()
  hw/arm/bcm2835: Drop futile attempts at QOM-adopting memory
  e1000: Don't run e1000_instance_init() twice
  hw/isa/superio: Make the components QOM children
  s390x/cpumodel: Fix UI to CPU features pcc-cmac-{aes,eaes}-256
  tests/check-qom-proplist: Improve iterator coverage
  qom: Drop object_property_set_description() parameter @errp
  qom: Make all the object_property_add_FOO() return the property
  qom: Drop convenience method object_property_get_uint16List()
  qom: Simplify object_property_get_enum()
  qom: Drop object_property_del_child()'s unused parameter @errp
  qom: Clean up inconsistent use of gchar * vs. char *
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-15 09:52:41 +01:00
Philippe Mathieu-Daudé
8e5c952b37 hw: Remove unnecessary DEVICE() cast
The DEVICE() macro is defined as:

  #define DEVICE(obj) OBJECT_CHECK(DeviceState, (obj), TYPE_DEVICE)

which expands to:

  ((DeviceState *)object_dynamic_cast_assert((Object *)(obj), (name),
                                             __FILE__, __LINE__,
                                             __func__))

This assertion can only fail when @obj points to something other
than its stated type, i.e. when we're in undefined behavior country.

Remove the unnecessary DEVICE() casts when we already know the
pointer is of DeviceState type.

Patch created mechanically using spatch with this script:

  @@
  typedef DeviceState;
  DeviceState *s;
  @@
  -   DEVICE(s)
  +   s

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: Paul Durrant <paul@xen.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Acked-by: John Snow <jsnow@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200512070020.22782-4-f4bug@amsat.org>
2020-05-15 07:08:52 +02:00
Philippe Mathieu-Daudé
688ffbb4f7 various: Remove unnecessary OBJECT() cast
The OBJECT() macro is defined as:

  #define OBJECT(obj) ((Object *)(obj))

Remove the unnecessary OBJECT() casts when we already know the
pointer is of Object type.

Patch created mechanically using spatch with this script:

  @@
  typedef Object;
  Object *o;
  @@
  -   OBJECT(o)
  +   o

Acked-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Corey Minyard <cminyard@mvista.com>
Acked-by: John Snow <jsnow@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200512070020.22782-3-f4bug@amsat.org>
[Trivial rebase conflict in hw/s390x/sclp.c resolved]
2020-05-15 07:08:14 +02:00
Philippe Mathieu-Daudé
96449e4a30 target: Remove unnecessary CPU() cast
The CPU() macro is defined as:

  #define CPU(obj) ((CPUState *)(obj))

which expands to:

  ((CPUState *)object_dynamic_cast_assert((Object *)(obj), (name),
                                          __FILE__, __LINE__, __func__))

This assertion can only fail when @obj points to something other
than its stated type, i.e. when we're in undefined behavior country.

Remove the unnecessary CPU() casts when we already know the pointer
is of CPUState type.

Patch created mechanically using spatch with this script:

  @@
  typedef CPUState;
  CPUState *s;
  @@
  -   CPU(s)
  +   s

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200512070020.22782-2-f4bug@amsat.org>
2020-05-15 07:08:14 +02:00
Markus Armbruster
df4fe0b291 qom: Drop @errp parameter of object_property_del()
Same story as for object_property_add(): the only way
object_property_del() can fail is when the property with this name
does not exist.  Since our property names are all hardcoded, failure
is a programming error, and the appropriate way to handle it is
passing &error_abort.  Most callers do that, the commit before
previous fixed one that didn't (and got the error handling wrong), and
the two remaining exceptions ignore errors.

Drop the @errp parameter.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200505152926.18877-19-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-05-15 07:08:14 +02:00
Markus Armbruster
7ef1553dac spapr_pci: Drop some dead error handling
chassis_from_bus() uses object_property_get_uint() to get property
"chassis_nr" of the bridge device.  Failure would be a programming
error.  Pass &error_abort, and simplify its callers.

Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: qemu-ppc@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200505152926.18877-18-armbru@redhat.com>
2020-05-15 07:08:14 +02:00
Markus Armbruster
b69c3c21a5 qdev: Unrealize must not fail
Devices may have component devices and buses.

Device realization may fail.  Realization is recursive: a device's
realize() method realizes its components, and device_set_realized()
realizes its buses (which should in turn realize the devices on that
bus, except bus_set_realized() doesn't implement that, yet).

When realization of a component or bus fails, we need to roll back:
unrealize everything we realized so far.  If any of these unrealizes
failed, the device would be left in an inconsistent state.  Must not
happen.

device_set_realized() lets it happen: it ignores errors in the roll
back code starting at label child_realize_fail.

Since realization is recursive, unrealization must be recursive, too.
But how could a partly failed unrealize be rolled back?  We'd have to
re-realize, which can fail.  This design is fundamentally broken.

device_set_realized() does not roll back at all.  Instead, it keeps
unrealizing, ignoring further errors.

It can screw up even for a device with no buses: if the lone
dc->unrealize() fails, it still unregisters vmstate, and calls
listeners' unrealize() callback.

bus_set_realized() does not roll back either.  Instead, it stops
unrealizing.

Fortunately, no unrealize method can fail, as we'll see below.

To fix the design error, drop parameter @errp from all the unrealize
methods.

Any unrealize method that uses @errp now needs an update.  This leads
us to unrealize() methods that can fail.  Merely passing it to another
unrealize method cannot cause failure, though.  Here are the ones that
do other things with @errp:

* virtio_serial_device_unrealize()

  Fails when qbus_set_hotplug_handler() fails, but still does all the
  other work.  On failure, the device would stay realized with its
  resources completely gone.  Oops.  Can't happen, because
  qbus_set_hotplug_handler() can't actually fail here.  Pass
  &error_abort to qbus_set_hotplug_handler() instead.

* hw/ppc/spapr_drc.c's unrealize()

  Fails when object_property_del() fails, but all the other work is
  already done.  On failure, the device would stay realized with its
  vmstate registration gone.  Oops.  Can't happen, because
  object_property_del() can't actually fail here.  Pass &error_abort
  to object_property_del() instead.

* spapr_phb_unrealize()

  Fails and bails out when remove_drcs() fails, but other work is
  already done.  On failure, the device would stay realized with some
  of its resources gone.  Oops.  remove_drcs() fails only when
  chassis_from_bus()'s object_property_get_uint() fails, and it can't
  here.  Pass &error_abort to remove_drcs() instead.

Therefore, no unrealize method can fail before this patch.

device_set_realized()'s recursive unrealization via bus uses
object_property_set_bool().  Can't drop @errp there, so pass
&error_abort.

We similarly unrealize with object_property_set_bool() elsewhere,
always ignoring errors.  Pass &error_abort instead.

Several unrealize methods no longer handle errors from other unrealize
methods: virtio_9p_device_unrealize(),
virtio_input_device_unrealize(), scsi_qdev_unrealize(), ...
Much of the deleted error handling looks wrong anyway.

One unrealize methods no longer ignore such errors:
usb_ehci_pci_exit().

Several realize methods no longer ignore errors when rolling back:
v9fs_device_realize_common(), pci_qdev_unrealize(),
spapr_phb_realize(), usb_qdev_realize(), vfio_ccw_realize(),
virtio_device_realize().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200505152926.18877-17-armbru@redhat.com>
2020-05-15 07:08:14 +02:00
Markus Armbruster
40c2281cc3 Drop more @errp parameters after previous commit
Several functions can't fail anymore: ich9_pm_add_properties(),
device_add_bootindex_property(), ppc_compat_add_property(),
spapr_caps_add_properties(), PropertyInfo.create().  Drop their @errp
parameter.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200505152926.18877-16-armbru@redhat.com>
2020-05-15 07:08:14 +02:00
Markus Armbruster
d2623129a7 qom: Drop parameter @errp of object_property_add() & friends
The only way object_property_add() can fail is when a property with
the same name already exists.  Since our property names are all
hardcoded, failure is a programming error, and the appropriate way to
handle it is passing &error_abort.

Same for its variants, except for object_property_add_child(), which
additionally fails when the child already has a parent.  Parentage is
also under program control, so this is a programming error, too.

We have a bit over 500 callers.  Almost half of them pass
&error_abort, slightly fewer ignore errors, one test case handles
errors, and the remaining few callers pass them to their own callers.

The previous few commits demonstrated once again that ignoring
programming errors is a bad idea.

Of the few ones that pass on errors, several violate the Error API.
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL.  Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.  ich9_pm_add_properties(), sparc32_ledma_realize(),
sparc32_dma_realize(), xilinx_axidma_realize(), xilinx_enet_realize()
are wrong that way.

When the one appropriate choice of argument is &error_abort, letting
users pick the argument is a bad idea.

Drop parameter @errp and assert the preconditions instead.

There's one exception to "duplicate property name is a programming
error": the way object_property_add() implements the magic (and
undocumented) "automatic arrayification".  Don't drop @errp there.
Instead, rename object_property_add() to object_property_try_add(),
and add the obvious wrapper object_property_add().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200505152926.18877-15-armbru@redhat.com>
[Two semantic rebase conflicts resolved]
2020-05-15 07:07:58 +02:00
Markus Armbruster
9f742c28f5 qdev: Clean up qdev_connect_gpio_out_named()
Both qdev_connect_gpio_out_named() and device_set_realized() put
objects without a parent into the "/machine/unattached/" orphanage.

qdev_connect_gpio_out_named() needs a lengthy comment to explain how
it works.  It exploits that object_property_add_child() can fail only
when we got a parent already, and ignoring that error does what we
want.  True.  If it failed due to "duplicate property", we'd be in
trouble, but that would be a programming error.

device_set_realized() is cleaner: it checks whether we need a parent,
then calls object_property_add_child(), aborting on failure.  No need
for a comment, and programming errors get caught.

Change qdev_connect_gpio_out_named() to match.

Cc: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200505152926.18877-14-armbru@redhat.com>
2020-05-15 07:07:58 +02:00
Markus Armbruster
5462cc8110 hw/arm/bcm2835: Drop futile attempts at QOM-adopting memory
The "bcm2835-peripherals" device's .instance_init() method
bcm2835_peripherals_init() attempts to make two memory regions QOM
children of the device.  This is futile, because memory_region_init()
already did.  The errors are ignored (a later commit will change
that).  Drop the useless calls.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Andrew Baumann <Andrew.Baumann@microsoft.com>
Cc: "Philippe Mathieu-Daudé" <philmd@redhat.com>
Cc: qemu-arm@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200505152926.18877-13-armbru@redhat.com>
2020-05-15 07:07:58 +02:00
Markus Armbruster
a13f20422d e1000: Don't run e1000_instance_init() twice
QOM object initialization runs .instance_init() for the type and all
its supertypes; see object_init_with_type().

Both TYPE_E1000_BASE and its concrete subtypes set .instance_init() to
e1000_instance_init().  For the concrete subtypes, it duly gets run
twice.  The second run fails, but the error gets ignored (a later
commit will change that).

Remove it from the subtypes.

Cc: Jason Wang <jasowang@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200505152926.18877-12-armbru@redhat.com>
2020-05-15 07:07:58 +02:00