Peter Maydell [Mon, 13 May 2019 09:45:15 +0000 (10:45 +0100)]
Merge remote-tracking branch 'remotes/stsquad/tags/pull-demacro-softmmu-100519-1' into staging
Demacrofy the SoftMMU
- the demacro itself
- refactor TLB_RECHECK and fix bug
- move unaligned handler out
# gpg: Signature made Fri 10 May 2019 20:34:14 BST
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <[email protected]>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* remotes/stsquad/tags/pull-demacro-softmmu-100519-1:
cputlb: Do unaligned store recursion to outermost function
cputlb: Do unaligned load recursion to outermost function
cputlb: Drop attribute flatten
cputlb: Move TLB_RECHECK handling into load/store_helper
accel/tcg: demacro cputlb
cputlb: Move TLB_RECHECK handling into load/store_helper
Having this in io_readx/io_writex meant that we forgot to
re-compute index after tlb_fill. It also means we can use
the normal aligned memory load path. It also fixes a bug
in that we had cached a use of index across a tlb_fill.
Alex Bennée [Fri, 15 Feb 2019 14:31:13 +0000 (14:31 +0000)]
accel/tcg: demacro cputlb
Instead of expanding a series of macros to generate the load/store
helpers we move stuff into common functions and rely on the compiler
to eliminate the dead code for each variant.
Peter Maydell [Fri, 10 May 2019 17:44:59 +0000 (18:44 +0100)]
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Block layer patches:
- block: Remove bdrv_read() and bdrv_write()
- qemu-img: Allow rebase with no input base
- blockjob: Fix coroutine thread after AioContext change
- MAINTAINERS updates for pflash, curl and gluster
# gpg: Signature made Fri 10 May 2019 16:39:54 BST
# gpg: using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <[email protected]>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6
* remotes/kevin/tags/for-upstream:
iotests: Add test for rebase without input base
qemu-img: Use zero writes after source backing EOF
qemu-img: Allow rebase with no input base
qcow2: Remove BDRVQcow2State.cluster_sectors
block: Remove bdrv_read() and bdrv_write()
vvfat: Replace bdrv_{read,write}() with bdrv_{pread,pwrite}()
vdi: Replace bdrv_{read,write}() with bdrv_{pread,pwrite}()
qcow2: Replace bdrv_write() with bdrv_pwrite()
qemu-img: Use IEC binary prefixes for size constants
test-block-iothread: Job coroutine thread after AioContext switch
blockjob: Fix coroutine thread after AioContext change
qemu-iotests: Fix cleanup for 192
MAINTAINERS: Add an entry for the Parallel NOR Flash devices
MAINTAINERS: Downgrade status of block sections without "M:" to "Odd Fixes"
block: remove bs from lists before closing
Alberto Garcia [Wed, 1 May 2019 18:13:57 +0000 (21:13 +0300)]
vvfat: Replace bdrv_{read,write}() with bdrv_{pread,pwrite}()
There's only a couple of bdrv_read() and bdrv_write() calls left in
the vvfat code, and they can be trivially replaced with the byte-based
bdrv_pread() and bdrv_pwrite().
Alberto Garcia [Wed, 1 May 2019 18:13:56 +0000 (21:13 +0300)]
vdi: Replace bdrv_{read,write}() with bdrv_{pread,pwrite}()
There's only a couple of bdrv_read() and bdrv_write() calls left in
the vdi code, and they can be trivially replaced with the byte-based
bdrv_pread() and bdrv_pwrite().
Kevin Wolf [Fri, 3 May 2019 17:17:43 +0000 (19:17 +0200)]
blockjob: Fix coroutine thread after AioContext change
Commit 463e0be10 ('blockjob: add AioContext attached callback') tried to
make block jobs robust against AioContext changes of their main node,
but it never made sure that the job coroutine actually runs in the new
thread.
Instead of waking up the job coroutine in whatever thread it ran before,
let's always pass the AioContext where it should be running now.
Kevin Wolf [Wed, 8 May 2019 12:00:44 +0000 (14:00 +0200)]
qemu-iotests: Fix cleanup for 192
Test case 192 calls _launch_qemu, so it also needs to _cleanup_qemu when
it's done, otherwise the QMP FIFOs stay around in scratch/. It also
creates a temporary NBD socket that needs to be removed as well at the
end of the test case.
Thomas Huth [Mon, 6 May 2019 06:18:54 +0000 (08:18 +0200)]
MAINTAINERS: Downgrade status of block sections without "M:" to "Odd Fixes"
Fixes might still get picked up via the qemu-block mailing list,
so the status is not "Orphan" yet.
Also add the gluster mailing list as suggested by Niels here:
Peter Maydell [Fri, 10 May 2019 13:49:36 +0000 (14:49 +0100)]
Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging
Pull request
# gpg: Signature made Fri 10 May 2019 14:02:22 BST
# gpg: using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <[email protected]>" [full]
# gpg: aka "Stefan Hajnoczi <[email protected]>" [full]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8
* remotes/stefanha/tags/block-pull-request:
docs: add Security chapter to the documentation
docs: add Secure Coding Practices to developer docs
aio-posix: ensure poll mode is left when aio_notify is called
block/io.c: fix for the allocation failure
block: Add coroutine_fn to bdrv_check_co_entry
util/readline: Add braces to fix checkpatch errors
util: readline: replace tab indent by four spaces to fix checkpatch errors
util/readline: add a space to fix errors by checkpatch tool
Add a new virtio-input device, which connects to a vhost-user
backend.
Instead of reading configuration directly from an input device /
evdev (like virtio-input-host), it reads it over vhost-user protocol
with {SET,GET}_CONFIG messages. The vhost-user-backend handles the
queues & events setup.
Create a vhost-user-backend object that holds a connection to a
vhost-user backend (or "slave" process) and can be referenced from
virtio devices that support it. See later patches for input & gpu
usage.
Note: a previous iteration of this object made it user-creatable, and
allowed managed sub-process spawning, but that has been dropped for
now.
/home/elmarco/src/qemu/contrib/libvhost-user/libvhost-user.c: In function ‘vu_set_mem_table_exec_postcopy’:
/home/elmarco/src/qemu/contrib/libvhost-user/libvhost-user.c:546:31: warning: taking address of packed member of ‘struct VhostUserMsg’ may result in an unaligned pointer value [-Waddress-of-packed-member]
546 | VhostUserMemory *memory = &vmsg->payload.memory;
| ^~~~~~~~~~~~~~~~~~~~~
/home/elmarco/src/qemu/contrib/libvhost-user/libvhost-user.c: In function ‘vu_set_mem_table_exec’:
/home/elmarco/src/qemu/contrib/libvhost-user/libvhost-user.c:688:31: warning: taking address of packed member of ‘struct VhostUserMsg’ may result in an unaligned pointer value [-Waddress-of-packed-member]
688 | VhostUserMemory *memory = &vmsg->payload.memory;
| ^~~~~~~~~~~~~~~~~~~~~
/home/elmarco/src/qemu/contrib/libvhost-user/libvhost-user.c: In function ‘vu_set_vring_addr_exec’:
/home/elmarco/src/qemu/contrib/libvhost-user/libvhost-user.c:817:36: warning: taking address of packed member of ‘struct VhostUserMsg’ may result in an unaligned pointer value [-Waddress-of-packed-member]
817 | struct vhost_vring_addr *vra = &vmsg->payload.addr;
| ^~~~~~~~~~~~~~~~~~~
Alex Bennée [Thu, 2 May 2019 09:27:28 +0000 (10:27 +0100)]
linux-user: fix GPROF build failure
When linux-user/exit was introduced we failed to move the gprof
include at the same time. The CI didn't notice because it only builds
system emulation. Fix it for those that still find gprof useful.
Alex Bennée [Thu, 2 May 2019 14:58:46 +0000 (15:58 +0100)]
linux-user: avoid treading on gprof's SIGPROF signals
The guest tends to get confused when it receives signals it doesn't
know about. Given the gprof magic has also set up it's own handler we
would do well to avoid stomping on it as well.
Some PT_LOAD segments may be completely zeroed out and their p_filesize
is zero, in that case the loader should just allocate a page that's at
least p_memsz bytes large (plus eventual alignment padding).
Calling zero_bss does this job for us, all we have to do is make sure we
don't try to mmap a zero-length page.
Stefan Hajnoczi [Thu, 9 May 2019 12:18:19 +0000 (13:18 +0100)]
docs: add Secure Coding Practices to developer docs
At KVM Forum 2018 I gave a presentation on security in QEMU:
https://www.youtube.com/watch?v=YAdRf_hwxU8 (video)
https://vmsplice.net/~stefan/stefanha-kvm-forum-2018.pdf (slides)
This patch adds a guide to secure coding practices. This document
covers things that developers should know about security in QEMU. It is
just a starting point that we can expand on later. I hope it will be
useful as a resource for new contributors and will save code reviewers
from explaining the same concepts many times.
Paolo Bonzini [Tue, 9 Apr 2019 12:28:23 +0000 (14:28 +0200)]
aio-posix: ensure poll mode is left when aio_notify is called
With aio=thread, adaptive polling makes latency worse rather than
better, because it delays the execution of the ThreadPool's
completion bottom half.
event_notifier_poll() does run while polling, detecting that
a bottom half was scheduled by a worker thread, but because
ctx->notifier is explicitly ignored in run_poll_handlers_once(),
scheduling the BH does not count as making progress and
run_poll_handlers() keeps running. Fix this by recomputing
the deadline after *timeout could have changed.
With this change, ThreadPool still cannot participate in polling
but at least it does not suffer from extra latency.
On a file system used by the customer, fallocate() returns an error
if the block is not properly aligned. So, bdrv_co_pwrite_zeroes()
fails. We can handle that case the same way as it is done for the
unsupported cases, namely, call to bdrv_driver_pwritev() that writes
zeroes to an image for the unaligned chunk of the block.
Jules Irenge [Sat, 30 Mar 2019 11:21:42 +0000 (11:21 +0000)]
util/readline: Add braces to fix checkpatch errors
Add braces to fix errors issued by checkpatch.pl tool
"ERROR: braces {} are necessary for all arms of this statement"
Within "util/readline.c" file
Message-Id: <20190330112142[email protected]>
util/readline: add a space to fix errors by checkpatch tool
util/readline: add a space to fix errors reported by checkpatch.pl tool
"ERROR: space required before the open parenthesis"
"ERROR: space required after that ..."
within "util/redline.c" file
linux-user: avoid string truncation warnings in uname field copying
In file included from /usr/include/string.h:494,
from include/qemu/osdep.h:101,
from linux-user/uname.c:20:
In function ‘strncpy’,
inlined from ‘sys_uname’ at linux-user/uname.c:94:3:
/usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin_strncpy’ output may be truncated copying 64 bytes from a string of length 64 [-Wstringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
We don't care where the NUL terminator in the original uname
field was. It suffices to copy the entire original field and
simply force a NUL terminator at the end of the new field.
Alistair Francis [Tue, 30 Apr 2019 23:29:01 +0000 (23:29 +0000)]
linux-user/elfload: Fix GCC 9 build warnings
Fix this warning when building with GCC9 on Fedora 30:
In function ‘strncpy’,
inlined from ‘fill_psinfo’ at /home/alistair/qemu/linux-user/elfload.c:3208:12,
inlined from ‘fill_note_info’ at /home/alistair/qemu/linux-user/elfload.c:3390:5,
inlined from ‘elf_core_dump’ at /home/alistair/qemu/linux-user/elfload.c:3539:9:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ specified bound 16 equals destination size [-Werror=stringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Helge Deller [Sun, 10 Mar 2019 11:12:16 +0000 (12:12 +0100)]
linux-user: Add missing IPV6 sockopts
When running ssh over IPv6 with linux-user I faced this warning:
Unsupported setsockopt level=41 optname=67
setsockopt IPV6_TCLASS 32: Protocol not available:
This patch adds code to the linux-user emulatation for setting and
retrieving of a few missing IPV6 options, including IPV6_TCLASS.
Peter Maydell [Thu, 9 May 2019 14:43:41 +0000 (15:43 +0100)]
Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2019-05-09' into staging
- Fix "make check" problem that occurred with LANG=C and Python 3.5 / 3.6
- Get rid of some more dependencies on the global_qtest variable in the qtests
- Some other small test clean-ups
- Some copyright statement clarifications
- Mark TARGET_FMT_lu as poisoned
* remotes/huth-gitlab/tags/pull-request-2019-05-09:
include/exec/poison: Mark TARGET_FMT_lu as poisoned, too
target/sh4: Fix LGPL information in the file headers
target/openrisc: Fix LGPL information in the file headers
hw/i2c/smbus_ich9: Fix the confusing contributions-after-2012 statement
tests: qpci_unplug_acpi_device_test() should not rely on global_qtest
tests/drive_del-test: Use qtest_init() instead of qtest_start()
tests/Makefile: Remove unused test-obj-y variable
tests/tpm-tests: Use g_test_skip() to mark skipped tests
tests/ide-test: Make test independent of global_qtest
tests/test-hmp: Use qtest_init() instead of qtest_start()
tests/qmp-cmd-test: Use qtest_init() instead of qtest_start()
tests/megasas: Make test independent of global_qtest
tests/tco: Make test independent of global_qtest
tests: Force Python I/O encoding for check-qapi-schema
* remotes/vivier2/tags/trivial-branch-pull-request:
sockets: avoid string truncation warnings when copying UNIX path
hw/sparc/leon3: Allow load of uImage firmwares
Makefile: Let the 'clean' rule remove qemu-ga.exe on Windows hosts
net: Print output of "-net nic, model=help" to stdout instead of stderr
Header cleanups
Update configure
configure: fix pam test warning
qom: use object_new_with_type in object_new_with_propv
doc: fix the configuration path
CODING_STYLE: indent example code as all others
CODING_STYLE: specify the indent rule for multiline code
hw/net/pcnet: Use qemu_log_mask(GUEST_ERROR) instead of printf
Thomas Huth [Wed, 13 Feb 2019 13:52:50 +0000 (14:52 +0100)]
target/sh4: Fix LGPL information in the file headers
It's either "GNU *Library* General Public License version 2" or "GNU
Lesser General Public License version *2.1*", but there was no "version
2.0" of the "Lesser" license. So assume that version 2.1 is meant here.
Thomas Huth [Wed, 13 Feb 2019 13:46:50 +0000 (14:46 +0100)]
target/openrisc: Fix LGPL information in the file headers
It's either "GNU *Library* General Public License version 2" or "GNU
Lesser General Public License version *2.1*", but there was no "version
2.0" of the "Lesser" license. So assume that version 2.1 is meant here.
Thomas Huth [Wed, 6 Feb 2019 16:33:38 +0000 (17:33 +0100)]
hw/i2c/smbus_ich9: Fix the confusing contributions-after-2012 statement
The license information in this file is rather confusing. The text
declares LGPL first, but then says that contributions after Jan 2012
are licensed under the GPL instead. How should the average user who
just downloaded the release tarball know which part is now GPL and
which is LGPL? Also, as far as I can see, the file has been added to
QEMU *after* January in 2012, so the whole file should be GPL by
default instead.
Furthermore, looking at the text of the LGPL (see COPYING.LIB in the
top directory), the license clearly states in section "3." that one
should rather replace the license information in such a case instead.
Thus let's clean up the confusing statements and use the proper GPL
text only.
Thomas Huth [Tue, 9 Apr 2019 12:25:57 +0000 (14:25 +0200)]
tests: qpci_unplug_acpi_device_test() should not rely on global_qtest
libqos functions should not use functions that require global_qtest to
be set, since such library functions could also be used by tests that
deal with multiple test states. Add a parameter to this function to
explicitly specify the test state.
Thomas Huth [Tue, 9 Apr 2019 10:38:41 +0000 (12:38 +0200)]
tests/drive_del-test: Use qtest_init() instead of qtest_start()
qtest_start() + qtest_end() should be avoided, since they use the
global_qtest variable that we want to get rid of in the long run
Use qtest_init() and qtest_quit() instead.
Thomas Huth [Wed, 8 May 2019 07:55:27 +0000 (09:55 +0200)]
tests/Makefile: Remove unused test-obj-y variable
I recently noticed that test-obj-y contains a file called
tests/check-block-qtest.o which simply does not belong to any .c
file and thus wondered why this is not causing any trouble. It is
only used to add -Itests to the command line (which refers to the
build directory). However, it is not needed because "-iquote $(@D)"
already sets this up in rules.mak. Thus we can simply remove this
variable.
Peter Maydell [Wed, 8 May 2019 15:10:24 +0000 (16:10 +0100)]
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-05-07' into staging
nbd patches for 2019-05-07
- iotest improvements
# gpg: Signature made Tue 07 May 2019 16:00:18 BST
# gpg: using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <[email protected]>" [full]
# gpg: aka "Eric Blake (Free Software Programmer) <[email protected]>" [full]
# gpg: aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2 F3AA A7A1 6B4A 2527 436A
* remotes/ericb/tags/pull-nbd-2019-05-07:
iotests: Make 182 do without device_add
iotests: Tweak 221 sizing for different hole granularities
tests/qemu-iotests: Fix more reference output files due to recent qemu-io change
iotests: Fix 233 for ports other than 10809
qemu-nbd: Look up flag names in array
Thomas Huth [Tue, 9 Apr 2019 08:52:45 +0000 (10:52 +0200)]
tests/ide-test: Make test independent of global_qtest
Pass around the QTestState, so we do not need the problematic global_qtest
variable (which causes trouble for tests that have multiple test states)
here anymore.
Thomas Huth [Tue, 9 Apr 2019 08:52:44 +0000 (10:52 +0200)]
tests/test-hmp: Use qtest_init() instead of qtest_start()
qtest_start() + qtest_end() should be avoided, since they use the
global_qtest variable that we want to get rid of in the long run
Use qtest_init() and qtest_quit() instead.
Thomas Huth [Tue, 9 Apr 2019 08:52:43 +0000 (10:52 +0200)]
tests/qmp-cmd-test: Use qtest_init() instead of qtest_start()
qtest_start() + qtest_end() should be avoided, since they use the
global_qtest variable that we want to get rid of in the long run
(since global_qtest can not be used in tests that have to track
multiple QEMU states, like migration tests). Use qtest_init() and
qtest_quit() instead.
Eduardo Habkost [Mon, 6 May 2019 21:38:17 +0000 (18:38 -0300)]
tests: Force Python I/O encoding for check-qapi-schema
test-qapi.py doesn't force a specific encoding for stderr or
stdout, but the reference files used by check-qapi-schema are in
UTF-8. This breaks check-qapi-schema under certain circumstances
(e.g. if using the C locale and Python < 3.7).
We need to make sure test-qapi.py always generate UTF-8 output
somehow. On Python 3.7+ we can do it using
`sys.stdout.reconfigure(...)`, but we need a solution that works
with older Python versions.
Instead of trying a hack like reopening sys.stdout and
sys.stderr, we can just tell Python to use UTF-8 for I/O encoding
when running test-qapi.py. Do it by setting PYTHONIOENCODING.
Peter Maydell [Tue, 7 May 2019 23:06:43 +0000 (00:06 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190507' into staging
target-arm queue:
* Stop using variable length array in dc_zva
* Implement M-profile XPSR GE bits
* Don't enable ARMV7M_EXCP_DEBUG from reset
* armv7m_nvic: NS BFAR and BFSR are RAZ/WI if BFHFNMINS == 0
* armv7m_nvic: Check subpriority in nvic_recompute_state_secure()
* fix various minor issues to allow building for Windows-on-ARM64
* aspeed: Set SDRAM size
* Allow system registers for KVM guests to be changed by QEMU code
* raspi: Diagnose requests for too much RAM
* virt: Support firmware configuration with -blockdev
* remotes/pmaydell/tags/pull-target-arm-20190507:
target/arm: Stop using variable length array in dc_zva
target/arm: Implement XPSR GE bits
hw/intc/armv7m_nvic: Don't enable ARMV7M_EXCP_DEBUG from reset
hw/intc/armv7m_nvic: NS BFAR and BFSR are RAZ/WI if BFHFNMINS == 0
hw/arm/armv7m_nvic: Check subpriority in nvic_recompute_state_secure()
osdep: Fix mingw compilation regarding stdio formats
util/cacheinfo: Use uint64_t on LLP64 model to satisfy Windows ARM64
qga: Fix mingw compilation warnings on enum conversion
QEMU_PACKED: Remove gcc_struct attribute in Windows non x86 targets
arm: aspeed: Set SDRAM size
arm: Allow system registers for KVM guests to be changed by QEMU code
hw/arm/raspi: Diagnose requests for too much RAM
hw/arm/virt: Support firmware configuration with -blockdev
pflash_cfi01: New pflash_cfi01_legacy_drive()
pc: Rearrange pc_system_firmware_init()'s legacy -drive loop
Peter Maydell [Tue, 7 May 2019 16:16:11 +0000 (17:16 +0100)]
Merge remote-tracking branch 'remotes/rth/tags/pull-dt-20190506' into staging
Add support for variable-length ISAs
# gpg: Signature made Mon 06 May 2019 19:26:21 BST
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "[email protected]"
# gpg: Good signature from "Richard Henderson <[email protected]>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth/tags/pull-dt-20190506:
decodetree: Add DisasContext argument to !function expanders
decodetree: Expand a decode_load function
decodetree: Initial support for variable-length ISAs
Alberto Garcia [Thu, 4 Apr 2019 11:29:53 +0000 (14:29 +0300)]
block: Assert that drv->bdrv_child_perm is set in bdrv_child_perm()
There is no need to check for this because all block drivers that have
children implement bdrv_child_perm and all callers already ensure that
bs->drv is set.
Furthermore, if this check would fail then the callers would end up
with uninitialized values for nperm and nshared.
Max Reitz [Mon, 25 Feb 2019 19:08:27 +0000 (20:08 +0100)]
block/ssh: Implement .bdrv_refresh_filename()
This requires some changes to keep iotests 104 and 207 working.
qemu-img info in 104 will now return a filename including the user name
and the port, which need to be filtered by adjusting REMOTE_TEST_DIR in
common.rc. This additional information has to be marked optional,
however (which is simple as REMOTE_TEST_DIR is a regex), because
otherwise 197 and 215 would fail: They use it (indirectly) to filter
qemu-img create output which contains a backing filename they have
passed to it -- which probably does not contain a user name or port
number.
The problem in 207 is a nice one to have: qemu-img info used to return
json:{} filenames, but with this patch it returns nice plain ones. We
now need to adjust the filtering to hide the user name (and port number
while we are at it). The simplest way to do this is to include both in
iotests.remote_filename() so that bdrv_refresh_filename() will not
change it, and then iotests.img_info_log() will filter it correctly
automatically.
qcow2-refcount: don't mask corruptions under internal errors
No reasons for not reporting found corruptions as corruptions in case
of some internal errors, especially in case of just failed to fix l2
entry (and in this case, missed corruptions may influence comparing
logic, when we calculate difference between corruptions fields of two
results)
Reduce number of structures ignored in overlap check: when checking
active table ignore active tables, when checking inactive table ignore
inactive ones.
qcow2_inc_refcounts_imrt() (through realloc_refcount_array()) can eat
an unpredictable amount of memory on corrupted table entries, which are
referencing regions far beyond the end of file.
Prevent this, by skipping such regions from further processing.
Interesting that iotest 138 checks exactly the behavior which we fix
here. So, change the test appropriately.
Max Reitz [Wed, 17 Apr 2019 15:30:05 +0000 (17:30 +0200)]
iotests: Make 182 do without device_add
182 fails if qemu has no support for hotplugging of a virtio-blk device.
Using an NBD server instead works just as well for the test, even on
qemus without hotplugging support.
Eric Blake [Mon, 6 May 2019 17:21:11 +0000 (12:21 -0500)]
iotests: Tweak 221 sizing for different hole granularities
For some particular configurations of ext4, sizing an image to 84
sectors + 1 byte causes test failures when the size of the hole is
rounded to a 4k alignment. Let's instead size things to 128 sectors +
1 byte, as the 64k boundary is more likely to work with various hole
granularities.
Thomas Huth [Wed, 1 May 2019 13:41:27 +0000 (15:41 +0200)]
tests/qemu-iotests: Fix more reference output files due to recent qemu-io change
The output of qemu-io changed recently - most tests have been fixed in
commit 36b9986b08787019ef42 ("tests/qemu-iotests: Fix output of qemu-io
related tests") already, but a qcow1, vmdk, and nbd test were still missing.
Max Reitz [Mon, 6 May 2019 16:05:29 +0000 (18:05 +0200)]
iotests: Fix 233 for ports other than 10809
233 generally filters the port, but in two cases does not. If some
other concurrently running application has already taken port 10809,
this will result in an output mismatch. Fix this by applying the
filter in these two cases, too.
Max Reitz [Fri, 5 Apr 2019 19:16:35 +0000 (21:16 +0200)]
qemu-nbd: Look up flag names in array
The existing code to convert flag bits into strings looks a bit strange
now, and if we ever add more flags, it will look even stranger. Prevent
that from happening by making it look up the flag names in an array.
Peter Maydell [Tue, 7 May 2019 11:55:04 +0000 (12:55 +0100)]
target/arm: Stop using variable length array in dc_zva
Currently the dc_zva helper function uses a variable length
array. In fact we know (as the comment above remarks) that
the length of this array is bounded because the architecture
limits the block size and QEMU limits the target page size.
Use a fixed array size and assert that we don't run off it.
Peter Maydell [Tue, 7 May 2019 11:55:04 +0000 (12:55 +0100)]
target/arm: Implement XPSR GE bits
In the M-profile architecture, if the CPU implements the DSP extension
then the XPSR has GE bits, in the same way as the A-profile CPSR. When
we added DSP extension support we forgot to add support for reading
and writing the GE bits, which are stored in env->GE. We did put in
the code to add XPSR_GE to the mask of bits to update in the v7m_msr
helper, but forgot it in v7m_mrs. We also must not allow the XPSR we
pull off the stack on exception return to set the nonexistent GE bits.
Correct these errors:
* read and write env->GE in xpsr_read() and xpsr_write()
* only set GE bits on exception return if DSP present
* read GE bits for MRS if DSP present
Peter Maydell [Tue, 7 May 2019 11:55:03 +0000 (12:55 +0100)]
hw/intc/armv7m_nvic: Don't enable ARMV7M_EXCP_DEBUG from reset
The M-profile architecture specifies that the DebugMonitor exception
should be initially disabled, not enabled. It should be controlled
by the DEMCR register's MON_EN bit, but we don't implement that
register yet (like most of the debug architecture for M-profile).
Note that BKPT instructions will still work, because they
will be escalated to HardFault.
Peter Maydell [Tue, 7 May 2019 11:55:03 +0000 (12:55 +0100)]
hw/intc/armv7m_nvic: NS BFAR and BFSR are RAZ/WI if BFHFNMINS == 0
The non-secure versions of the BFAR and BFSR registers are
supposed to be RAZ/WI if AICR.BFHFNMINS == 0; we were
incorrectly allowing NS code to access the real values.
Peter Maydell [Tue, 7 May 2019 11:55:03 +0000 (12:55 +0100)]
hw/arm/armv7m_nvic: Check subpriority in nvic_recompute_state_secure()
Rule R_CQRV says that if two pending interrupts have the same
group priority then ties are broken by looking at the subpriority.
We had a comment describing this but had forgotten to actually
implement the subpriority comparison. Correct the omission.
(The further tie break rules of "lowest exception number" and
"secure before non-secure" are handled implicitly by the order
in which we iterate through the exceptions in the loops.)
I encountered the following compilation error on mingw:
/mnt/d/qemu/include/qemu/osdep.h:97:9: error: '__USE_MINGW_ANSI_STDIO' macro redefined [-Werror,-Wmacro-redefined]
#define __USE_MINGW_ANSI_STDIO 1
^
/mnt/d/llvm-mingw/aarch64-w64-mingw32/include/_mingw.h:433:9: note: previous definition is here
#define __USE_MINGW_ANSI_STDIO 0 /* was not defined so it should be 0 */
It turns out that __USE_MINGW_ANSI_STDIO must be set before any
system headers are included, not just before stdio.h.
Cao Jiaxi [Tue, 7 May 2019 11:55:03 +0000 (12:55 +0100)]
qga: Fix mingw compilation warnings on enum conversion
The win2qemu[] is supposed to be the conversion table to convert between
STORAGE_BUS_TYPE in Windows SDK and GuestDiskBusType in qga.
But it was incorrectly written that it forces to set a GuestDiskBusType
value to STORAGE_BUS_TYPE, which generates an enum conversion warning in clang.
Peter Maydell [Tue, 7 May 2019 11:55:02 +0000 (12:55 +0100)]
arm: Allow system registers for KVM guests to be changed by QEMU code
At the moment the Arm implementations of kvm_arch_{get,put}_registers()
don't support having QEMU change the values of system registers
(aka coprocessor registers for AArch32). This is because although
kvm_arch_get_registers() calls write_list_to_cpustate() to
update the CPU state struct fields (so QEMU code can read the
values in the usual way), kvm_arch_put_registers() does not
call write_cpustate_to_list(), meaning that any changes to
the CPU state struct fields will not be passed back to KVM.
The rationale for this design is documented in a comment in the
AArch32 kvm_arch_put_registers() -- writing the values in the
cpregs list into the CPU state struct is "lossy" because the
write of a register might not succeed, and so if we blindly
copy the CPU state values back again we will incorrectly
change register values for the guest. The assumption was that
no QEMU code would need to write to the registers.
However, when we implemented debug support for KVM guests, we
broke that assumption: the code to handle "set the guest up
to take a breakpoint exception" does so by updating various
guest registers including ESR_EL1.
Support this by making kvm_arch_put_registers() synchronize
CPU state back into the list. We sync only those registers
where the initial write succeeds, which should be sufficient.
This commit is the same as commit 823e1b3818f9b10b824ddc which we
had to revert in commit 942f99c825fc94c8b1a4, except that the bug
which was preventing EDK2 guest firmware running has been fixed:
kvm_arm_reset_vcpu() now calls write_list_to_cpustate().
Peter Maydell [Tue, 7 May 2019 11:55:02 +0000 (12:55 +0100)]
hw/arm/raspi: Diagnose requests for too much RAM
The Raspberry Pi boards have a physical memory map which does
not allow for more than 1GB of RAM. Currently if the user tries
to ask for more then we fail in a confusing way:
$ qemu-system-aarch64 --machine raspi3 -m 8G
Unexpected error in visit_type_uintN() at qapi/qapi-visit-core.c:164:
qemu-system-aarch64: Parameter 'vcram-base' expects uint32_t
Aborted (core dumped)
Catch this earlier and diagnose it with a more friendly message:
$ qemu-system-aarch64 --machine raspi3 -m 8G
qemu-system-aarch64: Requested ram size is too large for this machine: maximum is 1GB
hw/arm/virt: Support firmware configuration with -blockdev
The ARM virt machines put firmware in flash memory. To configure it,
you use -drive if=pflash,unit=0,... and optionally -drive
if=pflash,unit=1,...
Why two -drive? This permits setting up one part of the flash memory
read-only, and the other part read/write. It also makes upgrading
firmware on the host easier. Below the hood, we get two separate
flash devices, because we were too lazy to improve our flash device
models to support sector protection.
The problem at hand is to do the same with -blockdev somehow, as one
more step towards deprecating -drive.
We recently solved this problem for x86 PC machines, in commit ebc29e1beab. See the commit message for design rationale.
This commit solves it for ARM virt basically the same way: new machine
properties pflash0, pflash1 forward to the onboard flash devices'
properties. Requires creating the onboard devices in the
.instance_init() method virt_instance_init(). The existing code to
pick up drives defined with -drive if=pflash is replaced by code to
desugar into the machine properties.
There are a few behavioral differences, though:
* The flash devices are always present (x86: only present if
configured)
* Flash base addresses and sizes are fixed (x86: sizes depend on
images, mapped back to back below a fixed address)
* -bios configures contents of first pflash (x86: -bios configures ROM
contents)
* -bios is rejected when first pflash is also configured with -machine
pflash0=... (x86: bios is silently ignored then)
* -machine pflash1=... does not require -machine pflash0=... (x86: it
does).
The actual code is a bit simpler than for x86 mostly due to the first
two differences.
Before the patch, all the action is in create_flash(), called from the
machine's .init() method machvirt_init():
main()
machine_run_board_init()
machvirt_init()
create_flash()
create_one_flash() for flash[0]
create
configure
includes obeying -drive if=pflash,unit=0
realize
map
fall back to -bios
create_one_flash() for flash[1]
create
configure
includes obeying -drive if=pflash,unit=1
realize
map
update FDT
To make the machine properties work, we need to move device creation
to its .instance_init() method virt_instance_init().
Another complication is machvirt_init()'s computation of
@firmware_loaded: it predicts what create_flash() will do. Instead of
predicting what create_flash()'s replacement virt_firmware_init() will
do, I decided to have virt_firmware_init() return what it did.
Requires calling it a bit earlier.
Resulting call tree:
main()
current_machine = object_new()
...
virt_instance_init()
virt_flash_create()
virt_flash_create1() for flash[0]
create
configure: set defaults
become child of machine [NEW]
add machine prop pflash0 as alias for drive [NEW]
virt_flash_create1() for flash[1]
create
configure: set defaults
become child of machine [NEW]
add machine prop pflash1 as alias for drive [NEW]
for all machine props from the command line: machine_set_property()
...
property_set_alias() for machine props pflash0, pflash1
...
set_drive() for cfi.pflash01 prop drive
this is how -machine pflash0=... etc set
machine_run_board_init(current_machine);
virt_firmware_init()
pflash_cfi01_legacy_drive()
legacy -drive if=pflash,unit=0 and =1 [NEW]
virt_flash_map()
virt_flash_map1() for flash[0]
configure: num-blocks
realize
map
virt_flash_map1() for flash[1]
configure: num-blocks
realize
map
fall back to -bios
virt_flash_fdt()
update FDT
You have László to thank for making me explain this in detail.
projects / qemu.git / log