[PATCH v2 14/14] hw/arm/mps2-tz: Use the ARM SBCon two-wire serial bus interface

[Philippe Mathieu-Daudé]

>From 'Application Note AN521', chapter 4.7:

  The SMM implements four SBCon serial modules:

  One SBCon module for use by the Color LCD touch interface.
  One SBCon module to configure the audio controller.
  Two general purpose SBCon modules, that connect to the
  Expansion headers J7 and J8, are intended for use with the
  V2C-Shield1 which provide an I2C interface on the headers.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/arm/mps2-tz.c | 23 ++-
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/hw/arm/mps2-tz.c b/hw/arm/mps2-tz.c
index 8155c35418..a4fd5ddede 100644
--- a/hw/arm/mps2-tz.c
+++ b/hw/arm/mps2-tz.c
@@ -58,6 +58,7 @@
 #include "hw/arm/armsse.h"
 #include "hw/dma/pl080.h"
 #include "hw/ssi/pl022.h"
+#include "hw/i2c/arm_sbcon_i2c.h"
 #include "hw/net/lan9118.h"
 #include "net/net.h"
 #include "hw/core/split-irq.h"
@@ -87,7 +88,7 @@ typedef struct {
 TZPPC ppc[5];
 TZMPC ssram_mpc[3];
 PL022State spi[5];
-UnimplementedDeviceState i2c[4];
+ArmSbconI2CState i2c[4];
 UnimplementedDeviceState i2s_audio;
 UnimplementedDeviceState gpio[4];
 UnimplementedDeviceState gfx;
@@ -365,6 +366,18 @@ static MemoryRegion *make_spi(MPS2TZMachineState *mms, 
void *opaque,
 return sysbus_mmio_get_region(s, 0);
 }
 
+static MemoryRegion *make_i2c(MPS2TZMachineState *mms, void *opaque,
+  const char *name, hwaddr size)
+{
+ArmSbconI2CState *i2c = opaque;
+SysBusDevice *s;
+
+object_initialize_child(OBJECT(mms), name, i2c, TYPE_ARM_SBCON_I2C);
+s = SYS_BUS_DEVICE(i2c);
+sysbus_realize(s, _fatal);
+return sysbus_mmio_get_region(s, 0);
+}
+
 static void mps2tz_common_init(MachineState *machine)
 {
 MPS2TZMachineState *mms = MPS2TZ_MACHINE(machine);
@@ -499,10 +512,10 @@ static void mps2tz_common_init(MachineState *machine)
 { "uart2", make_uart, >uart[2], 0x40202000, 0x1000 },
 { "uart3", make_uart, >uart[3], 0x40203000, 0x1000 },
 { "uart4", make_uart, >uart[4], 0x40204000, 0x1000 },
-{ "i2c0", make_unimp_dev, >i2c[0], 0x40207000, 0x1000 },
-{ "i2c1", make_unimp_dev, >i2c[1], 0x40208000, 0x1000 },
-{ "i2c2", make_unimp_dev, >i2c[2], 0x4020c000, 0x1000 },
-{ "i2c3", make_unimp_dev, >i2c[3], 0x4020d000, 0x1000 },
+{ "i2c0", make_i2c, >i2c[0], 0x40207000, 0x1000 },
+{ "i2c1", make_i2c, >i2c[1], 0x40208000, 0x1000 },
+{ "i2c2", make_i2c, >i2c[2], 0x4020c000, 0x1000 },
+{ "i2c3", make_i2c, >i2c[3], 0x4020d000, 0x1000 },
 },
 }, {
 .name = "apb_ppcexp2",
-- 
2.21.3

[PATCH v2 10/14] hw/arm/mps2: Map the FPGA I/O block

[Philippe Mathieu-Daudé]

Signed-off-by: Philippe Mathieu-Daudé 
---
v2: 25MHz prescale-clk property
---
 hw/arm/mps2.c | 9 +
 1 file changed, 9 insertions(+)

diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
index c66c595d4a..e106123225 100644
--- a/hw/arm/mps2.c
+++ b/hw/arm/mps2.c
@@ -38,8 +38,10 @@
 #include "hw/timer/cmsdk-apb-timer.h"
 #include "hw/timer/cmsdk-apb-dualtimer.h"
 #include "hw/misc/mps2-scc.h"
+#include "hw/misc/mps2-fpgaio.h"
 #include "hw/net/lan9118.h"
 #include "net/net.h"
+#include "hw/watchdog/cmsdk-apb-watchdog.h"
 
 typedef enum MPS2FPGAType {
 FPGA_AN385,
@@ -67,8 +69,10 @@ typedef struct {
 MemoryRegion sram;
 /* FPGA APB subsystem */
 MPS2SCC scc;
+MPS2FPGAIO fpgaio;
 /* CMSDK APB subsystem */
 CMSDKAPBDualTimer dualtimer;
+CMSDKAPBWatchdog watchdog;
 } MPS2MachineState;
 
 #define TYPE_MPS2_MACHINE "mps2"
@@ -332,6 +336,11 @@ static void mps2_common_init(MachineState *machine)
 qdev_prop_set_uint32(sccdev, "scc-id", mmc->scc_id);
 sysbus_realize(SYS_BUS_DEVICE(>scc), _fatal);
 sysbus_mmio_map(SYS_BUS_DEVICE(sccdev), 0, 0x4002f000);
+object_initialize_child(OBJECT(mms), "fpgaio",
+>fpgaio, TYPE_MPS2_FPGAIO);
+qdev_prop_set_uint32(DEVICE(>fpgaio), "prescale-clk", 2500);
+sysbus_realize(SYS_BUS_DEVICE(>fpgaio), _fatal);
+sysbus_mmio_map(SYS_BUS_DEVICE(>fpgaio), 0, 0x40028000);
 
 /* In hardware this is a LAN9220; the LAN9118 is software compatible
  * except that it doesn't support the checksum-offload feature.
-- 
2.21.3

[PATCH v2 08/14] hw/arm/mps2: Add CMSDK APB watchdog device

[Philippe Mathieu-Daudé]

We already model the CMSDK APB watchdog device, let's use it!

Suggested-by: Peter Maydell 
Signed-off-by: Philippe Mathieu-Daudé 
---
v2: Use existing TYPE_CMSDK_APB_WATCHDOG (pm215)
---
 hw/arm/mps2.c  | 7 +++
 hw/arm/Kconfig | 1 +
 2 files changed, 8 insertions(+)

diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
index 4fe5cc8622..f7bef20b40 100644
--- a/hw/arm/mps2.c
+++ b/hw/arm/mps2.c
@@ -312,6 +312,13 @@ static void mps2_common_init(MachineState *machine)
 sysbus_connect_irq(SYS_BUS_DEVICE(>dualtimer), 0,
qdev_get_gpio_in(armv7m, 10));
 sysbus_mmio_map(SYS_BUS_DEVICE(>dualtimer), 0, 0x40002000);
+object_initialize_child(OBJECT(mms), "watchdog", >watchdog,
+TYPE_CMSDK_APB_WATCHDOG);
+qdev_prop_set_uint32(DEVICE(>watchdog), "wdogclk-frq", SYSCLK_FRQ);
+sysbus_realize(SYS_BUS_DEVICE(>watchdog), _fatal);
+sysbus_connect_irq(SYS_BUS_DEVICE(>watchdog), 0,
+   qdev_get_gpio_in_named(armv7m, "NMI", 0));
+sysbus_mmio_map(SYS_BUS_DEVICE(>watchdog), 0, 0x40008000);
 
 /* FPGA APB subsystem */
 object_initialize_child(OBJECT(mms), "scc", >scc, TYPE_MPS2_SCC);
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 9afa6eee79..5c8f689b3d 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -405,6 +405,7 @@ config MPS2
 select PL080# DMA controller
 select SPLIT_IRQ
 select UNIMP
+select CMSDK_APB_WATCHDOG
 
 config FSL_IMX7
 bool
-- 
2.21.3

[PATCH v2 12/14] hw/arm/mps2: Add I2C devices

[Philippe Mathieu-Daudé]

>From 'Application Note AN385', chapter 3.14:

  The SMM implements a simple SBCon interface based on I2C.

There are 4 SBCon interfaces on the FPGA APB subsystem.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/arm/mps2.c | 8 
 1 file changed, 8 insertions(+)

diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
index daa26f68d7..2f6acbf2c2 100644
--- a/hw/arm/mps2.c
+++ b/hw/arm/mps2.c
@@ -40,6 +40,7 @@
 #include "hw/misc/mps2-scc.h"
 #include "hw/misc/mps2-fpgaio.h"
 #include "hw/ssi/pl022.h"
+#include "hw/i2c/arm_sbcon_i2c.h"
 #include "hw/net/lan9118.h"
 #include "net/net.h"
 #include "hw/watchdog/cmsdk-apb-watchdog.h"
@@ -365,6 +366,13 @@ static void mps2_common_init(MachineState *machine)
  qdev_get_gpio_in(orgate_dev, j));
 }
 }
+for (i = 0; i < 4; i++) {
+static const hwaddr i2cbase[] = {0x40022000,/* Touch */
+ 0x40023000,/* Audio */
+ 0x40029000,/* Shield0 */
+ 0x4002a000};   /* Shield1 */
+sysbus_create_simple(TYPE_ARM_SBCON_I2C, i2cbase[i], NULL);
+}
 
 /* In hardware this is a LAN9220; the LAN9118 is software compatible
  * except that it doesn't support the checksum-offload feature.
-- 
2.21.3

[PATCH v2 06/14] hw/arm/mps2: Document CMSDK/FPGA APB subsystem sections

[Philippe Mathieu-Daudé]

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/arm/mps2.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
index daa55f730b..ee555f919d 100644
--- a/hw/arm/mps2.c
+++ b/hw/arm/mps2.c
@@ -65,7 +65,9 @@ typedef struct {
 MemoryRegion blockram_m2;
 MemoryRegion blockram_m3;
 MemoryRegion sram;
+/* FPGA APB subsystem */
 MPS2SCC scc;
+/* CMSDK APB subsystem */
 CMSDKAPBDualTimer dualtimer;
 } MPS2MachineState;
 
@@ -299,9 +301,9 @@ static void mps2_common_init(MachineState *machine)
 g_assert_not_reached();
 }
 
+/* CMSDK APB subsystem */
 cmsdk_apb_timer_create(0x4000, qdev_get_gpio_in(armv7m, 8), 
SYSCLK_FRQ);
 cmsdk_apb_timer_create(0x40001000, qdev_get_gpio_in(armv7m, 9), 
SYSCLK_FRQ);
-
 object_initialize_child(OBJECT(mms), "dualtimer", >dualtimer,
 TYPE_CMSDK_APB_DUALTIMER);
 qdev_prop_set_uint32(DEVICE(>dualtimer), "pclk-frq", SYSCLK_FRQ);
@@ -310,6 +312,7 @@ static void mps2_common_init(MachineState *machine)
qdev_get_gpio_in(armv7m, 10));
 sysbus_mmio_map(SYS_BUS_DEVICE(>dualtimer), 0, 0x40002000);
 
+/* FPGA APB subsystem */
 object_initialize_child(OBJECT(mms), "scc", >scc, TYPE_MPS2_SCC);
 sccdev = DEVICE(>scc);
 qdev_prop_set_uint32(sccdev, "scc-cfg4", 0x2);
-- 
2.21.3

[PATCH v2 09/14] hw/arm/mps2: Add CMSDK AHB GPIO peripherals as unimplemented devices

[Philippe Mathieu-Daudé]

Register the GPIO peripherals as unimplemented to better
follow their accesses, for example booting Zephyr:

  
  IN: arm_mps2_pinmux_init
  0x1160:  f64f 0231  movw r2, #0xf831
  0x1164:  4b06   ldr  r3, [pc, #0x18]
  0x1166:  2000   movs r0, #0
  0x1168:  619a   str  r2, [r3, #0x18]
  0x116a:  f24c 426f  movw r2, #0xc46f
  0x116e:  f503 5380  add.wr3, r3, #0x1000
  0x1172:  619a   str  r2, [r3, #0x18]
  0x1174:  f44f 529e  mov.wr2, #0x13c0
  0x1178:  f503 5380  add.wr3, r3, #0x1000
  0x117c:  619a   str  r2, [r3, #0x18]
  0x117e:  4770   bx   lr
  cmsdk-ahb-gpio: unimplemented device write (size 4, value 0xf831, offset 0x18)
  cmsdk-ahb-gpio: unimplemented device write (size 4, value 0xc46f, offset 0x18)
  cmsdk-ahb-gpio: unimplemented device write (size 4, value 0x13c0, offset 0x18)

Reviewed-by: Peter Maydell 
Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/arm/mps2.c | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
index f7bef20b40..c66c595d4a 100644
--- a/hw/arm/mps2.c
+++ b/hw/arm/mps2.c
@@ -113,6 +113,7 @@ static void mps2_common_init(MachineState *machine)
 MemoryRegion *system_memory = get_system_memory();
 MachineClass *mc = MACHINE_GET_CLASS(machine);
 DeviceState *armv7m, *sccdev;
+int i;
 
 if (strcmp(machine->cpu_type, mc->default_cpu_type) != 0) {
 error_report("This board can only be used with CPU %s",
@@ -228,7 +229,6 @@ static void mps2_common_init(MachineState *machine)
  */
 Object *orgate;
 DeviceState *orgate_dev;
-int i;
 
 orgate = object_new(TYPE_OR_IRQ);
 object_property_set_int(orgate, 6, "num-lines", _fatal);
@@ -265,7 +265,6 @@ static void mps2_common_init(MachineState *machine)
  */
 Object *orgate;
 DeviceState *orgate_dev;
-int i;
 
 orgate = object_new(TYPE_OR_IRQ);
 object_property_set_int(orgate, 10, "num-lines", _fatal);
@@ -301,6 +300,11 @@ static void mps2_common_init(MachineState *machine)
 default:
 g_assert_not_reached();
 }
+for (i = 0; i < 4; i++) {
+static const hwaddr gpiobase[] = {0x4001, 0x40011000,
+  0x40012000, 0x40013000};
+create_unimplemented_device("cmsdk-ahb-gpio", gpiobase[i], 0x1000);
+}
 
 /* CMSDK APB subsystem */
 cmsdk_apb_timer_create(0x4000, qdev_get_gpio_in(armv7m, 8), 
SYSCLK_FRQ);
-- 
2.21.3

[PATCH v2 04/14] hw/i2c: Add header for ARM SBCon two-wire serial bus interface

[Philippe Mathieu-Daudé]

'ARM SBCon two-wire serial bus interface' is the official
name describing the pair of registers used to bitbanging
I2C in the Versatile boards.

Make the private VersatileI2CState structure as public
ArmSbconI2CState.
Add the TYPE_ARM_SBCON_I2C, alias to our current
TYPE_VERSATILE_I2C model.
Rename the memory region description as 'arm_sbcon_i2c'.

Signed-off-by: Philippe Mathieu-Daudé 
---
 include/hw/i2c/arm_sbcon_i2c.h | 35 ++
 hw/i2c/versatile_i2c.c | 17 +
 MAINTAINERS|  1 +
 3 files changed, 41 insertions(+), 12 deletions(-)
 create mode 100644 include/hw/i2c/arm_sbcon_i2c.h

diff --git a/include/hw/i2c/arm_sbcon_i2c.h b/include/hw/i2c/arm_sbcon_i2c.h
new file mode 100644
index 00..5d96507ab6
--- /dev/null
+++ b/include/hw/i2c/arm_sbcon_i2c.h
@@ -0,0 +1,35 @@
+/*
+ * ARM SBCon two-wire serial bus interface (I2C bitbang)
+ *   a.k.a.
+ * ARM Versatile I2C controller
+ *
+ * Copyright (c) 2006-2007 CodeSourcery.
+ * Copyright (c) 2012 Oskar Andero 
+ * Copyright (C) 2020 Philippe Mathieu-Daudé 
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#ifndef HW_I2C_ARM_SBCON_H
+#define HW_I2C_ARM_SBCON_H
+
+#include "hw/sysbus.h"
+#include "hw/i2c/bitbang_i2c.h"
+
+#define TYPE_VERSATILE_I2C "versatile_i2c"
+#define TYPE_ARM_SBCON_I2C TYPE_VERSATILE_I2C
+
+#define ARM_SBCON_I2C(obj) \
+OBJECT_CHECK(ArmSbconI2CState, (obj), TYPE_ARM_SBCON_I2C)
+
+typedef struct ArmSbconI2CState {
+/*< private >*/
+SysBusDevice parent_obj;
+/*< public >*/
+
+MemoryRegion iomem;
+bitbang_i2c_interface bitbang;
+int out;
+int in;
+} ArmSbconI2CState;
+
+#endif /* HW_I2C_ARM_SBCON_H */
diff --git a/hw/i2c/versatile_i2c.c b/hw/i2c/versatile_i2c.c
index 0ce10a1bcc..da8cda2ec1 100644
--- a/hw/i2c/versatile_i2c.c
+++ b/hw/i2c/versatile_i2c.c
@@ -1,5 +1,6 @@
 /*
- * ARM Versatile I2C controller
+ * ARM SBCon two-wire serial bus interface (I2C bitbang)
+ * a.k.a. ARM Versatile I2C controller
  *
  * Copyright (c) 2006-2007 CodeSourcery.
  * Copyright (c) 2012 Oskar Andero 
@@ -22,24 +23,16 @@
  */
 
 #include "qemu/osdep.h"
-#include "hw/sysbus.h"
-#include "hw/i2c/bitbang_i2c.h"
+#include "hw/i2c/arm_sbcon_i2c.h"
 #include "hw/registerfields.h"
 #include "qemu/log.h"
 #include "qemu/module.h"
 
-#define TYPE_VERSATILE_I2C "versatile_i2c"
 #define VERSATILE_I2C(obj) \
 OBJECT_CHECK(VersatileI2CState, (obj), TYPE_VERSATILE_I2C)
 
-typedef struct VersatileI2CState {
-SysBusDevice parent_obj;
+typedef ArmSbconI2CState VersatileI2CState;
 
-MemoryRegion iomem;
-bitbang_i2c_interface bitbang;
-int out;
-int in;
-} VersatileI2CState;
 
 REG32(CONTROL_GET, 0)
 REG32(CONTROL_SET, 0)
@@ -99,7 +92,7 @@ static void versatile_i2c_init(Object *obj)
 bus = i2c_init_bus(dev, "i2c");
 bitbang_i2c_init(>bitbang, bus);
 memory_region_init_io(>iomem, obj, _i2c_ops, s,
-  "versatile_i2c", 0x1000);
+  "arm_sbcon_i2c", 0x1000);
 sysbus_init_mmio(sbd, >iomem);
 }
 
diff --git a/MAINTAINERS b/MAINTAINERS
index 955cc8dd5c..185d39e151 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -842,6 +842,7 @@ M: Peter Maydell 
 L: qemu-...@nongnu.org
 S: Maintained
 F: hw/*/versatile*
+F: include/hw/i2c/arm_sbcon_i2c.h
 F: hw/misc/arm_sysctl.c
 F: docs/system/arm/versatile.rst
 
-- 
2.21.3

[PATCH v2 07/14] hw/arm/mps2: Rename CMSDK AHB peripheral region

[Philippe Mathieu-Daudé]

To differenciate with the CMSDK APB peripheral region,
rename this region 'CMSDK AHB peripheral region'.

Reviewed-by: Peter Maydell 
Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/arm/mps2.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
index ee555f919d..4fe5cc8622 100644
--- a/hw/arm/mps2.c
+++ b/hw/arm/mps2.c
@@ -212,10 +212,11 @@ static void mps2_common_init(MachineState *machine)
  */
 create_unimplemented_device("CMSDK APB peripheral region @0x4000",
 0x4000, 0x0001);
-create_unimplemented_device("CMSDK peripheral region @0x4001",
+create_unimplemented_device("CMSDK AHB peripheral region @0x4001",
 0x4001, 0x0001);
 create_unimplemented_device("Extra peripheral region @0x4002",
 0x4002, 0x0001);
+
 create_unimplemented_device("RESERVED 4", 0x4003, 0x001D);
 create_unimplemented_device("VGA", 0x4100, 0x020);
 
-- 
2.21.3

[PATCH v2 02/14] hw/i2c/versatile_i2c: Add definitions for register addresses

[Philippe Mathieu-Daudé]

Use self-explicit definitions instead of magic values.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/i2c/versatile_i2c.c | 14 ++
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/hw/i2c/versatile_i2c.c b/hw/i2c/versatile_i2c.c
index 1ac2a6f59a..040139d701 100644
--- a/hw/i2c/versatile_i2c.c
+++ b/hw/i2c/versatile_i2c.c
@@ -24,6 +24,7 @@
 #include "qemu/osdep.h"
 #include "hw/sysbus.h"
 #include "hw/i2c/bitbang_i2c.h"
+#include "hw/registerfields.h"
 #include "qemu/log.h"
 #include "qemu/module.h"
 
@@ -40,14 +41,19 @@ typedef struct VersatileI2CState {
 int in;
 } VersatileI2CState;
 
+REG32(CONTROL_GET, 0)
+REG32(CONTROL_SET, 0)
+REG32(CONTROL_CLR, 4)
+
 static uint64_t versatile_i2c_read(void *opaque, hwaddr offset,
unsigned size)
 {
 VersatileI2CState *s = (VersatileI2CState *)opaque;
 
-if (offset == 0) {
+switch (offset) {
+case A_CONTROL_SET:
 return (s->out & 1) | (s->in << 1);
-} else {
+default:
 qemu_log_mask(LOG_GUEST_ERROR,
   "%s: Bad offset 0x%x\n", __func__, (int)offset);
 return -1;
@@ -60,10 +66,10 @@ static void versatile_i2c_write(void *opaque, hwaddr offset,
 VersatileI2CState *s = (VersatileI2CState *)opaque;
 
 switch (offset) {
-case 0:
+case A_CONTROL_SET:
 s->out |= value & 3;
 break;
-case 4:
+case A_CONTROL_CLR:
 s->out &= ~value;
 break;
 default:
-- 
2.21.3

[PATCH v2 03/14] hw/i2c/versatile_i2c: Add SCL/SDA definitions

[Philippe Mathieu-Daudé]

Use self-explicit definitions instead of magic values.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/i2c/versatile_i2c.c | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/hw/i2c/versatile_i2c.c b/hw/i2c/versatile_i2c.c
index 040139d701..0ce10a1bcc 100644
--- a/hw/i2c/versatile_i2c.c
+++ b/hw/i2c/versatile_i2c.c
@@ -45,6 +45,9 @@ REG32(CONTROL_GET, 0)
 REG32(CONTROL_SET, 0)
 REG32(CONTROL_CLR, 4)
 
+#define SCL BIT(0)
+#define SDA BIT(1)
+
 static uint64_t versatile_i2c_read(void *opaque, hwaddr offset,
unsigned size)
 {
@@ -76,8 +79,8 @@ static void versatile_i2c_write(void *opaque, hwaddr offset,
 qemu_log_mask(LOG_GUEST_ERROR,
   "%s: Bad offset 0x%x\n", __func__, (int)offset);
 }
-bitbang_i2c_set(>bitbang, BITBANG_I2C_SCL, (s->out & 1) != 0);
-s->in = bitbang_i2c_set(>bitbang, BITBANG_I2C_SDA, (s->out & 2) != 0);
+bitbang_i2c_set(>bitbang, BITBANG_I2C_SCL, (s->out & SCL) != 0);
+s->in = bitbang_i2c_set(>bitbang, BITBANG_I2C_SDA, (s->out & SDA) != 0);
 }
 
 static const MemoryRegionOps versatile_i2c_ops = {
-- 
2.21.3

[PATCH v2 01/14] hw/watchdog/cmsdk-apb-watchdog: Add trace event for lock status

[Philippe Mathieu-Daudé]

Add a trace event to see when a guest disable/enable the watchdog.

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/watchdog/cmsdk-apb-watchdog.c | 1 +
 hw/watchdog/trace-events | 1 +
 2 files changed, 2 insertions(+)

diff --git a/hw/watchdog/cmsdk-apb-watchdog.c b/hw/watchdog/cmsdk-apb-watchdog.c
index 1541365914..5bbadadfa6 100644
--- a/hw/watchdog/cmsdk-apb-watchdog.c
+++ b/hw/watchdog/cmsdk-apb-watchdog.c
@@ -225,6 +225,7 @@ static void cmsdk_apb_watchdog_write(void *opaque, hwaddr 
offset,
 break;
 case A_WDOGLOCK:
 s->lock = (value != WDOG_UNLOCK_VALUE);
+trace_cmsdk_apb_watchdog_lock(s->lock);
 break;
 case A_WDOGITCR:
 if (s->is_luminary) {
diff --git a/hw/watchdog/trace-events b/hw/watchdog/trace-events
index ab94d7df50..3124ca1f1b 100644
--- a/hw/watchdog/trace-events
+++ b/hw/watchdog/trace-events
@@ -4,3 +4,4 @@
 cmsdk_apb_watchdog_read(uint64_t offset, uint64_t data, unsigned size) "CMSDK 
APB watchdog read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u"
 cmsdk_apb_watchdog_write(uint64_t offset, uint64_t data, unsigned size) "CMSDK 
APB watchdog write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u"
 cmsdk_apb_watchdog_reset(void) "CMSDK APB watchdog: reset"
+cmsdk_apb_watchdog_lock(uint32_t lock) "CMSDK APB watchdog: lock %" PRIu32
-- 
2.21.3

[PATCH v2 00/14] mps2: Add few more peripherals

[Philippe Mathieu-Daudé]

Few patches while playing with Zephyr on the MPS2:

- clean 'versatile_i2c' a bit,
- describe it as 'ARM SBCon two-wire serial bus interface'
  which is common on the ARM documentation,
- add watchdog
- added fpgaio with correct prescale clk
- added i2c and spi
- added gpio/i2s as unimp
- dropped the fpgaio push-button patch

Zephyr ressources used:
https://docs.zephyrproject.org/latest/boards/arm/mps2_an385/doc/index.html

Philippe Mathieu-Daudé (14):
  hw/watchdog/cmsdk-apb-watchdog: Add trace event for lock status
  hw/i2c/versatile_i2c: Add definitions for register addresses
  hw/i2c/versatile_i2c: Add SCL/SDA definitions
  hw/i2c: Add header for ARM SBCon two-wire serial bus interface
  hw/arm: Use TYPE_VERSATILE_I2C instead of hardcoded string
  hw/arm/mps2: Document CMSDK/FPGA APB subsystem sections
  hw/arm/mps2: Rename CMSDK AHB peripheral region
  hw/arm/mps2: Add CMSDK APB watchdog device
  hw/arm/mps2: Add CMSDK AHB GPIO peripherals as unimplemented devices
  hw/arm/mps2: Map the FPGA I/O block
  hw/arm/mps2: Add SPI devices
  hw/arm/mps2: Add I2C devices
  hw/arm/mps2: Add audio I2S interface as unimplemented device
  hw/arm/mps2-tz: Use the ARM SBCon two-wire serial bus interface

 include/hw/i2c/arm_sbcon_i2c.h   | 35 +
 hw/arm/mps2-tz.c | 23 ---
 hw/arm/mps2.c| 65 ++--
 hw/arm/realview.c|  3 +-
 hw/arm/versatilepb.c |  3 +-
 hw/arm/vexpress.c|  3 +-
 hw/i2c/versatile_i2c.c   | 38 ++-
 hw/watchdog/cmsdk-apb-watchdog.c |  1 +
 MAINTAINERS  |  1 +
 hw/arm/Kconfig   |  1 +
 hw/watchdog/trace-events |  1 +
 11 files changed, 144 insertions(+), 30 deletions(-)
 create mode 100644 include/hw/i2c/arm_sbcon_i2c.h

-- 
2.21.3

[PATCH v2 05/14] hw/arm: Use TYPE_VERSATILE_I2C instead of hardcoded string

[Philippe Mathieu-Daudé]

By using the TYPE_* definitions for devices, we can:
 - quickly find where devices are used with 'git-grep'
 - easily rename a device (one-line change).

Signed-off-by: Philippe Mathieu-Daudé 
---
 hw/arm/realview.c| 3 ++-
 hw/arm/versatilepb.c | 3 ++-
 hw/arm/vexpress.c| 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/hw/arm/realview.c b/hw/arm/realview.c
index f3c00fe00c..b6c0a1adb9 100644
--- a/hw/arm/realview.c
+++ b/hw/arm/realview.c
@@ -26,6 +26,7 @@
 #include "hw/cpu/a9mpcore.h"
 #include "hw/intc/realview_gic.h"
 #include "hw/irq.h"
+#include "hw/i2c/arm_sbcon_i2c.h"
 
 #define SMP_BOOT_ADDR 0xe000
 #define SMP_BOOTREG_ADDR 0x1030
@@ -282,7 +283,7 @@ static void realview_init(MachineState *machine,
 }
 }
 
-dev = sysbus_create_simple("versatile_i2c", 0x10002000, NULL);
+dev = sysbus_create_simple(TYPE_VERSATILE_I2C, 0x10002000, NULL);
 i2c = (I2CBus *)qdev_get_child_bus(dev, "i2c");
 i2c_create_slave(i2c, "ds1338", 0x68);
 
diff --git a/hw/arm/versatilepb.c b/hw/arm/versatilepb.c
index 2ebdcbd8ac..e596b8170f 100644
--- a/hw/arm/versatilepb.c
+++ b/hw/arm/versatilepb.c
@@ -18,6 +18,7 @@
 #include "sysemu/sysemu.h"
 #include "hw/pci/pci.h"
 #include "hw/i2c/i2c.h"
+#include "hw/i2c/arm_sbcon_i2c.h"
 #include "hw/irq.h"
 #include "hw/boards.h"
 #include "exec/address-spaces.h"
@@ -314,7 +315,7 @@ static void versatile_init(MachineState *machine, int 
board_id)
 /* Add PL031 Real Time Clock. */
 sysbus_create_simple("pl031", 0x101e8000, pic[10]);
 
-dev = sysbus_create_simple("versatile_i2c", 0x10002000, NULL);
+dev = sysbus_create_simple(TYPE_VERSATILE_I2C, 0x10002000, NULL);
 i2c = (I2CBus *)qdev_get_child_bus(dev, "i2c");
 i2c_create_slave(i2c, "ds1338", 0x68);
 
diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c
index 7ca5d523a4..24d656e653 100644
--- a/hw/arm/vexpress.c
+++ b/hw/arm/vexpress.c
@@ -42,6 +42,7 @@
 #include "hw/char/pl011.h"
 #include "hw/cpu/a9mpcore.h"
 #include "hw/cpu/a15mpcore.h"
+#include "hw/i2c/arm_sbcon_i2c.h"
 
 #define VEXPRESS_BOARD_ID 0x8e0
 #define VEXPRESS_FLASH_SIZE (64 * 1024 * 1024)
@@ -640,7 +641,7 @@ static void vexpress_common_init(MachineState *machine)
 sysbus_create_simple("sp804", map[VE_TIMER01], pic[2]);
 sysbus_create_simple("sp804", map[VE_TIMER23], pic[3]);
 
-dev = sysbus_create_simple("versatile_i2c", map[VE_SERIALDVI], NULL);
+dev = sysbus_create_simple(TYPE_VERSATILE_I2C, map[VE_SERIALDVI], NULL);
 i2c = (I2CBus *)qdev_get_child_bus(dev, "i2c");
 i2c_create_slave(i2c, "sii9022", 0x39);
 
-- 
2.21.3

Re: [PATCH 1/3] MAINTAINERS: Add 'Miscellaneous' section

[Aleksandar Markovic]

среда, 17. јун 2020., Ahmed Karaman  је
написао/ла:

> This new section includes the 'Performance Tools and Tests' subsection
> which will contain the the performance scripts and benchmarks written
> as a part of the 'TCG Continuous Benchmarking' project.
>
> Signed-off-by: Ahmed Karaman 
> ---


I also think that the title of the patch should be 'Add 'Performance Tools
and Tests' subsection', since this is the core purpose of the patch - new
section 'Miscellaneous' is just a mean to achieve this.

Thanks,
Aleksandar




>  MAINTAINERS | 7 +++
>  1 file changed, 7 insertions(+)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 955cc8dd5c..68f668ae2a 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -2974,3 +2974,10 @@ M: Peter Maydell 
>  S: Maintained
>  F: docs/conf.py
>  F: docs/*/conf.py
> +
> +Miscellaneous
> +-
> +Performance Tools and Tests
> +M: Ahmed Karaman 
> +S: Maintained
> +F: scripts/performance/
> \ No newline at end of file
> --
> 2.17.1
>
>

[Bug 1810000] Re: qemu system emulator crashed when using xhci usb controller

[Thomas Huth]

** Summary changed:

- qemu system emulator crashed with the attachment of usb-bt-dongle device
+ qemu system emulator crashed when using xhci usb controller

** Tags added: usb xhci

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/181

Title:
  qemu system emulator crashed when using xhci usb controller

Status in QEMU:
  New

Bug description:
  I am testing usb-bt-dongle device on xchi host controller, and found
  that the qemu crashed directly with an assertion failer.

  Here is the information to reproduce the crash:

  Qemu git revision: 9b2e891ec5ccdb4a7d583b77988848282606fdea
  System emulator: qemu-x86_64
  VM image: 
https://people.debian.org/~aurel32/qemu/amd64/debian_squeeze_amd64_desktop.qcow2
  CommandLine: qemu-system-x86_64 -M q35 -device qemu-xhci,id=xhci -enable-kvm 
-device usb-bt-dongle  -hda ./debian_wheezy_amd64_standard.qcow2

  Error message:

  qemu-system-x86_64: /build/qemu-
  Eap4uc/qemu-2.11+dfsg/hw/usb/core.c:592: usb_packet_copy: Assertion
  `p->actual_length + bytes <= iov->size' failed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/181/+subscriptions

[PATCH 5/6] nvram: add nrf51_soc flash read method

[P J P]

From: Prasad J Pandit 

Add nrf51_soc mmio read method to avoid NULL pointer dereference
issue.

Reported-by: Lei Sun 
Signed-off-by: Prasad J Pandit 
---
 hw/nvram/nrf51_nvm.c | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/hw/nvram/nrf51_nvm.c b/hw/nvram/nrf51_nvm.c
index f2283c1a8d..e813c7ec72 100644
--- a/hw/nvram/nrf51_nvm.c
+++ b/hw/nvram/nrf51_nvm.c
@@ -274,6 +274,12 @@ static const MemoryRegionOps io_ops = {
 };
 
 
+static uint64_t flash_read(void *opaque, hwaddr addr, unsigned size)
+{
+qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+return 0;
+}
+
 static void flash_write(void *opaque, hwaddr offset, uint64_t value,
 unsigned int size)
 {
@@ -300,6 +306,7 @@ static void flash_write(void *opaque, hwaddr offset, 
uint64_t value,
 
 
 static const MemoryRegionOps flash_ops = {
+.read = flash_read,
 .write = flash_write,
 .valid.min_access_size = 4,
 .valid.max_access_size = 4,
-- 
2.26.2

[PATCH 3/6] vfio: add quirk device write method

[P J P]

From: Prasad J Pandit 

Add vfio quirk device mmio write method to avoid NULL pointer
dereference issue.

Reported-by: Lei Sun 
Signed-off-by: Prasad J Pandit 
---
 hw/vfio/pci-quirks.c | 8 
 1 file changed, 8 insertions(+)

diff --git a/hw/vfio/pci-quirks.c b/hw/vfio/pci-quirks.c
index f2155ddb1d..5bd98885d5 100644
--- a/hw/vfio/pci-quirks.c
+++ b/hw/vfio/pci-quirks.c
@@ -13,6 +13,7 @@
 #include "qemu/osdep.h"
 #include "exec/memop.h"
 #include "qemu/units.h"
+#include "qemu/log.h"
 #include "qemu/error-report.h"
 #include "qemu/main-loop.h"
 #include "qemu/module.h"
@@ -263,8 +264,15 @@ static uint64_t vfio_ati_3c3_quirk_read(void *opaque,
 return data;
 }
 
+static void vfio_ati_3c3_quirk_write(void *opaque, hwaddr addr,
+uint64_t data, unsigned size)
+{
+qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+}
+
 static const MemoryRegionOps vfio_ati_3c3_quirk = {
 .read = vfio_ati_3c3_quirk_read,
+.write = vfio_ati_3c3_quirk_write,
 .endianness = DEVICE_LITTLE_ENDIAN,
 };
 
-- 
2.26.2

Re: [PATCH 2/3] scripts/performance: Add callgrind_top_25.py script

[Aleksandar Markovic]

среда, 17. јун 2020., Ahmed Karaman  је
написао/ла:

> Python script that prints the top 25 most executed functions in QEMU
> using callgrind.
>
> Signed-off-by: Ahmed Karaman 
> ---


I think you should add an example of script usage in the commit message
(even though you mention such example in the comments of the script),
together with the script output for that example.

Thanks,
Aleksandar



>  scripts/performance/callgrind_top_25.py | 95 +
>  1 file changed, 95 insertions(+)
>  create mode 100644 scripts/performance/callgrind_top_25.py
>
> diff --git a/scripts/performance/callgrind_top_25.py
> b/scripts/performance/callgrind_top_25.py
> new file mode 100644
> index 00..03b089a96d
> --- /dev/null
> +++ b/scripts/performance/callgrind_top_25.py
> @@ -0,0 +1,95 @@
> +#!/usr/bin/env python3
> +
> +#  Print the top 25 most executed functions in QEMU using callgrind.
> +#  Example Usage:
> +#  callgrind_top_25.py /x86_64-linux-user/qemu-x86_64
> executable
> +#
> +#  This file is a part of the project "TCG Continuous Benchmarking".
> +#
> +#  Copyright (C) 2020  Ahmed Karaman 
> +#  Copyright (C) 2020  Aleksandar Markovic  com>
> +#
> +#  This program is free software: you can redistribute it and/or modify
> +#  it under the terms of the GNU General Public License as published by
> +#  the Free Software Foundation, either version 2 of the License, or
> +#  (at your option) any later version.
> +#
> +#  This program is distributed in the hope that it will be useful,
> +#  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +#  GNU General Public License for more details.
> +#
> +#  You should have received a copy of the GNU General Public License
> +#  along with this program. If not, see .
> +
> +import os
> +import sys
> +
> +# Ensure sufficient arguments
> +if len(sys.argv) < 3:
> +print('Insufficient Script Arguments!')
> +sys.exit(1)
> +
> +# Get the qemu path and the executable + its arguments
> +(qemu, executable) = (sys.argv[1], ' '.join(sys.argv[2:]))
> +
> +# Run callgrind and callgrind_annotate
> +os.system('valgrind --tool=callgrind --callgrind-out-file=callgrind.data
> {} {} \
> +2 > / dev / null & & callgrind_annotate callgrind.data \
> +> tmp.callgrind.data'.
> +  format(qemu, executable))
> +
> +# Line number with the total number of instructions
> +number_of_instructions_line = 20
> +
> +# Line number with the top function
> +first_func_line = 25
> +
> +# callgrind_annotate output
> +callgrind_data = []
> +
> +# Open callgrind_annotate output and store it in callgrind_data
> +with open('tmp.callgrind.data', 'r') as data:
> +callgrind_data = data.readlines()
> +
> +# Get the total number of instructions
> +total_number_of_instructions = int(
> +callgrind_data[number_of_instructions_line].split('
> ')[0].replace(',', ''))
> +
> +# Number of functions recorded by callgrind
> +number_of_functions = len(callgrind_data) - first_func_line
> +
> +# Limit the number of top functions to 25
> +number_of_top_functions = (25 if number_of_functions >
> +   25 else number_of_instructions_line)
> +
> +# Store the data of the top functions in top_functions[]
> +top_functions = callgrind_data[first_func_line:
> +   first_func_line + number_of_top_functions]
> +# Print information headers
> +print('{:>4}  {:>10}  {:<25}  {}\n{}  {}  {}  {}'.format('No.',
> + 'Percentage',
> + 'Name',
> + 'Source File',
> + '-' * 4,
> + '-' * 10,
> + '-' * 25,
> + '-' * 30,
> + ))
> +
> +# Print top 25 functions
> +for (index, function) in enumerate(top_functions, start=1):
> +function_data = function.split()
> +# Calculate function percentage
> +percentage = (float(function_data[0].replace(
> +',', '')) / total_number_of_instructions) * 100
> +# Get function source path and name
> +path, name = function_data[1].split(':')
> +# Print extracted data
> +print('{:>4}  {:>9.3f}%  {:<25}  {}'.format(index,
> +round(percentage, 3),
> +name,
> +path))
> +
> +# Remove intermediate files
> +os.system('rm callgrind.data tmp.callgrind.data')
> --
> 2.17.1
>
>

[PATCH 6/6] spapr_pci: add spapr msi read method

[P J P]

From: Prasad J Pandit 

Add spapr msi mmio read method to avoid NULL pointer dereference
issue.

Reported-by: Lei Sun 
Signed-off-by: Prasad J Pandit 
---
 hw/ppc/spapr_pci.c | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/hw/ppc/spapr_pci.c b/hw/ppc/spapr_pci.c
index 83f1453096..d4193be205 100644
--- a/hw/ppc/spapr_pci.c
+++ b/hw/ppc/spapr_pci.c
@@ -52,6 +52,7 @@
 #include "sysemu/kvm.h"
 #include "sysemu/hostmem.h"
 #include "sysemu/numa.h"
+#include "qemu/log.h"
 
 /* Copied from the kernel arch/powerpc/platforms/pseries/msi.c */
 #define RTAS_QUERY_FN   0
@@ -738,6 +739,12 @@ static PCIINTxRoute spapr_route_intx_pin_to_irq(void 
*opaque, int pin)
 return route;
 }
 
+static uint64_t spapr_msi_read(void *opaque, hwaddr addr, unsigned size)
+{
+qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+return 0;
+}
+
 /*
  * MSI/MSIX memory region implementation.
  * The handler handles both MSI and MSIX.
@@ -756,7 +763,7 @@ static void spapr_msi_write(void *opaque, hwaddr addr,
 
 static const MemoryRegionOps spapr_msi_ops = {
 /* There is no .read as the read result is undefined by PCI spec */
-.read = NULL,
+.read = spapr_msi_read,
 .write = spapr_msi_write,
 .endianness = DEVICE_LITTLE_ENDIAN
 };
-- 
2.26.2

[PATCH 1/6] hw/pci-host: add pci-intack write method

[P J P]

From: Prasad J Pandit 

Add pci-intack mmio write method to avoid NULL pointer dereference
issue.

Reported-by: Lei Sun 
Signed-off-by: Prasad J Pandit 
---
 hw/pci-host/prep.c | 8 
 1 file changed, 8 insertions(+)

diff --git a/hw/pci-host/prep.c b/hw/pci-host/prep.c
index 1a02e9a670..41befee203 100644
--- a/hw/pci-host/prep.c
+++ b/hw/pci-host/prep.c
@@ -27,6 +27,7 @@
 #include "qemu-common.h"
 #include "qemu/units.h"
 #include "qapi/error.h"
+#include "qemu/log.h"
 #include "hw/pci/pci.h"
 #include "hw/pci/pci_bus.h"
 #include "hw/pci/pci_host.h"
@@ -119,8 +120,15 @@ static uint64_t raven_intack_read(void *opaque, hwaddr 
addr,
 return pic_read_irq(isa_pic);
 }
 
+static void raven_intack_write(void *opaque, hwaddr addr,
+uint64_t data, unsigned size)
+{
+qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+}
+
 static const MemoryRegionOps raven_intack_ops = {
 .read = raven_intack_read,
+.write = raven_intack_write,
 .valid = {
 .max_access_size = 1,
 },
-- 
2.26.2

[PATCH 4/6] prep: add ppc-parity write method

[P J P]

From: Prasad J Pandit 

Add ppc-parity mmio write method to avoid NULL pointer dereference
issue.

Reported-by: Lei Sun 
Signed-off-by: Prasad J Pandit 
---
 hw/ppc/prep_systemio.c | 8 
 1 file changed, 8 insertions(+)

diff --git a/hw/ppc/prep_systemio.c b/hw/ppc/prep_systemio.c
index bbc51b6e9a..aacd7831fd 100644
--- a/hw/ppc/prep_systemio.c
+++ b/hw/ppc/prep_systemio.c
@@ -23,6 +23,7 @@
  */
 
 #include "qemu/osdep.h"
+#include "qemu/log.h"
 #include "hw/irq.h"
 #include "hw/isa/isa.h"
 #include "hw/qdev-properties.h"
@@ -235,8 +236,15 @@ static uint64_t ppc_parity_error_readl(void *opaque, 
hwaddr addr,
 return val;
 }
 
+static void ppc_parity_error_writel(void *opaque, hwaddr addr,
+uint64_t data, unsigned size)
+{
+qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+}
+
 static const MemoryRegionOps ppc_parity_error_ops = {
 .read = ppc_parity_error_readl,
+.write = ppc_parity_error_writel,
 .valid = {
 .min_access_size = 4,
 .max_access_size = 4,
-- 
2.26.2

[PATCH 2/6] pci-host: add pcie-msi read method

[P J P]

From: Prasad J Pandit 

Add pcie-msi mmio read method to avoid NULL pointer dereference
issue.

Reported-by: Lei Sun 
Signed-off-by: Prasad J Pandit 
---
 hw/pci-host/designware.c | 9 +
 1 file changed, 9 insertions(+)

diff --git a/hw/pci-host/designware.c b/hw/pci-host/designware.c
index dd245516dd..c34c366f36 100644
--- a/hw/pci-host/designware.c
+++ b/hw/pci-host/designware.c
@@ -21,6 +21,7 @@
 #include "qemu/osdep.h"
 #include "qapi/error.h"
 #include "qemu/module.h"
+#include "qemu/log.h"
 #include "hw/pci/msi.h"
 #include "hw/pci/pci_bridge.h"
 #include "hw/pci/pci_host.h"
@@ -63,6 +64,13 @@ designware_pcie_root_to_host(DesignwarePCIERoot *root)
 return DESIGNWARE_PCIE_HOST(bus->parent);
 }
 
+static uint64_t designware_pcie_root_msi_read(void *opaque, hwaddr addr,
+  unsigned size)
+{
+qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__);
+return 0;
+}
+
 static void designware_pcie_root_msi_write(void *opaque, hwaddr addr,
uint64_t val, unsigned len)
 {
@@ -77,6 +85,7 @@ static void designware_pcie_root_msi_write(void *opaque, 
hwaddr addr,
 }
 
 static const MemoryRegionOps designware_pci_host_msi_ops = {
+.read = designware_pcie_root_msi_read,
 .write = designware_pcie_root_msi_write,
 .endianness = DEVICE_LITTLE_ENDIAN,
 .valid = {
-- 
2.26.2

[PATCH 0/6] Add various undefined MMIO r/w functions

[P J P]

From: Prasad J Pandit 

Hello,

This series adds various undefined MMIO read/write functions
to avoid potential guest crash via a NULL pointer dereference.

ex. -> 
https://git.qemu.org/?p=qemu.git;a=commit;h=bb15013ef34617eb1344f5276292cadd326c21b2

Thank you.
--
Prasad J Pandit (6):
  hw/pci-host: add pci-intack write method
  pci-host: add pcie-msi read method
  vfio: add quirk device write method
  prep: add ppc-parity write method
  nvram: add nrf51_soc flash read method
  spapr_pci: add spapr msi read method

 hw/nvram/nrf51_nvm.c | 7 +++
 hw/pci-host/designware.c | 9 +
 hw/pci-host/prep.c   | 8 
 hw/ppc/prep_systemio.c   | 8 
 hw/ppc/spapr_pci.c   | 9 -
 hw/vfio/pci-quirks.c | 8 
 6 files changed, 48 insertions(+), 1 deletion(-)

-- 
2.26.2

Re: [PATCH 1/3] MAINTAINERS: Add 'Miscellaneous' section

[Aleksandar Markovic]

среда, 17. јун 2020., Ahmed Karaman  је
написао/ла:

> This new section includes the 'Performance Tools and Tests' subsection
> which will contain the the performance scripts and benchmarks written
> as a part of the 'TCG Continuous Benchmarking' project.
>
> Signed-off-by: Ahmed Karaman 
> ---
>  MAINTAINERS | 7 +++
>  1 file changed, 7 insertions(+)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 955cc8dd5c..68f668ae2a 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -2974,3 +2974,10 @@ M: Peter Maydell 
>  S: Maintained
>  F: docs/conf.py
>  F: docs/*/conf.py
> +
> +Miscellaneous
> +-
> +Performance Tools and Tests
> +M: Ahmed Karaman 
> +S: Maintained
> +F: scripts/performance/
> \ No newline at end of file
> --


I don't think that it makes any functional difference in this case, but it
is customary that the last line of any source file contains end-of-line
characters, so please add that in the next version of the series.

Also, I think it is more logical that this patch is the last patch in the
series - if left the way you proposed, this patch would refer to the
directory that does not exist - yet.

Otherwise, it looks good to me.

Section "Miscellaneous" makes sense to me.

Thanks,
Aleksandar



> 2.17.1
>
>

[Bug 1805256] Re: qemu-img hangs on rcu_call_ready_event logic in Aarch64 when converting images

[Christian Ehrhardt ]

We had the 14 (instead f 7) days in -proposed for some extended maturing. 
Nothing came up in regard to this and all validations were good.
Dropping block-proposed to be released once the SRU Team gets to it.

** Tags removed: block-proposed-bionic block-proposed-eoan block-
proposed-focal

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1805256

Title:
  qemu-img hangs on rcu_call_ready_event logic in Aarch64 when
  converting images

Status in kunpeng920:
  Fix Committed
Status in kunpeng920 ubuntu-18.04 series:
  Fix Committed
Status in kunpeng920 ubuntu-18.04-hwe series:
  Fix Committed
Status in kunpeng920 ubuntu-19.10 series:
  Fix Committed
Status in kunpeng920 ubuntu-20.04 series:
  Fix Committed
Status in kunpeng920 upstream-kernel series:
  Invalid
Status in QEMU:
  Fix Released
Status in qemu package in Ubuntu:
  Fix Released
Status in qemu source package in Bionic:
  Fix Committed
Status in qemu source package in Eoan:
  Fix Committed
Status in qemu source package in Focal:
  Fix Committed

Bug description:
  [Impact]

  * QEMU locking primitives might face a race condition in QEMU Async
  I/O bottom halves scheduling. This leads to a dead lock making either
  QEMU or one of its tools to hang indefinitely.

  [Test Case]

  * qemu-img convert -f qcow2 -O qcow2 ./disk01.qcow2 ./output.qcow2

  Hangs indefinitely approximately 30% of the runs in Aarch64.

  [Regression Potential]

  * This is a change to a core part of QEMU: The AIO scheduling. It
  works like a "kernel" scheduler, whereas kernel schedules OS tasks,
  the QEMU AIO code is responsible to schedule QEMU coroutines or event
  listeners callbacks.

  * There was a long discussion upstream about primitives and Aarch64.
  After quite sometime Paolo released this patch and it solves the
  issue. Tested platforms were: amd64 and aarch64 based on his commit
  log.

  * Christian suggests that this fix stay little longer in -proposed to
  make sure it won't cause any regressions.

  * dannf suggests we also check for performance regressions; e.g. how
  long it takes to convert a cloud image on high-core systems.

  [Other Info]

   * Original Description bellow:

  Command:

  qemu-img convert -f qcow2 -O qcow2 ./disk01.qcow2 ./output.qcow2

  Hangs indefinitely approximately 30% of the runs.

  

  Workaround:

  qemu-img convert -m 1 -f qcow2 -O qcow2 ./disk01.qcow2 ./output.qcow2

  Run "qemu-img convert" with "a single coroutine" to avoid this issue.

  

  (gdb) thread 1
  ...
  (gdb) bt
  #0 0xbf1ad81c in __GI_ppoll
  #1 0xaabcf73c in ppoll
  #2 qemu_poll_ns
  #3 0xaabd0764 in os_host_main_loop_wait
  #4 main_loop_wait
  ...

  (gdb) thread 2
  ...
  (gdb) bt
  #0 syscall ()
  #1 0xaabd41cc in qemu_futex_wait
  #2 qemu_event_wait (ev=ev@entry=0xaac86ce8 )
  #3 0xaabed05c in call_rcu_thread
  #4 0xaabd34c8 in qemu_thread_start
  #5 0xbf25c880 in start_thread
  #6 0xbf1b6b9c in thread_start ()

  (gdb) thread 3
  ...
  (gdb) bt
  #0 0xbf11aa20 in __GI___sigtimedwait
  #1 0xbf2671b4 in __sigwait
  #2 0xaabd1ddc in sigwait_compat
  #3 0xaabd34c8 in qemu_thread_start
  #4 0xbf25c880 in start_thread
  #5 0xbf1b6b9c in thread_start

  

  (gdb) run
  Starting program: /usr/bin/qemu-img convert -f qcow2 -O qcow2
  ./disk01.ext4.qcow2 ./output.qcow2

  [New Thread 0xbec5ad90 (LWP 72839)]
  [New Thread 0xbe459d90 (LWP 72840)]
  [New Thread 0xbdb57d90 (LWP 72841)]
  [New Thread 0xacac9d90 (LWP 72859)]
  [New Thread 0xa7ffed90 (LWP 72860)]
  [New Thread 0xa77fdd90 (LWP 72861)]
  [New Thread 0xa6ffcd90 (LWP 72862)]
  [New Thread 0xa67fbd90 (LWP 72863)]
  [New Thread 0xa5ffad90 (LWP 72864)]

  [Thread 0xa5ffad90 (LWP 72864) exited]
  [Thread 0xa6ffcd90 (LWP 72862) exited]
  [Thread 0xa77fdd90 (LWP 72861) exited]
  [Thread 0xbdb57d90 (LWP 72841) exited]
  [Thread 0xa67fbd90 (LWP 72863) exited]
  [Thread 0xacac9d90 (LWP 72859) exited]
  [Thread 0xa7ffed90 (LWP 72860) exited]

  
  """

  All the tasks left are blocked in a system call, so no task left to call
  qemu_futex_wake() to unblock thread #2 (in futex()), which would unblock
  thread #1 (doing poll() in a pipe with thread #2).

  Those 7 threads exit before disk conversion is complete (sometimes in
  the beginning, sometimes at the end).

  

  On the HiSilicon D06 system - a 96 core NUMA arm64 box - qemu-img
  frequently hangs (~50% of the time) with this command:

  qemu-img convert -f qcow2 -O qcow2 /tmp/cloudimg /tmp/cloudimg2

  Where "cloudimg" is a standard qcow2 Ubuntu cloud image. This
  qcow2->qcow2 conversion happens to be something uvtool does every time
  it fetches images.

  Once hung, attaching gdb gives the following backtrace:

  (gdb) bt
  #0  0xae4f8154 in __GI_ppoll 

[PATCH RESEND v2 1/2] nvme: indicate CMB support through controller capabilities register

[Andrzej Jakowski]

This patch sets CMBS bit in controller capabilities register when user
configures NVMe driver with CMB support, so capabilites are correctly
reported to guest OS.

Signed-off-by: Andrzej Jakowski 
Reviewed-by: Klaus Jensen 
---
 hw/block/nvme.c  | 2 +-
 include/block/nvme.h | 6 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index 1aee042d4c..9f11f3e9da 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -1582,6 +1582,7 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice 
*pci_dev)
 NVME_CAP_SET_TO(n->bar.cap, 0xf);
 NVME_CAP_SET_CSS(n->bar.cap, 1);
 NVME_CAP_SET_MPSMAX(n->bar.cap, 4);
+NVME_CAP_SET_CMBS(n->bar.cap, n->params.cmb_size_mb ? 1 : 0);
 
 n->bar.vs = 0x00010200;
 n->bar.intmc = n->bar.intms = 0;
@@ -1591,7 +1592,6 @@ static void nvme_realize(PCIDevice *pci_dev, Error **errp)
 {
 NvmeCtrl *n = NVME(pci_dev);
 Error *local_err = NULL;
-
 int i;
 
 nvme_check_constraints(n, _err);
diff --git a/include/block/nvme.h b/include/block/nvme.h
index 1720ee1d51..14cf398dfa 100644
--- a/include/block/nvme.h
+++ b/include/block/nvme.h
@@ -35,6 +35,7 @@ enum NvmeCapShift {
 CAP_MPSMIN_SHIFT   = 48,
 CAP_MPSMAX_SHIFT   = 52,
 CAP_PMR_SHIFT  = 56,
+CAP_CMB_SHIFT  = 57,
 };
 
 enum NvmeCapMask {
@@ -48,6 +49,7 @@ enum NvmeCapMask {
 CAP_MPSMIN_MASK= 0xf,
 CAP_MPSMAX_MASK= 0xf,
 CAP_PMR_MASK   = 0x1,
+CAP_CMB_MASK   = 0x1,
 };
 
 #define NVME_CAP_MQES(cap)  (((cap) >> CAP_MQES_SHIFT)   & CAP_MQES_MASK)
@@ -78,8 +80,10 @@ enum NvmeCapMask {
<< CAP_MPSMIN_SHIFT)
 #define NVME_CAP_SET_MPSMAX(cap, val) (cap |= (uint64_t)(val & 
CAP_MPSMAX_MASK)\
 << 
CAP_MPSMAX_SHIFT)
-#define NVME_CAP_SET_PMRS(cap, val) (cap |= (uint64_t)(val & CAP_PMR_MASK)\
+#define NVME_CAP_SET_PMRS(cap, val)   (cap |= (uint64_t)(val & CAP_PMR_MASK)   
\
 << CAP_PMR_SHIFT)
+#define NVME_CAP_SET_CMBS(cap, val)   (cap |= (uint64_t)(val & CAP_CMB_MASK)   
\
+   << CAP_CMB_SHIFT)
 
 enum NvmeCcShift {
 CC_EN_SHIFT = 0,
-- 
2.21.1

[PATCH RESEND v2 2/2] nvme: allow cmb and pmr to be enabled on same device

[Andrzej Jakowski]

So far it was not possible to have CMB and PMR emulated on the same
device, because BAR2 was used exclusively either of PMR or CMB. This
patch places CMB at BAR4 offset so it not conflicts with MSI-X vectors.

Signed-off-by: Andrzej Jakowski 
---
 hw/block/nvme.c  | 122 ---
 hw/block/nvme.h  |   5 +-
 include/block/nvme.h |   4 +-
 3 files changed, 86 insertions(+), 45 deletions(-)

diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index 9f11f3e9da..62681966b9 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -22,12 +22,12 @@
  *  [pmrdev=,] \
  *  max_ioqpairs=
  *
- * Note cmb_size_mb denotes size of CMB in MB. CMB is assumed to be at
- * offset 0 in BAR2 and supports only WDS, RDS and SQS for now.
+ * Note cmb_size_mb denotes size of CMB in MB. CMB when configured is assumed
+ * to be resident in BAR4 at certain offset - this is because BAR4 is also
+ * used for storing MSI-X table that is available at offset 0 in BAR4.
  *
- * cmb_size_mb= and pmrdev= options are mutually exclusive due to limitation
- * in available BAR's. cmb_size_mb= will take precedence over pmrdev= when
- * both provided.
+ * pmrdev is assumed to be resident in BAR2/BAR3. When configured it consumes
+ * whole BAR2/BAR3 exclusively.
  * Enabling pmr emulation can be achieved by pointing to memory-backend-file.
  * For example:
  * -object memory-backend-file,id=,share=on,mem-path=, \
@@ -69,18 +69,19 @@
 
 static void nvme_process_sq(void *opaque);
 
-static bool nvme_addr_is_cmb(NvmeCtrl *n, hwaddr addr)
+static bool nvme_addr_is_cmb(NvmeCtrl *n, hwaddr addr, int size)
 {
-hwaddr low = n->ctrl_mem.addr;
-hwaddr hi  = n->ctrl_mem.addr + int128_get64(n->ctrl_mem.size);
+hwaddr low = n->bar4.addr + n->cmb_offset;
+hwaddr hi  = low + NVME_CMBSZ_GETSIZE(n->bar.cmbsz);
 
-return addr >= low && addr < hi;
+return addr >= low && (addr + size) < hi;
 }
 
 static void nvme_addr_read(NvmeCtrl *n, hwaddr addr, void *buf, int size)
 {
-if (n->bar.cmbsz && nvme_addr_is_cmb(n, addr)) {
-memcpy(buf, (void *)>cmbuf[addr - n->ctrl_mem.addr], size);
+hwaddr cmb_addr = n->bar4.addr + n->cmb_offset;
+if (n->cmbsz && nvme_addr_is_cmb(n, addr, size)) {
+memcpy(buf, (void *)>cmbuf[addr - cmb_addr], size);
 return;
 }
 
@@ -167,17 +168,18 @@ static uint16_t nvme_map_prp(QEMUSGList *qsg, 
QEMUIOVector *iov, uint64_t prp1,
  uint64_t prp2, uint32_t len, NvmeCtrl *n)
 {
 hwaddr trans_len = n->page_size - (prp1 % n->page_size);
+hwaddr cmb_addr = n->bar4.addr + n->cmb_offset;
 trans_len = MIN(len, trans_len);
 int num_prps = (len >> n->page_bits) + 1;
 
 if (unlikely(!prp1)) {
 trace_pci_nvme_err_invalid_prp();
 return NVME_INVALID_FIELD | NVME_DNR;
-} else if (n->bar.cmbsz && prp1 >= n->ctrl_mem.addr &&
-   prp1 < n->ctrl_mem.addr + int128_get64(n->ctrl_mem.size)) {
+} else if (n->cmbsz && prp1 >= cmb_addr &&
+   prp1 < cmb_addr + int128_get64(n->bar4.size)) {
 qsg->nsg = 0;
 qemu_iovec_init(iov, num_prps);
-qemu_iovec_add(iov, (void *)>cmbuf[prp1 - n->ctrl_mem.addr], 
trans_len);
+qemu_iovec_add(iov, (void *)>cmbuf[prp1 - cmb_addr], trans_len);
 } else {
 pci_dma_sglist_init(qsg, >parent_obj, num_prps);
 qemu_sglist_add(qsg, prp1, trans_len);
@@ -222,7 +224,8 @@ static uint16_t nvme_map_prp(QEMUSGList *qsg, QEMUIOVector 
*iov, uint64_t prp1,
 if (qsg->nsg){
 qemu_sglist_add(qsg, prp_ent, trans_len);
 } else {
-qemu_iovec_add(iov, (void *)>cmbuf[prp_ent - 
n->ctrl_mem.addr], trans_len);
+qemu_iovec_add(iov, (void *)>cmbuf[prp_ent - cmb_addr],
+   trans_len);
 }
 len -= trans_len;
 i++;
@@ -235,7 +238,8 @@ static uint16_t nvme_map_prp(QEMUSGList *qsg, QEMUIOVector 
*iov, uint64_t prp1,
 if (qsg->nsg) {
 qemu_sglist_add(qsg, prp2, len);
 } else {
-qemu_iovec_add(iov, (void *)>cmbuf[prp2 - 
n->ctrl_mem.addr], trans_len);
+qemu_iovec_add(iov, (void *)>cmbuf[prp2 - cmb_addr],
+   trans_len);
 }
 }
 }
@@ -1360,6 +1364,7 @@ static const MemoryRegionOps nvme_cmb_ops = {
 },
 };
 
+
 static void nvme_check_constraints(NvmeCtrl *n, Error **errp)
 {
 NvmeParams *params = >params;
@@ -1395,7 +1400,7 @@ static void nvme_check_constraints(NvmeCtrl *n, Error 
**errp)
 return;
 }
 
-if (!n->params.cmb_size_mb && n->pmrdev) {
+if (n->pmrdev) {
 if (host_memory_backend_is_mapped(n->pmrdev)) {
 char *path = 
object_get_canonical_path_component(OBJECT(n->pmrdev));
 error_setg(errp, "can't use already busy memdev: %s", path);
@@ -1453,33 +1458,66 @@ 

[PATCH RESEND v2] nvme: allow cmb and pmr emulation on same device

[Andrzej Jakowski]

Hi All, 

Resending series recently posted on mailing list related to nvme device
extension.


This patch series does following:
 - Fixes problem where CMBS bit was not set in controller capabilities
   register, so support for CMB was not correctly advertised to guest.
   This is resend of patch that has been submitted and reviewed by
   Klaus [1]
 - Introduces BAR4 sharing between MSI-X vectors and CMB. This allows
   to have CMB and PMR emulated on the same device. This extension
   was indicated by Keith [2]

v2:
 - rebase on Kevin's latest block branch (Klaus [3])
 - improved comments section (Klaus [3])
 - simplified calculation of BAR4 size (Klaus [3])

v1:
 - initial push of the patch

[1]: 
https://lore.kernel.org/qemu-devel/20200408055607.g2ii7gwqbnv6cd3w@apples.localdomain/
[2]: 
https://lore.kernel.org/qemu-devel/20200330165518.ga8...@redsun51.ssa.fujisawa.hgst.com/
[3]: 
https://lore.kernel.org/qemu-devel/20200605181043.28782-1-andrzej.jakow...@linux.intel.com/

Re: [PATCH v3 0/5] Vs clang-10 and gcc-9 warnings

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200617043757.1623337-1-richard.hender...@linaro.org/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  GEN tools/virtiofsd/50-qemu-virtiofsd.json
  CC  contrib/vhost-user-input/main.o
  LINKtests/qemu-iotests/socket_scm_helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  GEN docs/interop/qemu-qmp-ref.html
  GEN docs/interop/qemu-qmp-ref.txt
  GEN docs/interop/qemu-qmp-ref.7
---
  AR  libqemuutil.a
  SIGNpc-bios/optionrom/kvmvapic.bin
  LINKelf2dmp
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  CC  qemu-img.o
  AR  libvhost-user.a
  GEN docs/interop/qemu-ga-ref.html
---
  GEN docs/interop/qemu-ga-ref.7
  LINKqemu-keymap
  LINKivshmem-client
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-server
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-io
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-edid
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKfsdev/virtfs-proxy-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKscsi/qemu-pr-helper
  LINKqemu-bridge-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKvirtiofsd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKvhost-user-input
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 

Re: [PATCH 2/2] hw/misc/pca9552: Make LEDs 13-15 also GPIOs

[Cédric Le Goater]

On 6/16/20 11:45 AM, Philippe Mathieu-Daudé wrote:
> The PCA9552 has 3 GPIOs, add them.

This is an example of an HW configuration. All pins can be used
as GPIOs. 
 
> See 'PCA9552 Product Datasheet Rev. 05 - 9 March 2006',
> chapter 6.4 'Pins used as GPIOs':
> 
>   LED pins not used to control LEDs can be used as general
>   purpose I/Os (GPIOs).
>   For use as input, set LEDn to high-impedance (01) and then
>   read the pin state via the input register.
>   For use as output, connect external pull-up resistor to the
>   pin and size it according to the DC recommended operating
>   characteristics. LED output pin is HIGH when the output is
>   programmed as high-impedance, and LOW when the output is
>   programmed LOW through the ‘LED selector’ register. The
>   output can be pulse-width controlled when PWM0 or PWM1 are
>   used.
>
>
> And chapter 8 'Application design-in information':
> 
>   LED0 to LED12 are used as LED drivers.
>   LED13 to LED15 are used as regular GPIOs.
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  include/hw/misc/pca9552.h |  2 ++
>  hw/misc/pca9552.c | 18 ++
>  2 files changed, 20 insertions(+)
> 
> diff --git a/include/hw/misc/pca9552.h b/include/hw/misc/pca9552.h
> index ebb43c63fe..7e47ea312d 100644
> --- a/include/hw/misc/pca9552.h
> +++ b/include/hw/misc/pca9552.h
> @@ -15,6 +15,7 @@
>  #define PCA9552(obj) OBJECT_CHECK(PCA9552State, (obj), TYPE_PCA9552)
>  
>  #define PCA9552_NR_REGS 10
> +#define PCA9552_NR_GPIOS 3
>  
>  typedef struct PCA9552State {
>  /*< private >*/
> @@ -27,6 +28,7 @@ typedef struct PCA9552State {
>  uint8_t regs[PCA9552_NR_REGS];
>  uint8_t max_reg;
>  uint8_t nr_leds;
> +qemu_irq gpio[PCA9552_NR_GPIOS];
>  } PCA9552State;
>  
>  #endif
> diff --git a/hw/misc/pca9552.c b/hw/misc/pca9552.c
> index a3d0decbff..6ca6c0dbc2 100644
> --- a/hw/misc/pca9552.c
> +++ b/hw/misc/pca9552.c
> @@ -12,8 +12,10 @@
>  #include "qemu/osdep.h"
>  #include "qemu/log.h"
>  #include "qemu/module.h"
> +#include "qemu/bitops.h"
>  #include "hw/misc/pca9552.h"
>  #include "hw/misc/pca9552_regs.h"
> +#include "hw/irq.h"
>  #include "migration/vmstate.h"
>  #include "qapi/error.h"
>  #include "qapi/visitor.h"
> @@ -48,12 +50,16 @@ static void pca9552_update_pin_input(PCA9552State *s)
>  s->regs[input_reg] |= 1 << input_shift;
>  if (input_shift < s->nr_leds) {
>  trace_pca9552_led_set(input_shift, true);
> +} else {
> +qemu_set_irq(s->gpio[input_shift - s->nr_leds], 1);

It is simpler to set the irq level in pca9552_gpio_set().

>  }
>  break;
>  case PCA9552_LED_OFF:
>  s->regs[input_reg] &= ~(1 << input_shift);
>  if (input_shift < s->nr_leds) {
>  trace_pca9552_led_set(input_shift, false);
> +} else {
> +qemu_set_irq(s->gpio[input_shift - s->nr_leds], 0);
>  }
>  break;
>  case PCA9552_LED_PWM0:
> @@ -65,6 +71,16 @@ static void pca9552_update_pin_input(PCA9552State *s)
>  }
>  }
>  
> +static void pca9552_gpio_set(void *opaque, int n, int enable)
> +{
> +PCA9552State *s = opaque;
> +
> +/* LED13 to LED15 are used as regular GPIOs. */
> +s->regs[PCA9552_LS3] = deposit32(s->regs[PCA9552_LS3], n + 1, 1,
> + enable ? PCA9552_LED_ON : 
> PCA9552_LED_OFF);> +pca9552_update_pin_input(s);

I would introduce a set_pin() helper instead. See pca9552_pin_get_config().
pca9552_gpio_set() would look like :

pca9552_set_pin(s, n, enable ? PCA9552_LED_ON : PCA9552_LED_OFF);
pca9552_update_pin_input(s);
qemu_set_irq(s->gpio[n], enable);

> +}
> +
>  static uint8_t pca9552_read(PCA9552State *s, uint8_t reg)
>  {
>  switch (reg) {
> @@ -308,6 +324,8 @@ static void pca9552_initfn(Object *obj)
>  NULL, NULL);
>  g_free(name);
>  }
> +qdev_init_gpio_in(DEVICE(obj), pca9552_gpio_set, PCA9552_NR_GPIOS);
> +qdev_init_gpio_out(DEVICE(obj), s->gpio, PCA9552_NR_GPIOS);
>  }
>  
>  static void pca9552_class_init(ObjectClass *klass, void *data)
> 

[PATCH v3 5/5] configure: Add -Wno-psabi

[Richard Henderson]

On aarch64, gcc 9.3 is generating

qemu/exec.c: In function ‘address_space_translate_iommu’:
qemu/exec.c:431:28: note: parameter passing for argument of type \
  ‘MemTxAttrs’ {aka ‘struct MemTxAttrs’} changed in GCC 9.1

and many other reptitions.  This structure, and the functions
amongst which it is passed, are not part of a QEMU public API.
Therefore we do not care how the compiler passes the argument,
so long as the compiler is self-consistent.

The only portion of QEMU which does have a public api, and so
must have a stable abi, is "qemu/plugin.h".  We test this by
forcing -Wpsabi in tests/plugin/Makefile.

Cc: Alex Bennée 
Cc: Peter Maydell 
Signed-off-by: Richard Henderson 
---
 configure | 1 +
 tests/plugin/Makefile | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/configure b/configure
index 5e27229f58..ba88fd1824 100755
--- a/configure
+++ b/configure
@@ -2055,6 +2055,7 @@ add_to nowarn_flags -Wno-shift-negative-value
 add_to nowarn_flags -Wno-string-plus-int
 add_to nowarn_flags -Wno-typedef-redefinition
 add_to nowarn_flags -Wno-tautological-type-limit-compare
+add_to nowarn_flags -Wno-psabi
 
 gcc_flags="$warn_flags $nowarn_flags"
 
diff --git a/tests/plugin/Makefile b/tests/plugin/Makefile
index b3250e2504..3a50451428 100644
--- a/tests/plugin/Makefile
+++ b/tests/plugin/Makefile
@@ -17,7 +17,7 @@ NAMES += lockstep
 
 SONAMES := $(addsuffix .so,$(addprefix lib,$(NAMES)))
 
-QEMU_CFLAGS += -fPIC
+QEMU_CFLAGS += -fPIC -Wpsabi
 QEMU_CFLAGS += -I$(SRC_PATH)/include/qemu
 
 all: $(SONAMES)
-- 
2.25.1

[PATCH v3 2/5] migration: fix xbzrle encoding rate calculation

[Richard Henderson]

From: Wei Wang 

It's reported an error of implicit conversion from "unsigned long" to
"double" when compiling with Clang 10. Simply make the encoding rate 0
when the encoded_size is 0.

Fixes: e460a4b1a4
Reviewed-by: Dr. David Alan Gilbert 
Reviewed-by: Richard Henderson 
Reported-by: Richard Henderson 
Signed-off-by: Wei Wang 
Signed-off-by: Richard Henderson 
---
 migration/ram.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/migration/ram.c b/migration/ram.c
index 41cc530d9d..069b6e30bc 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -913,10 +913,8 @@ static void migration_update_rates(RAMState *rs, int64_t 
end_time)
 unencoded_size = (xbzrle_counters.pages - rs->xbzrle_pages_prev) *
  TARGET_PAGE_SIZE;
 encoded_size = xbzrle_counters.bytes - rs->xbzrle_bytes_prev;
-if (xbzrle_counters.pages == rs->xbzrle_pages_prev) {
+if (xbzrle_counters.pages == rs->xbzrle_pages_prev || !encoded_size) {
 xbzrle_counters.encoding_rate = 0;
-} else if (!encoded_size) {
-xbzrle_counters.encoding_rate = UINT64_MAX;
 } else {
 xbzrle_counters.encoding_rate = unencoded_size / encoded_size;
 }
-- 
2.25.1

[PATCH v3 4/5] configure: Disable -Wtautological-type-limit-compare

[Richard Henderson]

Clang 10 enables this by default with -Wtype-limit.

All of the instances flagged by this Werror so far have been
cases in which we really do want the compiler to optimize away
the test completely.  Disabling the warning will avoid having
to add ifdefs to work around this.

Cc: Eric Blake 
Fixes: https://bugs.launchpad.net/qemu/+bug/1878628
Acked-by: Thomas Huth 
Reviewed-by: Eric Blake 
Reviewed-by: Alex Bennée 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
---
v2: Use the new add_to function.
---
 configure | 1 +
 1 file changed, 1 insertion(+)

diff --git a/configure b/configure
index a8bef95282..5e27229f58 100755
--- a/configure
+++ b/configure
@@ -2054,6 +2054,7 @@ add_to nowarn_flags -Wno-missing-include-dirs
 add_to nowarn_flags -Wno-shift-negative-value
 add_to nowarn_flags -Wno-string-plus-int
 add_to nowarn_flags -Wno-typedef-redefinition
+add_to nowarn_flags -Wno-tautological-type-limit-compare
 
 gcc_flags="$warn_flags $nowarn_flags"
 
-- 
2.25.1

[PATCH v3 3/5] configure: Clean up warning flag lists

[Richard Henderson]

Use a helper function to tidy the assembly of gcc_flags.
Separate flags that disable warnings from those that enable,
and sort the disable warnings to the end.

Suggested-by: Eric Blake 
Signed-off-by: Richard Henderson 
---
 configure | 42 --
 1 file changed, 32 insertions(+), 10 deletions(-)

diff --git a/configure b/configure
index b01b5e3bed..a8bef95282 100755
--- a/configure
+++ b/configure
@@ -97,6 +97,11 @@ do_cxx() {
 do_compiler "$cxx" "$@"
 }
 
+# Append $2 to the variable named $1, with space separation
+add_to() {
+eval $1=\${$1:+\"\$$1 \"}\$2
+}
+
 update_cxxflags() {
 # Set QEMU_CXXFLAGS from QEMU_CFLAGS by filtering out those
 # options which some versions of GCC's C++ compiler complain about
@@ -2024,16 +2029,33 @@ if ! compile_prog "" "" ; then
 error_exit "You need at least GCC v4.8 or Clang v3.4 (or XCode Clang v5.1)"
 fi
 
-gcc_flags="-Wold-style-declaration -Wold-style-definition -Wtype-limits"
-gcc_flags="-Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers 
$gcc_flags"
-gcc_flags="-Wno-missing-include-dirs -Wempty-body -Wnested-externs $gcc_flags"
-gcc_flags="-Wendif-labels -Wno-shift-negative-value $gcc_flags"
-gcc_flags="-Wno-initializer-overrides -Wexpansion-to-defined $gcc_flags"
-gcc_flags="-Wno-string-plus-int -Wno-typedef-redefinition $gcc_flags"
-# Note that we do not add -Werror to gcc_flags here, because that would
-# enable it for all configure tests. If a configure test failed due
-# to -Werror this would just silently disable some features,
-# so it's too error prone.
+# Accumulate -Wfoo and -Wno-bar separately.
+# We will list all of the enable flags first, and the disable flags second.
+# Note that we do not add -Werror, because that would enable it for all
+# configure tests. If a configure test failed due to -Werror this would
+# just silently disable some features, so it's too error prone.
+
+warn_flags=
+add_to warn_flags -Wold-style-declaration
+add_to warn_flags -Wold-style-definition
+add_to warn_flags -Wtype-limits
+add_to warn_flags -Wformat-security
+add_to warn_flags -Wformat-y2k
+add_to warn_flags -Winit-self
+add_to warn_flags -Wignored-qualifiers
+add_to warn_flags -Wempty-body
+add_to warn_flags -Wnested-externs
+add_to warn_flags -Wendif-labels
+add_to warn_flags -Wexpansion-to-defined
+
+nowarn_flags=
+add_to nowarn_flags -Wno-initializer-overrides
+add_to nowarn_flags -Wno-missing-include-dirs
+add_to nowarn_flags -Wno-shift-negative-value
+add_to nowarn_flags -Wno-string-plus-int
+add_to nowarn_flags -Wno-typedef-redefinition
+
+gcc_flags="$warn_flags $nowarn_flags"
 
 cc_has_warning_flag() {
 write_c_skeleton;
-- 
2.25.1

[PATCH v3 0/5] Vs clang-10 and gcc-9 warnings

[Richard Henderson]

Three of these patches are for cleaning up warnings vs clang-10.

The -Wtautological-type-limit-compare patch has been improved
as suggested by Eric Blake.

The final patch is for a "new" warning from gcc-9 on aarch64 hosts.
Our build box has been upgraded from bionic, so the warning is new
to me, anyway.

Changes since v2:
  * Adjustments to "Clean up warning flag lists" (eblake).
  * Add -Wpsabi to tests/plugins (ajb).


r~


Philippe Mathieu-Daudé (1):
  fpu/softfloat: Silence 'bitwise negation of boolean expression'
warning

Richard Henderson (3):
  configure: Clean up warning flag lists
  configure: Disable -Wtautological-type-limit-compare
  configure: Add -Wno-psabi

Wei Wang (1):
  migration: fix xbzrle encoding rate calculation

 configure | 44 +--
 fpu/softfloat.c   | 33 +++-
 migration/ram.c   |  4 +---
 tests/plugin/Makefile |  2 +-
 4 files changed, 60 insertions(+), 23 deletions(-)

-- 
2.25.1

[PATCH v3 1/5] fpu/softfloat: Silence 'bitwise negation of boolean expression' warning

[Richard Henderson]

From: Philippe Mathieu-Daudé 

When building with clang version 10.0.0-4ubuntu1, we get:

CC  lm32-softmmu/fpu/softfloat.o
  fpu/softfloat.c:3365:13: error: bitwise negation of a boolean expression; did 
you mean logical negation? [-Werror,-Wbool-operation]
  absZ &= ~ ( ( ( roundBits ^ 0x40 ) == 0 ) & roundNearestEven );
  ^~

  fpu/softfloat.c:3423:18: error: bitwise negation of a boolean expression; did 
you mean logical negation? [-Werror,-Wbool-operation]
  absZ0 &= ~ ( ( (uint64_t) ( absZ1<<1 ) == 0 ) & roundNearestEven );
   ^

  ...

  fpu/softfloat.c:4273:18: error: bitwise negation of a boolean expression; did 
you mean logical negation? [-Werror,-Wbool-operation]
  zSig1 &= ~ ( ( zSig2 + zSig2 == 0 ) & roundNearestEven );
   ^~~

Fix by rewriting the fishy bitwise AND of two bools as an int.

Suggested-by: Eric Blake 
Buglink: https://bugs.launchpad.net/bugs/1881004
Reviewed-by: Thomas Huth 
Reviewed-by: Eric Blake 
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20200528155420.9802-1-phi...@redhat.com>
Signed-off-by: Richard Henderson 
---
 fpu/softfloat.c | 33 -
 1 file changed, 24 insertions(+), 9 deletions(-)

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 6c8f2d597a..5e9746c287 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -3362,7 +3362,9 @@ static int32_t roundAndPackInt32(bool zSign, uint64_t 
absZ,
 }
 roundBits = absZ & 0x7F;
 absZ = ( absZ + roundIncrement )>>7;
-absZ &= ~ ( ( ( roundBits ^ 0x40 ) == 0 ) & roundNearestEven );
+if (!(roundBits ^ 0x40) && roundNearestEven) {
+absZ &= ~1;
+}
 z = absZ;
 if ( zSign ) z = - z;
 if ( ( absZ>>32 ) || ( z && ( ( z < 0 ) ^ zSign ) ) ) {
@@ -3420,7 +3422,9 @@ static int64_t roundAndPackInt64(bool zSign, uint64_t 
absZ0, uint64_t absZ1,
 if ( increment ) {
 ++absZ0;
 if ( absZ0 == 0 ) goto overflow;
-absZ0 &= ~ ( ( (uint64_t) ( absZ1<<1 ) == 0 ) & roundNearestEven );
+if (!(absZ1 << 1) && roundNearestEven) {
+absZ0 &= ~1;
+}
 }
 z = absZ0;
 if ( zSign ) z = - z;
@@ -3480,7 +3484,9 @@ static int64_t roundAndPackUint64(bool zSign, uint64_t 
absZ0,
 float_raise(float_flag_invalid, status);
 return UINT64_MAX;
 }
-absZ0 &= ~(((uint64_t)(absZ1<<1) == 0) & roundNearestEven);
+if (!(absZ1 << 1) && roundNearestEven) {
+absZ0 &= ~1;
+}
 }
 
 if (zSign && absZ0) {
@@ -3603,7 +3609,9 @@ static float32 roundAndPackFloat32(bool zSign, int zExp, 
uint32_t zSig,
 status->float_exception_flags |= float_flag_inexact;
 }
 zSig = ( zSig + roundIncrement )>>7;
-zSig &= ~ ( ( ( roundBits ^ 0x40 ) == 0 ) & roundNearestEven );
+if (!(roundBits ^ 0x40) && roundNearestEven) {
+zSig &= ~1;
+}
 if ( zSig == 0 ) zExp = 0;
 return packFloat32( zSign, zExp, zSig );
 
@@ -3757,7 +3765,9 @@ static float64 roundAndPackFloat64(bool zSign, int zExp, 
uint64_t zSig,
 status->float_exception_flags |= float_flag_inexact;
 }
 zSig = ( zSig + roundIncrement )>>10;
-zSig &= ~ ( ( ( roundBits ^ 0x200 ) == 0 ) & roundNearestEven );
+if (!(roundBits ^ 0x200) && roundNearestEven) {
+zSig &= ~1;
+}
 if ( zSig == 0 ) zExp = 0;
 return packFloat64( zSign, zExp, zSig );
 
@@ -3983,8 +3993,9 @@ floatx80 roundAndPackFloatx80(int8_t roundingPrecision, 
bool zSign,
 }
 if ( increment ) {
 ++zSig0;
-zSig0 &=
-~ ( ( (uint64_t) ( zSig1<<1 ) == 0 ) & roundNearestEven );
+if (!(zSig1 << 1) && roundNearestEven) {
+zSig0 &= ~1;
+}
 if ( (int64_t) zSig0 < 0 ) zExp = 1;
 }
 return packFloatx80( zSign, zExp, zSig0 );
@@ -4000,7 +4011,9 @@ floatx80 roundAndPackFloatx80(int8_t roundingPrecision, 
bool zSign,
 zSig0 = UINT64_C(0x8000);
 }
 else {
-zSig0 &= ~ ( ( (uint64_t) ( zSig1<<1 ) == 0 ) & roundNearestEven );
+if (!(zSig1 << 1) && roundNearestEven) {
+zSig0 &= ~1;
+}
 }
 }
 else {
@@ -4270,7 +4283,9 @@ static float128 roundAndPackFloat128(bool zSign, int32_t 
zExp,
 }
 if ( increment ) {
 add128( zSig0, zSig1, 0, 1, ,  );
-zSig1 &= ~ ( ( zSig2 + zSig2 == 0 ) & roundNearestEven );
+if ((zSig2 + zSig2 == 0) && roundNearestEven) {
+zSig1 &= ~1;
+}
 }
 else {
 if ( ( zSig0 | zSig1 ) == 0 ) zExp = 0;
-- 
2.25.1

Re: [PATCH 7/7] hw/watchdog/wdt_aspeed: Reduce timer precision to micro-second

[Philippe Mathieu-Daudé]

Hi Andrew,

On 6/17/20 3:18 AM, Andrew Jeffery wrote:
> On Tue, 16 Jun 2020, at 17:21, Philippe Mathieu-Daudé wrote:
>> The current implementation uses nano-second precision, while
>> the watchdog can not be more precise than a micro-second.
> 
> What's the basis for this assertion? It's true for the AST2500 and AST2600, 
> but 
> the AST2400 can run the watchdog from either a 1MHz clock source or the APB 
> clock (which must be at least 16.5MHz on palmetto). The reset state on the
> AST2400 configures the watchdog for the APB clock rate.
> 
> The Linux driver will eventually configure the watchdog for 1MHz mode
> regardless so perhaps the AST2400 reset state is a bit of a corner case, but
> I feel the assertion should be watered down a bit?

What about this description?

"The current implementation uses nano-second precision, but
 is not more precise than micro-second precision.
 Simplify by using a micro-second based timer.
 Rename the timer 'timer_us' to have the unit explicit."

> 
> Andrew
> 

Re: applying mailing list review tags (was: Re: [PATCH v3 00/16] python: add mypy support to python/qemu)

[Philippe Mathieu-Daudé]

On 6/16/20 7:58 PM, John Snow wrote:
> 
> 
> On 6/9/20 4:58 AM, Markus Armbruster wrote:
>> Philippe Mathieu-Daudé  writes:
>>
>>> On 6/8/20 5:33 PM, Kevin Wolf wrote:
 Am 08.06.2020 um 17:19 hat John Snow geschrieben:
>
>
> On 6/5/20 5:26 AM, Kevin Wolf wrote:
>> Am 04.06.2020 um 22:22 hat John Snow geschrieben:
>>> Based-on: 20200604195252.20739-1-js...@redhat.com
>>>
>>> This series is extracted from my larger series that attempted to bundle
>>> our python module as an installable module. These fixes don't require 
>>> that,
>>> so they are being sent first as I think there's less up for debate in 
>>> here.
>>>
>>> This requires my "refactor shutdown" patch as a pre-requisite.
>>
>> You didn't like my previous R-b? Here's a new one. :-)
>>
>> Reviewed-by: Kevin Wolf 
>>
>
> I felt like I should address the feedback, and though I could have
> applied the R-B to patches I didn't change, it was ... faster to just
> re-send it.
>
> Serious question: How do you apply people's R-Bs to your patches? At the
> moment, it's pretty manually intensive for me. I use stgit and I pop all
> of the patches off (stg pop -n 100), and then one-at-a-time I `stg push;
> stg edit` and copy-paste the R-B into it.
>>>
>>> wget https://patchew.org/QEMU/${MSG_ID}/mbox
>>> git am mbox
>>>
>>> Where ${MSG_ID} is the Message-Id of the series cover letter.
>>
>> Patchew's awesomeness is still under-appreciated.
>>
> 
> Not for lack of appreciating patchew, but the problem with this workflow
> is if I have already made modifications to my patches locally, I can't
> use this to apply tags from upstream.

Does that mean you want to respin this series?
Else you can consider it applied on python-next.

> 
> It looks like I will continue to do this manually for the time being;
> but scripting the ability to "merge tags" from the list would be a cool
> trick.
> 
> I'm not sure how to do it with git, though. Let's say I've got 16
> patches and I've made modifications to some, but not all; so I have a
> branch with 16 patches ahead of origin/master.
> 
> Does anyone have any cool tricks for being able to script:
> 
> 1. Correlating a mailing list patch from e.g. patchew to a commit in my
> history, even if it's changed a little bit?
> 
> (git-backport-diff uses patch names, that might be sufficient... Could
> use that as a starting point, at least.)
> 
> 2. Obtaining the commit message of that patch?
> `git show -s --format=%B $SHA` ought to do it...
> 
> 3. Editing that commit message? This I'm not sure about. I'd need to
> understand the tags on the upstream and downstream versions, merge them,
> and then re-write the message. Some magic with `git rebase -i` ?
> 
> --js
> 

Re: [PULL 00/84] QOM patches for 2020-06-15

[Philippe Mathieu-Daudé]

On 6/16/20 5:26 PM, Thomas Huth wrote:
> On 16/06/2020 14.26, Peter Maydell wrote:
>> On Mon, 15 Jun 2020 at 21:43, Markus Armbruster  wrote:
>>>
>>> The following changes since commit 7d3660e79830a069f1848bb4fa1cdf8f666424fb:
>>>
>>>   Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into 
>>> staging (2020-06-12 23:06:22 +0100)
>>>
>>> are available in the Git repository at:
>>>
>>>   git://repo.or.cz/qemu/armbru.git tags/pull-qom-2020-06-15
>>>
>>> for you to fetch changes up to b77b5b3dc7a4730d804090d359c57d33573cf85a:
>>>
>>>   MAINTAINERS: Make section QOM cover hw/core/*bus.c as well (2020-06-15 
>>> 22:06:04 +0200)
>>>
>>> 
>>> QOM patches for 2020-06-15
>>>
>>> * Make "info qom-tree" show children sorted
>>> * Fixes around device realization
>>> * Rework how we plug into devices into their parent bus
>>
>>
>> Applied, thanks.
>>
>> Please update the changelog at https://wiki.qemu.org/ChangeLog/5.1
>> for any user-visible changes.
> 
> This pull requests (with the patch "qdev: qdev_init_nofail() is now
> unused, drop") apparently broke some iotests:
> 
>  https://gitlab.com/qemu-project/qemu/-/jobs/597414772#L4376
> 
> Can you please have a look?

Fix sent:
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg04730.html

> 
>  Thanks,
>   Thomas
> 
> 

Re: [PATCH 5/7] hw/arm/mps2: Add I2C busses on FPGA APB

[Philippe Mathieu-Daudé]

On 6/16/20 12:21 PM, Peter Maydell wrote:
> On Tue, 16 Jun 2020 at 07:32, Philippe Mathieu-Daudé  wrote:
>>
>> There are 4 different I2C peripherals on the FPGA APB.
>>
>> Signed-off-by: Philippe Mathieu-Daudé 
>> ---
>>  hw/arm/mps2.c | 7 +++
>>  1 file changed, 7 insertions(+)
>>
>> diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
>> index 4a49bfa9b9..6224d7a63c 100644
>> --- a/hw/arm/mps2.c
>> +++ b/hw/arm/mps2.c
>> @@ -321,6 +321,7 @@ static void mps2_common_init(MachineState *machine)
>>  create_unimplemented_device("cmsdk-ahb-gpio", gpiobase[i], 0x1000);
>>  }
>>
>> +/* FPGA APB */
>>  sysbus_init_child_obj(OBJECT(mms), "scc", >scc,
>>sizeof(mms->scc), TYPE_MPS2_SCC);
>>  sccdev = DEVICE(>scc);
>> @@ -330,6 +331,12 @@ static void mps2_common_init(MachineState *machine)
>>  object_property_set_bool(OBJECT(>scc), true, "realized",
>>   _fatal);
>>  sysbus_mmio_map(SYS_BUS_DEVICE(sccdev), 0, 0x4002f000);
>> +for (i = 0; i < 4; i++) {
>> +static const hwaddr i2cbase[] = {0x40022000, 0x40023000,
>> + 0x40029000, 0x4002a000};
>> +
>> +sysbus_create_simple("versatile_i2c", i2cbase[i], NULL);
>> +}
> 
> Is this device really the same as the I2C controller h/w
> on the versatile board ?

It seems the opposite way around, the I2C controller modeled as
'versatile_i2c' is the real 'ARM SBCon two-wire serial bus interface'
bitbanging I2C. IIUC the name 'ARM SBCon two-wire serial bus interface'
became official /after/ the versatile was released, so 'versatile-i2c'
is the popular name.

Yes, the MPS2(+) implement the ARM SBCon two-wire serial bus interface.

I'll see to add a TYPE_SBCON_I2C alias, it might be easier.

> 
> thanks
> -- PMM
> 

Re: [RFC v3 6/8] vhost-backend: export the vhost backend helper

[Cindy Lu]

On Tue, Jun 16, 2020 at 4:17 PM Laurent Vivier  wrote:
>
> On 29/05/2020 16:06, Cindy Lu wrote:
> > export the helper then we can reuse some of them in vhost-vdpa
> >
> > Signed-off-by: Cindy Lu 
> > ---
> >  hw/virtio/vhost-backend.c | 34 ++-
> >  include/hw/virtio/vhost-backend.h | 28 +
> >  2 files changed, 48 insertions(+), 14 deletions(-)
> >
> > diff --git a/hw/virtio/vhost-backend.c b/hw/virtio/vhost-backend.c
> > index 48905383f8..42efb4967b 100644
> > --- a/hw/virtio/vhost-backend.c
> > +++ b/hw/virtio/vhost-backend.c
> > @@ -14,7 +14,7 @@
> >  #include "qemu/error-report.h"
> >  #include "qemu/main-loop.h"
> >  #include "standard-headers/linux/vhost_types.h"
> > -
> > +#include "hw/virtio/vhost-vdpa.h"
>
> You can't include this file because it is created in the next patch.
>
> >  #ifdef CONFIG_VHOST_KERNEL
> >  #include 
> >  #include 
> > @@ -22,10 +22,16 @@
> >  static int vhost_kernel_call(struct vhost_dev *dev, unsigned long int 
> > request,
> >   void *arg)
> >  {
> > -int fd = (uintptr_t) dev->opaque;
> > -
> > -assert(dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_KERNEL);
> > -
> > +int fd = -1;
> > +struct vhost_vdpa *v = NULL;
> > +if (dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_KERNEL) {
> > +fd  = (uintptr_t) dev->opaque;
> > +}
> > +if (dev->vhost_ops->backend_type == VHOST_BACKEND_TYPE_VDPA) {
> > +v = dev->opaque;
> > +fd = v->device_fd;
> > +}
> > +assert(fd != -1);
>
> A switch would be cleaner:
>
> switch (dev->vhost_ops->backend_type) {
> case VHOST_BACKEND_TYPE_KERNEL:
> fd  = (uintptr_t)dev->opaque;
> break;
> case VHOST_BACKEND_TYPE_VDPA:
> fd = ((struct vhost_vdpa *)dev->opaque)->device_fd;
> break;
> default:
> g_assert_not_reached()
> }
>
> >  return ioctl(fd, request, arg);
> >  }
> >
>
Thanks Laurent , will fix this
> Thanks,
> Laurent
>

Re: [PATCH v4 1/3] qmp.py: change event_wait to use a dict

[John Snow]

On 6/16/20 5:41 PM, Eric Blake wrote:
> On 5/14/20 2:31 PM, John Snow wrote:
> 

 Nah, it's fine. I'll clean it up. This is pretty close to an RFC series
 anyway, so I didn't really polish it.

 (Or, I will try to clean it up. I probably won't work on it again in
 the
 near term. I think I just wanted to see if this seemed useful in
 general
 to people.
>>>
>>> Ah, there isn't much missing for this series, though. We don't have to
>>> wait for a fix-the-world series when we can incrementally improve
>>> things.
>>>
>>
>> Alright, I'll try to hit it halfway -- I spent some time thinking about
>> a "full" job running framework but ran into some dead-ends I wasn't too
>> happy with, and wasn't convinced this was a simplification of any kind.
>>
>> Still, seeing part of the job running code get duplicated in 040 was a
>> motivation to try and provide some universal job-running monster that
>> would be extensible for nearly any task.
>>
>> Unfortunately that complexity does generally make the calling sites look
>> worse, so I cooled off on the idea since.
>>
>> So I did intend this as an RFC, because I'm not really 100% happy with
>> the design.
> 
> I noticed that the block-dirty-bitmap-populate series depends on this
> one; is it going to be simpler for me to fix the few things that Kevin
> pointed out here, or to wait for you to post a v5 of this series, or to
> rewrite the iotest in that series to not depend on JobRunner after all?
> 

It should be pretty trivial (I think) to just rebase the bitpop job on
top of mainline QEMU without needing this, I'd recommend doing that.

I started porting the job runner to the standalone qemu package instead
and it's going to take me longer to do that than it would be to just not
use this patchset for the bitpop test.

If you ping me on IRC tomorrow (Sorry) I can wean the dependency myself.

--js

Re: [PATCH v2 3/5] configure: Clean up warning flag lists

[Richard Henderson]

On 6/11/20 7:25 AM, Eric Blake wrote:
>> +add_to warn_flags -Wold-style-declaration
> 
> Hmm - should we add:
> warn_flags= nowarn_flags=
> prior to this line, to ensure that something inherited from the environment
> doesn't mess us up.
> 
>> +add_to warn_flags -Wold-style-definition
>> +add_to warn_flags -Wtype-limits
>> +add_to warn_flags -Wformat-security
>> +add_to warn_flags -Wformat-y2k
>> +add_to warn_flags -Winit-self
>> +add_to warn_flags -Wignored-qualifiers
>> +add_to warn_flags -Wempty-body
>> +add_to warn_flags -Wnested-externs
>> +add_to warn_flags -Wendif-labels
>> +add_to warn_flags -Wno-initializer-overrides
> 
> wrong list

Thanks, fixed both.


r~

Re: [PATCH 7/7] hw/watchdog/wdt_aspeed: Reduce timer precision to micro-second

[Andrew Jeffery]

On Tue, 16 Jun 2020, at 17:21, Philippe Mathieu-Daudé wrote:
> The current implementation uses nano-second precision, while
> the watchdog can not be more precise than a micro-second.

What's the basis for this assertion? It's true for the AST2500 and AST2600, but 
the AST2400 can run the watchdog from either a 1MHz clock source or the APB 
clock (which must be at least 16.5MHz on palmetto). The reset state on the
AST2400 configures the watchdog for the APB clock rate.

The Linux driver will eventually configure the watchdog for 1MHz mode
regardless so perhaps the AST2400 reset state is a bit of a corner case, but
I feel the assertion should be watered down a bit?

Andrew

Re: [PATCH 0/5] linux-user: Support extended clone(CLONE_VM)

[Josh Kunz]

On Tue, Jun 16, 2020 at 9:32 AM Peter Maydell 
wrote:
>
> On Tue, 16 Jun 2020 at 17:08, Alex Bennée  wrote:
> > Apart from "a more perfect emulation" is there a particular use case
> > served by the extra functionality? AIUI up until this point we've
> > basically supported glibc's use of clone() which has generally been
> > enough. I'm assuming you've come across stuff that needs this more fine
> > grained support?
>
> There are definitely cases we don't handle that cause problems;
> notably https://bugs.launchpad.net/qemu/+bug/1673976 reports
> that newer glibc implement posix_spawn() using CLONE_VM|CLONE_VFORK
> which we don't handle correctly (though it is now just "we don't
> report failures correctly" rather than "guest asserts").

This originally came up for us at Google in multi-threaded guest binaries
using TCMalloc (https://github.com/google/tcmalloc). TCMalloc does not have
any special `at_fork` handling, so guest processes using TCMalloc spawn
subprocesses using a custom bit of code based on `clone(CLONE_VM)` (notably
*not* vfork()).

We've also been using this patch to work around similar issues in QEMU
itself when creating subprocesses with fork()/vfork(). Since QEMU (and
GLib) rely on locks to emulate multi-threaded guests that share virtual
memory, QEMU itself is also vulnerable to deadlocks when a guest forks.
Without this patch we've run into deadlocks with TCG region trees, and
GLib's `g_malloc`, there are likely others as well, since we could still
reproduce the deadlocks after fixing these specific problems.

The issues caused by using fork() in multi-threaded guests are pretty
tricky to debug. They are fundamentally data races (was another thread in
the critical section or not?), and they usually manifest as deadlocks,
which show up as timeouts or hangs to users. I suspect this issue happens
frequently in the wild, but at a low enough rate/user that nobody bothered
fixing it/reporting it yet. Use of `vfork()` with `CLONE_VM` is common as
mentioned by Alex. For example it is the only way to spawn subprocesses in
Go on most platforms:
https://github.com/golang/go/blob/master/src/syscall/exec_linux.go#L218

I tried to come up with a good reproducer for these issues, but I haven't
been able to make one. The cases we have at Google that trigger this issue
reliably are big and they contain lots of code I can't share. When
compiling QEMU itself with TCMalloc, I can pretty reliably reproduce a
deadlock with a program that just calls vfork(), but that's somewhat
synthetic.

> The problem has always been that glibc implicitly assumes it
> knows what the process's threads are like, ie that it is the
> only thing doing any clone()s. (The comment in syscall.c mentions
> it "breaking mutexes" though I forget what I had in mind when
> I wrote that comment.) I haven't looked at these patches,
> but the risk of being clever is that we end up implicitly
> depending on details of glibc's internal implementation in a
> potentially fragile way.
>
>
> I forget whether QEMU can build against musl libc, but if we do
> then that might be an interesting test of whether we have
> accidental dependencies on the libc internals.

I agree it would be interesting to test against musl. I'm pretty sure it
would work (this patch only relies on POSIX APIs + Platform ABIs for TLS),
but it would be interesting to confirm.

--
Josh Kunz

Re: [PATCH 0/3] Add Scripts for Finding Top 25 Executed Functions

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200616231204.8850-1-ahmedkhaledkara...@gmail.com/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  GEN docs/interop/qemu-qmp-ref.html
  GEN docs/interop/qemu-qmp-ref.txt
  GEN docs/interop/qemu-qmp-ref.7
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  CC  qga/commands.o
  CC  qga/guest-agent-command-state.o
  CC  qga/main.o
---
  GEN docs/interop/qemu-ga-ref.html
  GEN docs/interop/qemu-ga-ref.txt
  GEN docs/interop/qemu-ga-ref.7
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-ga
  LINKqemu-keymap
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-client
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-server
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AS  pc-bios/optionrom/multiboot.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AS  pc-bios/optionrom/linuxboot.o
  CC  pc-bios/optionrom/linuxboot_dma.o
  AS  pc-bios/optionrom/kvmvapic.o
---
  BUILD   pc-bios/optionrom/kvmvapic.raw
  BUILD   pc-bios/optionrom/pvh.raw
  SIGNpc-bios/optionrom/multiboot.bin
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  SIGNpc-bios/optionrom/linuxboot.bin
  SIGNpc-bios/optionrom/linuxboot_dma.bin
  SIGNpc-bios/optionrom/kvmvapic.bin
  SIGNpc-bios/optionrom/pvh.bin
  LINKqemu-edid
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKfsdev/virtfs-proxy-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKscsi/qemu-pr-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-bridge-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  

[PATCH 3/3] scripts/performance: Add perf_top_25.py script

[Ahmed Karaman]

Python script that prints the top 25 most executed functions in QEMU
using perf.

Signed-off-by: Ahmed Karaman 
---
 scripts/performance/perf_top_25.py | 82 ++
 1 file changed, 82 insertions(+)
 create mode 100644 scripts/performance/perf_top_25.py

diff --git a/scripts/performance/perf_top_25.py 
b/scripts/performance/perf_top_25.py
new file mode 100644
index 00..eaa8cce3c3
--- /dev/null
+++ b/scripts/performance/perf_top_25.py
@@ -0,0 +1,82 @@
+#!/usr/bin/env python3
+
+#  Print the top 25 most executed functions in QEMU using perf.
+#  Example Usage:
+#  perf_top_25.py /x86_64-linux-user/qemu-x86_64 executable
+#
+#  This file is a part of the project "TCG Continuous Benchmarking".
+#
+#  Copyright (C) 2020  Ahmed Karaman 
+#  Copyright (C) 2020  Aleksandar Markovic 
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program. If not, see .
+
+import os
+import sys
+
+# Ensure sufficient arguments
+if len(sys.argv) < 3:
+print('Insufficient Script Arguments!')
+sys.exit(1)
+
+# Get the qemu path and the executable + its arguments
+(qemu_path, executable) = (sys.argv[1], ' '.join(sys.argv[2:]))
+
+# Run perf repcord and report
+os.system('sudo perf record {} {} 2> /dev/null \
+&& sudo perf report --stdio > tmp.perf.data'
+  .format(qemu_path, executable))
+
+# Line number with the top function
+first_func_line = 11
+
+# Perf report output
+perf_data = []
+
+# Open perf report output and store it in perf_data
+with open('tmp.perf.data', 'r') as data:
+perf_data = data.readlines()
+
+# Number of functions recorded by perf
+number_of_functions = len(perf_data) - first_func_line
+
+# Limit the number of top functions to 25
+number_of_top_functions = (25 if number_of_functions >
+   25 else number_of_functions)
+
+# Store the data of the top functions in top_functions[]
+top_functions = perf_data[first_func_line:first_func_line
+  + number_of_top_functions]
+
+# Print information headers
+print('{:>4}  {:>10}  {:<25}  {}\n{}  {}  {}  {}'.format('No.',
+ 'Percentage',
+ 'Name',
+ 'Caller',
+ '-' * 4,
+ '-' * 10,
+ '-' * 25,
+ '-' * 25,
+ ))
+
+# Print top 25 functions
+for (index, function) in enumerate(top_functions, start=1):
+function_data = function.split()
+print('{:>4}  {:>10}  {:<25}  {}'.format(index,
+ function_data[0],
+ function_data[-1],
+ ' '.join(function_data[2:-2])))
+
+# Remove intermediate files
+os.system('sudo rm perf.data tmp.perf.data')
-- 
2.17.1

[PATCH 2/3] scripts/performance: Add callgrind_top_25.py script

[Ahmed Karaman]

Python script that prints the top 25 most executed functions in QEMU
using callgrind.

Signed-off-by: Ahmed Karaman 
---
 scripts/performance/callgrind_top_25.py | 95 +
 1 file changed, 95 insertions(+)
 create mode 100644 scripts/performance/callgrind_top_25.py

diff --git a/scripts/performance/callgrind_top_25.py 
b/scripts/performance/callgrind_top_25.py
new file mode 100644
index 00..03b089a96d
--- /dev/null
+++ b/scripts/performance/callgrind_top_25.py
@@ -0,0 +1,95 @@
+#!/usr/bin/env python3
+
+#  Print the top 25 most executed functions in QEMU using callgrind.
+#  Example Usage:
+#  callgrind_top_25.py /x86_64-linux-user/qemu-x86_64 executable
+#
+#  This file is a part of the project "TCG Continuous Benchmarking".
+#
+#  Copyright (C) 2020  Ahmed Karaman 
+#  Copyright (C) 2020  Aleksandar Markovic 
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program. If not, see .
+
+import os
+import sys
+
+# Ensure sufficient arguments
+if len(sys.argv) < 3:
+print('Insufficient Script Arguments!')
+sys.exit(1)
+
+# Get the qemu path and the executable + its arguments
+(qemu, executable) = (sys.argv[1], ' '.join(sys.argv[2:]))
+
+# Run callgrind and callgrind_annotate
+os.system('valgrind --tool=callgrind --callgrind-out-file=callgrind.data {} {} 
\
+2 > / dev / null & & callgrind_annotate callgrind.data \
+> tmp.callgrind.data'.
+  format(qemu, executable))
+
+# Line number with the total number of instructions
+number_of_instructions_line = 20
+
+# Line number with the top function
+first_func_line = 25
+
+# callgrind_annotate output
+callgrind_data = []
+
+# Open callgrind_annotate output and store it in callgrind_data
+with open('tmp.callgrind.data', 'r') as data:
+callgrind_data = data.readlines()
+
+# Get the total number of instructions
+total_number_of_instructions = int(
+callgrind_data[number_of_instructions_line].split(' ')[0].replace(',', ''))
+
+# Number of functions recorded by callgrind
+number_of_functions = len(callgrind_data) - first_func_line
+
+# Limit the number of top functions to 25
+number_of_top_functions = (25 if number_of_functions >
+   25 else number_of_instructions_line)
+
+# Store the data of the top functions in top_functions[]
+top_functions = callgrind_data[first_func_line:
+   first_func_line + number_of_top_functions]
+# Print information headers
+print('{:>4}  {:>10}  {:<25}  {}\n{}  {}  {}  {}'.format('No.',
+ 'Percentage',
+ 'Name',
+ 'Source File',
+ '-' * 4,
+ '-' * 10,
+ '-' * 25,
+ '-' * 30,
+ ))
+
+# Print top 25 functions
+for (index, function) in enumerate(top_functions, start=1):
+function_data = function.split()
+# Calculate function percentage
+percentage = (float(function_data[0].replace(
+',', '')) / total_number_of_instructions) * 100
+# Get function source path and name
+path, name = function_data[1].split(':')
+# Print extracted data
+print('{:>4}  {:>9.3f}%  {:<25}  {}'.format(index,
+round(percentage, 3),
+name,
+path))
+
+# Remove intermediate files
+os.system('rm callgrind.data tmp.callgrind.data')
-- 
2.17.1

[PATCH 1/3] MAINTAINERS: Add 'Miscellaneous' section

[Ahmed Karaman]

This new section includes the 'Performance Tools and Tests' subsection
which will contain the the performance scripts and benchmarks written
as a part of the 'TCG Continuous Benchmarking' project.

Signed-off-by: Ahmed Karaman 
---
 MAINTAINERS | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 955cc8dd5c..68f668ae2a 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2974,3 +2974,10 @@ M: Peter Maydell 
 S: Maintained
 F: docs/conf.py
 F: docs/*/conf.py
+
+Miscellaneous
+-
+Performance Tools and Tests
+M: Ahmed Karaman 
+S: Maintained
+F: scripts/performance/
\ No newline at end of file
-- 
2.17.1

[PATCH 0/3] Add Scripts for Finding Top 25 Executed Functions

[Ahmed Karaman]

Greetings,

As a part of the TCG Continous Benchmarking project for GSoC this
year, detailed reports discussing different performance measurement
methodologies and analysis results will be sent here on the mailing
list.

The project's first report is currently being revised and will be
posted on the mailing list in the next few days.
A section in this report will deal with measuring the top 25 executed
functions when running QEMU. It includes two Python scripts that
automatically perform this task.

This series adds these two scripts to a new performance directory
created under the scripts directory. It also adds a new
"Miscellaneous" section to the end of the MAINTAINERS file with a
"Performance Tools and Tests" subsection.

Best regards,
Ahmed Karaman

Ahmed Karaman (3):
  MAINTAINERS: Add 'Miscellaneous' section
  scripts/performance: Add callgrind_top_25.py script
  scripts/performance: Add perf_top_25.py script

 MAINTAINERS |  7 ++
 scripts/performance/callgrind_top_25.py | 95 +
 scripts/performance/perf_top_25.py  | 82 +
 3 files changed, 184 insertions(+)
 create mode 100644 scripts/performance/callgrind_top_25.py
 create mode 100644 scripts/performance/perf_top_25.py

-- 
2.17.1

Re: [PATCH v3 0/8] tpm: Enable usage of TPM TIS with interrupts

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200616205721.1191408-1-stef...@linux.vnet.ibm.com/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  CC  qga/commands.o
  CC  qga/guest-agent-command-state.o
  CC  qga/main.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  CC  qga/commands-posix.o
  CC  qga/channel-posix.o
  CC  qga/qapi-generated/qga-qapi-types.o
---
  GEN docs/interop/qemu-ga-ref.html
  GEN docs/interop/qemu-ga-ref.txt
  GEN docs/interop/qemu-ga-ref.7
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-keymap
  LINKivshmem-client
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-server
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
  AS  pc-bios/optionrom/multiboot.o
  AS  pc-bios/optionrom/linuxboot.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-img
  CC  pc-bios/optionrom/linuxboot_dma.o
  AS  pc-bios/optionrom/kvmvapic.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AS  pc-bios/optionrom/pvh.o
  CC  pc-bios/optionrom/pvh_main.o
  LINKqemu-io
  LINKqemu-edid
  BUILD   pc-bios/optionrom/multiboot.img
  LINKfsdev/virtfs-proxy-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKscsi/qemu-pr-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  BUILD   pc-bios/optionrom/linuxboot.img
  BUILD   pc-bios/optionrom/linuxboot_dma.img
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  BUILD   pc-bios/optionrom/kvmvapic.img
  BUILD   pc-bios/optionrom/pvh.img
  BUILD   pc-bios/optionrom/multiboot.raw
---
  BUILD   pc-bios/optionrom/kvmvapic.raw
  BUILD   pc-bios/optionrom/pvh.raw
  SIGNpc-bios/optionrom/multiboot.bin
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of 

Re: [PATCH 72/78] 9p: Lock directory streams with a CoMutex

[Michael Roth]

Quoting Greg Kurz (2020-06-16 11:41:36)
> On Tue, 16 Jun 2020 18:09:04 +0200
> Christian Schoenebeck  wrote:
> 
> > On Dienstag, 16. Juni 2020 17:14:40 CEST Greg Kurz wrote:
> > > Cc'ing co-maintainer Christian Schoenebeck.
> > > 
> > > Christian,
> > > 
> > > If there are some more commits you think are worth being cherry picked
> > > for QEMU 4.2.1, please inform Michael before freeze on 2020-06-22.
> > 
> > Indeed, for that particular stable branch I would see the following 9p fixes
> > as additional candidates (chronologically top down):
> > 
> > 841b8d099c [trivial] 9pfs: local: Fix possible memory leak in local_link()
> > 846cf408a4 [maybe] 9p: local: always return -1 on error in 
> > local_unlinkat_common
> > 9580d60e66 [maybe] virtio-9p-device: fix memleak in 
> > virtio_9p_device_unrealize
> > 659f195328 [trivial] 9p/proxy: Fix export_flags
> > a5804fcf7b [maybe] 9pfs: local: ignore O_NOATIME if we don't have 
> > permissions
> > 03556ea920 [trivial] 9pfs: include linux/limits.h for XATTR_SIZE_MAX
> > a4c4d46272 [recommended] xen/9pfs: yield when there isn't enough room on 
> > the ring
> > 
> > What do you think Greg?
> > 
> 
> AFAIK, only regressions and fixes to severe bugs (QEMU crashes, hangs, CVEs) 
> go
> to stable QEMU releases. It doesn't seem to be the case for any of the commits
> listed above but I had only a quick look.

That's the main focus, but if memory leaks and other minor fixes get tagged
for stable I'll generally pull those in as well if the backport is fairly
straightforward. As that was the case with the patches above I went
ahead and pull those in.

> 
> > What's the recommended way for me to keep track of imminent stable picks/
> > freezes in future?
> > 
> 
> Hmm good question. I'm usually notified when Michael posts the patch round-up
> and a 9p patch is already in the list, like for the present patch. Other than
> that I watch qemu-stable from time to time or the planning pages in the wiki.
> 
> Michael, anything better to suggest to Christian ?

I think that about covers it. You can also subscribe to the planning
pages, e.g. https://wiki.qemu.org/Planning/5.0 (by clicking the
star/"add to watchlist" icon), then you'll get notifications when
additional release/freeze dates are added. Generally it will be updated
shortly before the patch round-up gets posted to qemu-stable.

> 
> > Best regards,
> > Christian Schoenebeck
> > 
> > 
> 

Re: [PATCH v5 1/2] target/arm: kvm: Handle DABT with no valid ISS

[Beata Michalska]

Hi Andrew,

Thanks for the feedback.

On Tue, 16 Jun 2020 at 09:33, Andrew Jones  wrote:
>
> Hi Beata,
>
> I see Peter just picked this up, so I'm a bit late getting to it. I do
> have a couple comments below though.
>
> Thanks,
> drew
>
> On Fri, May 29, 2020 at 12:27:56PM +0100, Beata Michalska wrote:
> > On ARMv7 & ARMv8 some load/store instructions might trigger a data abort
> > exception with no valid ISS info to be decoded. The lack of decode info
> > makes it at least tricky to emulate those instruction which is one of the
> > (many) reasons why KVM will not even try to do so.
> >
> > Add support for handling those by requesting KVM to inject external
> > dabt into the quest.
> >
> > Signed-off-by: Beata Michalska 
> > ---
> >  target/arm/cpu.h |  2 ++
> >  target/arm/kvm.c | 64 
> > +++-
> >  target/arm/kvm_arm.h | 11 +
> >  3 files changed, 76 insertions(+), 1 deletion(-)
> >
> > diff --git a/target/arm/cpu.h b/target/arm/cpu.h
> > index 677584e..3702f21 100644
> > --- a/target/arm/cpu.h
> > +++ b/target/arm/cpu.h
> > @@ -570,6 +570,8 @@ typedef struct CPUARMState {
> >  uint64_t esr;
> >  } serror;
> >
> > +uint8_t ext_dabt_pending; /* Request for injecting ext DABT */
> > +
> >  /* State of our input IRQ/FIQ/VIRQ/VFIQ lines */
> >  uint32_t irq_line_state;
> >
> > diff --git a/target/arm/kvm.c b/target/arm/kvm.c
> > index 4bdbe6d..bf84224 100644
> > --- a/target/arm/kvm.c
> > +++ b/target/arm/kvm.c
> > @@ -39,6 +39,7 @@ const KVMCapabilityInfo kvm_arch_required_capabilities[] 
> > = {
> >
> >  static bool cap_has_mp_state;
> >  static bool cap_has_inject_serror_esr;
> > +static bool cap_has_inject_ext_dabt;
> >
> >  static ARMHostCPUFeatures arm_host_cpu_features;
> >
> > @@ -244,6 +245,16 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
> >  ret = -EINVAL;
> >  }
> >
> > +if (kvm_check_extension(s, KVM_CAP_ARM_NISV_TO_USER)) {
> > +if (kvm_vm_enable_cap(s, KVM_CAP_ARM_NISV_TO_USER, 0)) {
> > +error_report("Failed to enable KVM_CAP_ARM_NISV_TO_USER cap");
> > +} else {
> > +/* Set status for supporting the external dabt injection */
> > +cap_has_inject_ext_dabt = kvm_check_extension(s,
> > +KVM_CAP_ARM_INJECT_EXT_DABT);
> > +}
> > +}
> > +
> >  return ret;
> >  }
> >
> > @@ -703,9 +714,16 @@ int kvm_put_vcpu_events(ARMCPU *cpu)
> >  events.exception.serror_esr = env->serror.esr;
> >  }
> >
> > +if (cap_has_inject_ext_dabt) {
> > +events.exception.ext_dabt_pending = env->ext_dabt_pending;
> > +}
> > +
> >  ret = kvm_vcpu_ioctl(CPU(cpu), KVM_SET_VCPU_EVENTS, );
> >  if (ret) {
> >  error_report("failed to put vcpu events");
> > +} else {
> > +/* Clear instantly if the call was successful */
> > +env->ext_dabt_pending = 0;
> >  }
> >
> >  return ret;
> > @@ -819,7 +837,12 @@ int kvm_arch_handle_exit(CPUState *cs, struct kvm_run 
> > *run)
> >  ret = EXCP_DEBUG;
> >  } /* otherwise return to guest */
> >  break;
> > -default:
> > +case KVM_EXIT_ARM_NISV:
> > +/* External DABT with no valid iss to decode */
> > +ret = kvm_arm_handle_dabt_nisv(cs, run->arm_nisv.esr_iss,
> > +   run->arm_nisv.fault_ipa);
> > +break;
> > + default:
> >  qemu_log_mask(LOG_UNIMP, "%s: un-handled exit reason %d\n",
> >__func__, run->exit_reason);
> >  break;
> > @@ -955,3 +978,42 @@ int kvm_arch_msi_data_to_gsi(uint32_t data)
> >  {
> >  return (data - 32) & 0x;
> >  }
> > +
> > +int kvm_arm_handle_dabt_nisv(CPUState *cs, uint64_t esr_iss,
> > + uint64_t fault_ipa)
>
> This function could be static since it's in the same file as its one
> and only caller.
>
Right. Will do.

> > +{
> > +ARMCPU *cpu = ARM_CPU(cs);
> > +CPUARMState *env = >env;
> > +
> > +   /*
> > +* ISS [23:14] is invalid so there is a limited info
> > +* on what has just happened so the only *useful* thing that can
> > +* be retrieved from ISS is WnR & DFSC (though in some cases WnR
> > +* might be less of a value as well)
> > +*/
> > +
> > +/*
> > + * Request KVM to inject the external data abort into the guest
> > + * by setting a pending exception on the affected vcpu.
> > + */
> > +if (cap_has_inject_ext_dabt) {
> > +/* Set pending exception */
> > +env->ext_dabt_pending = 1;
> > +/*
> > + * Even though at this point, the vcpu regs are out of sync,
> > + * directly calling the KVM_SET_VCPU_EVENTS ioctl without
> > + * explicitly synchronizing those, is enough and it also avoids
> > + * overwriting changes done by KVM.
> > + * The vcpu is not being marked as 'dirty' as all the changes
> > +   

Re: [PATCH 0/3] Add OpenSBI dynamic firmware support

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200616192700.1900260-1-atish.pa...@wdc.com/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  CC  qga/commands.o
  CC  qga/guest-agent-command-state.o
  CC  qga/main.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `  CC  qga/commands-posix.o
__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  CC  qga/channel-posix.o
  CC  qga/qapi-generated/qga-qapi-types.o
---
  GEN docs/interop/qemu-ga-ref.html
  GEN docs/interop/qemu-ga-ref.txt
  GEN docs/interop/qemu-ga-ref.7
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-ga
  LINKqemu-keymap
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-client
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-server
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
  AS  pc-bios/optionrom/multiboot.o
  AS  pc-bios/optionrom/linuxboot.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  CC  pc-bios/optionrom/linuxboot_dma.o
  AS  pc-bios/optionrom/kvmvapic.o
  AS  pc-bios/optionrom/pvh.o
---
  BUILD   pc-bios/optionrom/multiboot.raw
  BUILD   pc-bios/optionrom/linuxboot.raw
  BUILD   pc-bios/optionrom/kvmvapic.raw
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  SIGNpc-bios/optionrom/multiboot.bin
  SIGNpc-bios/optionrom/linuxboot.bin
  SIGNpc-bios/optionrom/kvmvapic.bin
  LINKfsdev/virtfs-proxy-helper
  LINKscsi/qemu-pr-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  BUILD   pc-bios/optionrom/linuxboot_dma.img
  BUILD   pc-bios/optionrom/linuxboot_dma.raw
  SIGNpc-bios/optionrom/linuxboot_dma.bin
  LINKqemu-bridge-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by 

Re: [PATCH 0/1] configure: prefer python's sphinx module

[no-reply]

Patchew URL: https://patchew.org/QEMU/20200616190942.24624-1-js...@redhat.com/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  CC  qga/main.o
  CC  qga/channel-posix.o
  CC  qga/commands-posix.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  CC  qga/qapi-generated/qga-qapi-types.o
  CC  qga/qapi-generated/qga-qapi-visit.o
  CC  qga/qapi-generated/qga-qapi-commands.o
---
  AR  libqemuutil.a
  CC  qemu-img.o
  AR  libvhost-user.a
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AS  pc-bios/optionrom/multiboot.o
  AS  pc-bios/optionrom/linuxboot.o
  AS  pc-bios/optionrom/kvmvapic.o
---
  SIGNpc-bios/optionrom/multiboot.bin
  SIGNpc-bios/optionrom/kvmvapic.bin
  SIGNpc-bios/optionrom/pvh.bin
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-server
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-img
  LINKqemu-io
  LINKqemu-edid
  LINKfsdev/virtfs-proxy-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKscsi/qemu-pr-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-bridge-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKvirtiofsd
  LINKvhost-user-input
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 

Re: [PATCH 0/1] configure: prefer python's sphinx module

[no-reply]

Patchew URL: https://patchew.org/QEMU/20200616190942.24624-1-js...@redhat.com/



Hi,

This series failed the docker-mingw@fedora build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#! /bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-mingw@fedora J=14 NETWORK=1
=== TEST SCRIPT END ===

--enable-werror --target-list=x86_64-softmmu,aarch64-softmmu 
--prefix=/tmp/qemu-test/install --python=/usr/bin/python3 
--cross-prefix=x86_64-w64-mingw32- --enable-trace-backends=simple 
--enable-gnutls --enable-nettle --enable-curl --enable-vnc --enable-bzip2 
--enable-guest-agent --enable-docs
Warning: /usr/bin/python3 -B -m sphinx exists but it is either too old or uses 
too old a Python version

ERROR: User requested feature docs
   configure was not able to find it.
   Install texinfo, Perl/perl-podlators and a Python 3 version of 
python-sphinx

---
funcs: do_compiler do_cc compile_object check_define main
lines: 93 123 628 654 0
x86_64-w64-mingw32-gcc -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE 
-Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings 
-Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -c -o 
config-temp/qemu-conf.o config-temp/qemu-conf.c
config-temp/qemu-conf.c:2:2: error: #error __linux__ not defined
2 | #error __linux__ not defined
  |  ^

---
funcs: do_compiler do_cc compile_object check_define main
lines: 93 123 628 706 0
x86_64-w64-mingw32-gcc -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE 
-Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings 
-Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -c -o 
config-temp/qemu-conf.o config-temp/qemu-conf.c
config-temp/qemu-conf.c:2:2: error: #error __i386__ not defined
2 | #error __i386__ not defined
  |  ^

---
funcs: do_compiler do_cc compile_object check_define main
lines: 93 123 628 709 0
x86_64-w64-mingw32-gcc -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE 
-Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings 
-Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -c -o 
config-temp/qemu-conf.o config-temp/qemu-conf.c
config-temp/qemu-conf.c:2:2: error: #error __ILP32__ not defined
2 | #error __ILP32__ not defined
  |  ^

---
lines: 93 129 962 0
x86_64-w64-mingw32-gcc -mthreads -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef 
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv 
-std=gnu99 -o config-temp/qemu-conf.exe config-temp/qemu-conf.c -liberty
/usr/lib/gcc/x86_64-w64-mingw32/9.2.1/../../../../x86_64-w64-mingw32/bin/ld: 
cannot find -liberty
collect2: error: ld returned 1 exit status

funcs: do_compiler do_cc compile_object main
lines: 93 123 1956 0
---
funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 93 129 2037 2041 0
x86_64-w64-mingw32-gcc -m64 -mcx16 -mthreads -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes 
-Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes 
-fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -Werror -Wstring-plus-int 
-o config-temp/qemu-conf.exe config-temp/qemu-conf.c -m64
x86_64-w64-mingw32-gcc: error: unrecognized command line option 
'-Wstring-plus-int'

funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 93 129 2037 2041 0
x86_64-w64-mingw32-gcc -m64 -mcx16 -mthreads -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes 
-Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes 
-fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -Werror 
-Wtypedef-redefinition -o config-temp/qemu-conf.exe config-temp/qemu-conf.c -m64
x86_64-w64-mingw32-gcc: error: unrecognized command line option 
'-Wtypedef-redefinition'

funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 93 129 2037 2041 0
x86_64-w64-mingw32-gcc -m64 -mcx16 -mthreads -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes 
-Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes 
-fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -Werror 
-Winitializer-overrides -o config-temp/qemu-conf.exe config-temp/qemu-conf.c 
-m64
x86_64-w64-mingw32-gcc: error: unrecognized command line option 
'-Winitializer-overrides'

funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 93 129 2037 2041 0
---
x86_64-w64-mingw32-gcc -fno-pie -m64 -mcx16 -mthreads -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes 
-Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes 
-fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -Wexpansion-to-defined 
-Wendif-labels -Wno-shift-negative-value -Wno-missing-include-dirs -Wempty-body 
-Wnested-externs 

Re: [PATCH V5] util/oslib-posix : qemu_init_exec_dir implementation for Mac

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/ca+xhmqxwc10xhvs4z-jfe0-wlau3ztduu9qkvi31mjr59hw...@mail.gmail.com/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  GEN docs/interop/qemu-ga-ref.html
  GEN docs/interop/qemu-ga-ref.txt
  GEN docs/interop/qemu-ga-ref.7
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AS  pc-bios/optionrom/multiboot.o
  AS  pc-bios/optionrom/linuxboot.o
  CC  pc-bios/optionrom/linuxboot_dma.o
---
  SIGNpc-bios/optionrom/linuxboot_dma.bin
  SIGNpc-bios/optionrom/pvh.bin
  LINKqemu-ga
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-keymap
  LINKivshmem-client
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-server
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-img
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-io
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-edid
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKfsdev/virtfs-proxy-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKscsi/qemu-pr-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-bridge-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKvirtiofsd
  LINKvhost-user-input
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 

Re: [PATCH 00/21] target/arm: Finish neon decodetree conversion

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200616170844.13318-1-peter.mayd...@linaro.org/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  CC  qga/guest-agent-command-state.o
  CC  qga/main.o
  CC  qga/commands-posix.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  CC  qga/channel-posix.o
  CC  qga/qapi-generated/qga-qapi-types.o
  CC  qga/qapi-generated/qga-qapi-visit.o
---
  AR  libvhost-user.a
  GEN docs/interop/qemu-ga-ref.html
  GEN docs/interop/qemu-ga-ref.txt
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  GEN docs/interop/qemu-ga-ref.7
  LINKqemu-keymap
  LINKivshmem-client
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-server
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AS  pc-bios/optionrom/multiboot.o
  AS  pc-bios/optionrom/linuxboot.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
  CC  pc-bios/optionrom/linuxboot_dma.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AS  pc-bios/optionrom/kvmvapic.o
  AS  pc-bios/optionrom/pvh.o
  CC  pc-bios/optionrom/pvh_main.o
---
  SIGNpc-bios/optionrom/linuxboot.bin
  SIGNpc-bios/optionrom/linuxboot_dma.bin
  SIGNpc-bios/optionrom/kvmvapic.bin
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  BUILD   pc-bios/optionrom/pvh.raw
  SIGNpc-bios/optionrom/pvh.bin
  LINKqemu-io
  LINKqemu-edid
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKfsdev/virtfs-proxy-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKscsi/qemu-pr-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-bridge-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKvirtiofsd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 

Re: [PATCH v3 0/3] python/machine.py: refactor shutdown

[Cleber Rosa]

On Mon, Jun 15, 2020 at 05:21:18PM +0200, Philippe Mathieu-Daudé wrote:
> On 6/9/20 11:55 PM, John Snow wrote:
> > 
> > 
> > On 6/9/20 9:08 AM, Philippe Mathieu-Daudé wrote:
> >> Hi John,
> >>
> >> On 6/4/20 9:52 PM, John Snow wrote:
> >>> v3:
> >>>  - Split _post_shutdown refactor into own patch (now 1/3)
> >>>  - Re-add sigkill warning squelch (now 3/3)
> >>>
> >>> NOTE: I re-added the squelch in its own patch for review purposes, but
> >>> for the purposes of avoiding temporary breakage, a maintainer may wish
> >>> to squash patches 2 and 3 if they are accepted.
> >>>
> >>> v2: Philippe took patches 1, 3 and 4.
> >>>
> >>> This is a re-write of what was:
> >>> [PATCH RFC 03/32] python//machine.py: remove bare except
> >>> [PATCH 2/4] python/machine.py: remove bare except
> >>>
> >>> It's a bit heavier handed, but it should address some of kwolf's
> >>> feedback from the RFC version.
> >>>
> >>> Applies straight to origin/master, ought to pass pylint and flake8:
> >>>
>  cd ~/src/qemu/python/qemu
>  pylint *.py
>  flake8 *.py
> >>>
> >>> John Snow (3):
> >>>   python/machine.py: consolidate _post_shutdown()
> >>>   python/machine.py: refactor shutdown
> >>>   python/machine.py: re-add sigkill warning suppression
> >>>
> >>>  python/qemu/machine.py | 100 +
> >>>  1 file changed, 71 insertions(+), 29 deletions(-)
> >>>
> >>
> >> I'm now seeing this error:
> >>
> >> 21:31:58 DEBUG| / # reboot
> >> 21:32:01 DEBUG| / # reboot: Restarting system
> >> 21:32:01 DEBUG| >>> {'execute': 'quit'}
> >> 21:32:01 WARNI| qemu received signal 9; command:
> >> "mips-softmmu/qemu-system-mips -display none -vga none -chardev
> >> socket,id=mon,path=/tmp/tmp679upvrk/qemu-10292-monitor.sock -mon
> >> chardev=mon,mode=control -machine malta -chardev
> >> socket,id=console,path=/tmp/tmp679upvrk/qemu-10292-console.sock,server,nowait
> >> -serial chardev:console -kernel
> >> /tmp/avocado_b3aaagr9/avocado_job_5bj0xe1h/12-tests_acceptance_boot_linux_console.py_BootLinuxConsole.test_mips_malta_cpio/boot/vmlinux-4.5.0-2-4kc-malta
> >> -initrd
> >> /tmp/avocado_b3aaagr9/avocado_job_5bj0xe1h/12-tests_acceptance_boot_linux_console.py_BootLinuxConsole.test_mips_malta_cpiorootfs.cpio
> >> -append printk.time=0 console=ttyS0 console=tty rdinit=/sbin/init
> >> noreboot -no-reboot"
> >> 21:32:01 ERROR|
> >> 21:32:01 ERROR| Reproduced traceback from:
> >> /home/travis/build/philmd/qemu/build/tests/venv/lib/python3.6/site-packages/avocado/core/test.py:886
> >> 21:32:01 ERROR| Traceback (most recent call last):
> >> 21:32:01 ERROR|   File
> >> "/home/travis/build/philmd/qemu/build/tests/acceptance/avocado_qemu/__init__.py",
> >> line 195, in tearDown
> >> 21:32:01 ERROR| vm.shutdown()
> >> 21:32:01 ERROR|   File
> >> "/home/travis/build/philmd/qemu/python/qemu/machine.py", line 449, in
> >> shutdown
> >> 21:32:01 ERROR| self._do_shutdown(has_quit)
> >> 21:32:01 ERROR|   File
> >> "/home/travis/build/philmd/qemu/python/qemu/machine.py", line 426, in
> >> _do_shutdown
> >> 21:32:01 ERROR| self._soft_shutdown(has_quit, timeout)
> >> 21:32:01 ERROR|   File
> >> "/home/travis/build/philmd/qemu/python/qemu/machine.py", line 413, in
> >> _soft_shutdown
> >> 21:32:01 ERROR| self._qmp.cmd('quit')
> >> 21:32:01 ERROR|   File
> >> "/home/travis/build/philmd/qemu/python/qemu/qmp.py", line 271, in cmd
> >> 21:32:01 ERROR| return self.cmd_obj(qmp_cmd)
> >> 21:32:01 ERROR|   File
> >> "/home/travis/build/philmd/qemu/python/qemu/qmp.py", line 249, in cmd_obj
> >> 21:32:01 ERROR| 
> >> self.__sock.sendall(json.dumps(qmp_cmd).encode('utf-8'))
> >> 21:32:01 ERROR| BrokenPipeError: [Errno 32] Broken pipe
> >> 21:32:01 ERROR|
> >> 21:32:01 DEBUG| DATA (filename=output.expected) => NOT FOUND (data
> >> sources: variant, test, file)
> >> 21:32:01 DEBUG| DATA (filename=stdout.expected) => NOT FOUND (data
> >> sources: variant, test, file)
> >> 21:32:01 DEBUG| DATA (filename=stderr.expected) => NOT FOUND (data
> >> sources: variant, test, file)
> >> 21:32:01 DEBUG| Not logging /var/log/syslog (lack of permissions)
> >> 21:32:01 ERROR| ERROR
> >> 12-tests/acceptance/boot_linux_console.py:BootLinuxConsole.test_mips_malta_cpio
> >> -> TestSetupFail: [Errno 32] Broken pipe
> >> 21:32:01 INFO |
> >>
> >> https://travis-ci.org/github/philmd/qemu/jobs/696142277#L5329
> >>
> > 
> > Gotcha.
> > 
> > The problem here is that `test_mips_malta_cpio` in boot_linux_console.py
> > does this:
> > 
> > self.vm.add_args('-kernel', kernel_path,
> >  '-initrd', initrd_path,
> >  '-append', kernel_command_line,
> >  '-no-reboot')
> > 
> > and then:
> > 
> > exec_command_and_wait_for_pattern(self, 'reboot',
> >  'reboot: Restarting system')
> > 
> > and (in avocado_qemu/) __init__.py does this:
> > 
> > def tearDown(self):
> > for vm in self._vms.values():
> > vm.shutdown()
> > 
> > 
> > 
> 

Re: [PATCH v4 1/3] qmp.py: change event_wait to use a dict

[Eric Blake]

On 5/14/20 2:31 PM, John Snow wrote:



Nah, it's fine. I'll clean it up. This is pretty close to an RFC series
anyway, so I didn't really polish it.

(Or, I will try to clean it up. I probably won't work on it again in the
near term. I think I just wanted to see if this seemed useful in general
to people.


Ah, there isn't much missing for this series, though. We don't have to
wait for a fix-the-world series when we can incrementally improve
things.



Alright, I'll try to hit it halfway -- I spent some time thinking about
a "full" job running framework but ran into some dead-ends I wasn't too
happy with, and wasn't convinced this was a simplification of any kind.

Still, seeing part of the job running code get duplicated in 040 was a
motivation to try and provide some universal job-running monster that
would be extensible for nearly any task.

Unfortunately that complexity does generally make the calling sites look
worse, so I cooled off on the idea since.

So I did intend this as an RFC, because I'm not really 100% happy with
the design.


I noticed that the block-dirty-bitmap-populate series depends on this 
one; is it going to be simpler for me to fix the few things that Kevin 
pointed out here, or to wait for you to post a v5 of this series, or to 
rewrite the iotest in that series to not depend on JobRunner after all?


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: [PATCH 00/21] target/arm: Finish neon decodetree conversion

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200616170844.13318-1-peter.mayd...@linaro.org/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Subject: [PATCH 00/21] target/arm: Finish neon decodetree conversion
Type: series
Message-id: 20200616170844.13318-1-peter.mayd...@linaro.org

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
f6e3d71 target/arm: Move some functions used only in translate-neon.inc.c to 
that file
4a2df60 target/arm: Convert Neon VTRN to decodetree
26f74d6 target/arm: Convert Neon VSWP to decodetree
7a0fa02 target/arm: Convert Neon 2-reg-misc VCVT insns to decodetree
73198e7 target/arm: Convert Neon 2-reg-misc VRINT insns to decodetree
0908381 target/arm: Convert Neon 2-reg-misc fp-compare-with-zero insns to 
decodetree
f6d72da target/arm: Convert simple fp Neon 2-reg-misc insns
3ef1127 target/arm: Convert Neon VQABS, VQNEG to decodetree
624f399 target/arm: Convert remaining simple 2-reg-misc Neon ops
9bb8fa6 target/arm: Convert Neon 2-reg-misc VREV32 and VREV16 to decodetree
3535d27 target/arm: Make gen_swap_half() take separate src and dest
2eac819 target/arm: Fix capitalization in NeonGenTwo{Single, Double}OPFn 
typedefs
e30825b target/arm: Rename NeonGenOneOpFn to NeonGenOne64OpFn
7d1109a target/arm: Convert Neon 2-reg-misc crypto operations to decodetree
9d87342 target/arm: Convert vectorised 2-reg-misc Neon ops to decodetree
605ae75 target/arm: Convert Neon VCVT f16/f32 insns to decodetree
5fb6c16 target/arm: Convert Neon 2-reg-misc VSHLL to decodetree
e2e99ab target/arm: Convert Neon narrowing moves to decodetree
3dde5dd target/arm: Convert VZIP, VUZP to decodetree
3ed7eaf target/arm: Convert Neon 2-reg-misc pairwise ops to decodetree
37f7428 target/arm: Convert Neon 2-reg-misc VREV64 to decodetree

=== OUTPUT BEGIN ===
1/21 Checking commit 37f7428534e5 (target/arm: Convert Neon 2-reg-misc VREV64 
to decodetree)
2/21 Checking commit 3ed7eaff8f5f (target/arm: Convert Neon 2-reg-misc pairwise 
ops to decodetree)
3/21 Checking commit 3dde5ddb764b (target/arm: Convert VZIP, VUZP to decodetree)
4/21 Checking commit e2e99ab61e59 (target/arm: Convert Neon narrowing moves to 
decodetree)
5/21 Checking commit 5fb6c161af86 (target/arm: Convert Neon 2-reg-misc VSHLL to 
decodetree)
6/21 Checking commit 605ae75d2431 (target/arm: Convert Neon VCVT f16/f32 insns 
to decodetree)
7/21 Checking commit 9d87342857c8 (target/arm: Convert vectorised 2-reg-misc 
Neon ops to decodetree)
8/21 Checking commit 7d1109aae4db (target/arm: Convert Neon 2-reg-misc crypto 
operations to decodetree)
9/21 Checking commit e30825bbd0a4 (target/arm: Rename NeonGenOneOpFn to 
NeonGenOne64OpFn)
10/21 Checking commit 2eac8198e699 (target/arm: Fix capitalization in 
NeonGenTwo{Single, Double}OPFn typedefs)
11/21 Checking commit 3535d2721010 (target/arm: Make gen_swap_half() take 
separate src and dest)
ERROR: trailing statements should be on next line
#50: FILE: target/arm/translate.c:4963:
+case 1: gen_swap_half(tmp, tmp); break;

total: 1 errors, 0 warnings, 43 lines checked

Patch 11/21 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

12/21 Checking commit 9bb8fa6a3658 (target/arm: Convert Neon 2-reg-misc VREV32 
and VREV16 to decodetree)
13/21 Checking commit 624f399e8573 (target/arm: Convert remaining simple 
2-reg-misc Neon ops)
14/21 Checking commit 3ef11275c669 (target/arm: Convert Neon VQABS, VQNEG to 
decodetree)
15/21 Checking commit f6d72da4c6fc (target/arm: Convert simple fp Neon 
2-reg-misc insns)
16/21 Checking commit 090838197cf0 (target/arm: Convert Neon 2-reg-misc 
fp-compare-with-zero insns to decodetree)
17/21 Checking commit 73198e721bff (target/arm: Convert Neon 2-reg-misc VRINT 
insns to decodetree)
18/21 Checking commit 7a0fa02240e2 (target/arm: Convert Neon 2-reg-misc VCVT 
insns to decodetree)
19/21 Checking commit 26f74d6de184 (target/arm: Convert Neon VSWP to decodetree)
20/21 Checking commit 4a2df6081512 (target/arm: Convert Neon VTRN to decodetree)
21/21 Checking commit f6e3d7186b3e (target/arm: Move some functions used only 
in translate-neon.inc.c to that file)
WARNING: Block comments use a leading /* on a separate line
#28: FILE: target/arm/translate-neon.inc.c:57:
+/* Return the offset of a 2**SIZE piece of a NEON register, at index ELE,

WARNING: Block comments use a leading /* on a separate line
#37: FILE: target/arm/translate-neon.inc.c:66:
+/* Calculate the offset assuming fully little-endian,

total: 0 errors, 2 warnings, 226 lines checked

Patch 21/21 has style problems, please review.  If any of these errors
are 

Re: [PATCH v2] kvm: i386: allow TSC to differ by NTP correction bounds without TSC scaling

[no-reply]

Patchew URL: https://patchew.org/QEMU/20200616165805.ga324...@fuller.cnet/



Hi,

This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===

  GEN tools/virtiofsd/50-qemu-virtiofsd.json
  CC  contrib/vhost-user-input/main.o
  LINKtests/qemu-iotests/socket_scm_helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  GEN docs/interop/qemu-qmp-ref.html
  GEN docs/interop/qemu-qmp-ref.txt
  GEN docs/interop/qemu-qmp-ref.7
---
  AR  libqemuutil.a
  LINKelf2dmp
  CC  qemu-img.o
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-io
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-edid
  BUILD   pc-bios/optionrom/linuxboot_dma.img
  BUILD   pc-bios/optionrom/pvh.img
---
  BUILD   pc-bios/optionrom/pvh.raw
  SIGNpc-bios/optionrom/pvh.bin
  LINKfsdev/virtfs-proxy-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKscsi/qemu-pr-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-bridge-helper
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  AR  libvhost-user.a
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  GEN docs/interop/qemu-ga-ref.html
  GEN docs/interop/qemu-ga-ref.txt
  GEN docs/interop/qemu-ga-ref.7
  LINKqemu-keymap
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKivshmem-client
  LINKivshmem-server
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-nbd
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
  LINKqemu-storage-daemon
  LINKvirtiofsd
  LINKvhost-user-input
  LINKqemu-ga
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 warning: common of `__interception::real_vfork' overridden by definition from 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors.cpp.o)
/usr/bin/ld: 
/usr/lib64/clang/10.0.0/lib/linux/libclang_rt.asan-x86_64.a(asan_interceptors_vfork.S.o):
 

[Bug 1883784] Re: [ppc64le] qemu behavior differs from ppc64le hardware

[Alex Bennée]

** Tags added: tcg testcase

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1883784

Title:
  [ppc64le] qemu behavior differs from ppc64le hardware

Status in QEMU:
  New

Bug description:
  I have some code which passes my test suite on PPC64LE hardware when
  compiled with GCC 10, but the saem binary fails with both qemu-ppc64le
  4.2 (on Fedora 32) and qemu-ppc64le-static 5.0.0 (Debian testing).

  I'm not getting any errors about illegal instructions or anything,
  like that; the results are just silently different on qemu.

  I've generated a reduced test case, which is attached along with the
  binaries (both are the same code, one is just statically linked).
  They should execute successufully on PPC64LE hardware, but on qemu
  they hit a __builtin_abort (because the computed value doesn't match
  the expected value).

  Without being familiar with PPC assembly I'm not sure what else I can
  do, but if there is anything please let me know.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1883784/+subscriptions

Re: [PATCH 4/5] block, migration: add bdrv_flush_vmstate helper

[Denis V. Lunev]

On 6/17/20 12:11 AM, Eric Blake wrote:
> On 6/16/20 11:20 AM, Denis V. Lunev wrote:
>> Right now bdrv_fclose() is just calling bdrv_flush().
>>
>> The problem is that migration code is working inefficently from black
>
> inefficiently, block
>
>> layer terms and are frequently called for very small pieces of not
>> properly aligned data. Block layer is capable to work this way, but
>
> s/not properly aligned/unaligned/
>
>> this is very slow.
>>
>> This patch is a preparation for the introduction of the intermediate
>> buffer at block driver state. It would be beneficial to separate
>> conventional bdrv_flush() from closing QEMU file from migration code.
>>
>> The patch also forces bdrv_flush_vmstate() operation inside
>> synchronous blk_save_vmstate() operation. This helper is used from
>> qemu-io only.
>>
>
>> +++ b/block/block-backend.c
>> @@ -2177,16 +2177,20 @@ int blk_truncate(BlockBackend *blk, int64_t
>> offset, bool exact,
>>   int blk_save_vmstate(BlockBackend *blk, const uint8_t *buf,
>>    int64_t pos, int size)
>>   {
>> -    int ret;
>> +    int ret, ret2;
>>     if (!blk_is_available(blk)) {
>>   return -ENOMEDIUM;
>>   }
>>     ret = bdrv_save_vmstate(blk_bs(blk), buf, pos, size);
>> +    ret2 = bdrv_flush_vmstate(blk_bs(blk));
>
> Do you really want to be attempting bdrv_flush_vmstate() even after
> bdrv_save_vmstate() failed?  Better might be...
>
>>   if (ret < 0) {
>>   return ret;
>>   }
>
> ...attempting it here, at which point it looks like the only reason
> you need ret2 is to preserve ret long enough...
no, I would like to be sure that intermediate state is always cleared at
the end.
In the next patch I am going to put intermediate buffer to
BlockDriverState and thus it has to be removed in any case.

May be flush would be a bad name... clean or finalize?

>
>> +    if (ret2 < 0) {
>> +    return ret2;
>> +    }
>>     if (ret == size && !blk->enable_write_cache) {
>
> ...for this check.  But a quick look at bdrv_save_vmstate() says this
> check is dead: the function can only return negative error or exactly
> size, and we already filtered out negative error above.
>
>
hmm. you are right. good point. this check is dead.
Worth to remove :) I'll add this as a separate patch.

Den

Re: [PATCH for-5.1 V4 1/4] hw/mips: Implement the kvm_type() hook in MachineClass

[Aleksandar Markovic]

уторак, 16. јун 2020., Huacai Chen  је написао/ла:

> Hi, Thomas and Aleksandar,
>
> On Tue, Jun 16, 2020 at 3:45 AM Aleksandar Markovic
>  wrote:
> >
> > On Mon, Jun 15, 2020 at 10:55 AM Thomas Huth  wrote:
> > >
> > > On 15/06/2020 02.52, Huacai Chen wrote:
> > > > Hi, Aleksandar,
> > > >
> > > > On Sun, Jun 14, 2020 at 4:07 PM Aleksandar Markovic
> > > >  wrote:
> > > >>
> > > >>
> > > >>
> > > >> уто, 2. јун 2020. у 04:38 Huacai Chen  је
> написао/ла:
> > > >>>
> > > >>> MIPS has two types of KVM: TE & VZ, and TE is the default type.
> Now we
> > > >>> can't create a VZ guest in QEMU because it lacks the kvm_type()
> hook in
> > > >>> MachineClass. Besides, libvirt uses a null-machine to detect the
> kvm
> > > >>> capability, so by default it will return "KVM not supported" on a
> VZ
> > > >>> platform. Thus, null-machine also need the kvm_type() hook.
> > > >>>
> > > >>> Reviewed-by: Aleksandar Markovic 
> > > >>> Signed-off-by: Huacai Chen 
> > > >>> Co-developed-by: Jiaxun Yang 
> > > >>> ---
> > > >>
> > > >> Huacai,
> > > >>
> > > >> Please take a look at Peter's remarks at:
> > > >>
> > > >> https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg01878.html
> > > >>
> > > >> ...and refactor this patch for v5. My general advice: The simpler,
> the batter.
> > > >>
> > > > OK, I will rework this patch.
> > >
> > >  Hi,
> > >
> > > is there maybe also a way to do this without moving null-machine.o from
> > > common-obj-y to obj-y, and to avoid the target-specific hacks in this
> > > file ? We just moved the null-machine from obj-y to common-obj-y two
> > > years ago (see commit 3858ff763985fb9e), since it's more desirable to
> > > have as much code in common-obj to save compilation time and maybe to
> be
> > > able to link a qemu with more than one target CPU in one binary one
> day...
> > >
> > > ppc64 has also more than one kvm_type (kvm-hv and kvm-pr), and
> > > apparently it also works without hacks to the null-machine code there
> > > ... so maybe you can peek into the ppc64 code to see how it is solved
> there?
> > >
> >
> > Hi, Huacai,
> >
> > I think the optimal outcome for this release of QEMU would be if you
> > drop support for VZ. I think your scenario could work without VZ,
> > couldn't it?
> >
> > This is a fairly complex thing, and, as you see, it is a little
> > intrusive, it could negatively impact other targets. With enough
> > development time, you can easily provide that support in 5.2. - but
> > now we are close to 5.1 softfreeze.
> >
> > Even without VZ support, I would consider your contribution the most
> > significant for MIPS target in last two years, at least - a giant step
> > ahead!
> There are two problems: 1, qemu need kvm_type() to create a normal KVM
> guest. 2, libvirt use the null-machine to detect the KVM capability.
> For the first problem, just provide a kvm_type() hook for MIPS is
> enough, which is similar to ppc64. For the second problem, I think
> libvirt is also unable to detect the KVM capabilty on ppc64, unless
> ppc64 do the same hack on null-machine.
>
> V5 of this patch will only provide kvm_type() for MIPS (not hack
> null-machine.c), but all of us should think how to solve the second
> problem.
>
>
I think this is a good approach, Huacai. Looking forward to v5.

May health be with you,

Aleksandar




> Huacai
> >
> > Best Regards,
> > Aleksandar
> >
> > >  Thomas
> > >
> > >
> > > >>>  hw/core/Makefile.objs  |  2 +-
> > > >>>  hw/core/null-machine.c |  4 
> > > >>>  hw/mips/Makefile.objs  |  2 +-
> > > >>>  hw/mips/common.c   | 42 ++
> 
> > > >>>  include/hw/mips/mips.h |  3 +++
> > > >>>  5 files changed, 51 insertions(+), 2 deletions(-)
> > > >>>  create mode 100644 hw/mips/common.c
> > > >>>
> > > >>> diff --git a/hw/core/Makefile.objs b/hw/core/Makefile.objs
> > > >>> index 1d540ed..b5672f4 100644
> > > >>> --- a/hw/core/Makefile.objs
> > > >>> +++ b/hw/core/Makefile.objs
> > > >>> @@ -17,11 +17,11 @@ common-obj-$(CONFIG_SOFTMMU) +=
> vm-change-state-handler.o
> > > >>>  common-obj-$(CONFIG_SOFTMMU) += qdev-properties-system.o
> > > >>>  common-obj-$(CONFIG_SOFTMMU) += sysbus.o
> > > >>>  common-obj-$(CONFIG_SOFTMMU) += machine.o
> > > >>> -common-obj-$(CONFIG_SOFTMMU) += null-machine.o
> > > >>>  common-obj-$(CONFIG_SOFTMMU) += loader.o
> > > >>>  common-obj-$(CONFIG_SOFTMMU) += machine-hmp-cmds.o
> > > >>>  common-obj-$(CONFIG_SOFTMMU) += numa.o
> > > >>>  common-obj-$(CONFIG_SOFTMMU) += clock-vmstate.o
> > > >>> +obj-$(CONFIG_SOFTMMU) += null-machine.o
> > > >>>  obj-$(CONFIG_SOFTMMU) += machine-qmp-cmds.o
> > > >>>
> > > >>>  common-obj-$(CONFIG_EMPTY_SLOT) += empty_slot.o
> > > >>> diff --git a/hw/core/null-machine.c b/hw/core/null-machine.c
> > > >>> index cb47d9d..94a36f9 100644
> > > >>> --- a/hw/core/null-machine.c
> > > >>> +++ b/hw/core/null-machine.c
> > > >>> @@ -17,6 +17,7 @@
> > > >>>  #include "sysemu/sysemu.h"
> > > >>>  #include "exec/address-spaces.h"
> > > >>>  #include 

Re: [PATCH 4/5] block, migration: add bdrv_flush_vmstate helper

[Eric Blake]

On 6/16/20 11:20 AM, Denis V. Lunev wrote:

Right now bdrv_fclose() is just calling bdrv_flush().

The problem is that migration code is working inefficently from black


inefficiently, block


layer terms and are frequently called for very small pieces of not
properly aligned data. Block layer is capable to work this way, but


s/not properly aligned/unaligned/


this is very slow.

This patch is a preparation for the introduction of the intermediate
buffer at block driver state. It would be beneficial to separate
conventional bdrv_flush() from closing QEMU file from migration code.

The patch also forces bdrv_flush_vmstate() operation inside
synchronous blk_save_vmstate() operation. This helper is used from
qemu-io only.




+++ b/block/block-backend.c
@@ -2177,16 +2177,20 @@ int blk_truncate(BlockBackend *blk, int64_t offset, 
bool exact,
  int blk_save_vmstate(BlockBackend *blk, const uint8_t *buf,
   int64_t pos, int size)
  {
-int ret;
+int ret, ret2;
  
  if (!blk_is_available(blk)) {

  return -ENOMEDIUM;
  }
  
  ret = bdrv_save_vmstate(blk_bs(blk), buf, pos, size);

+ret2 = bdrv_flush_vmstate(blk_bs(blk));


Do you really want to be attempting bdrv_flush_vmstate() even after 
bdrv_save_vmstate() failed?  Better might be...



  if (ret < 0) {
  return ret;
  }


...attempting it here, at which point it looks like the only reason you 
need ret2 is to preserve ret long enough...



+if (ret2 < 0) {
+return ret2;
+}
  
  if (ret == size && !blk->enable_write_cache) {


...for this check.  But a quick look at bdrv_save_vmstate() says this 
check is dead: the function can only return negative error or exactly 
size, and we already filtered out negative error above.



--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: Accessing the Metal graphics API with OSX as VM client

[Peter Maydell]

On Tue, 16 Jun 2020 at 21:26, Trystan Larey-Williams
 wrote:
> I'm trying to get a sense of where QEMU headed in terms of supporting
> Apple's Metal API. Apple will likely be removing OpenGL support entirely
> from OSX, perhaps as early as the next major release of OSX in Sep/Oct.

QEMU on OSX hosts has somewhere between few and no active developers
(almost everybody in the upstream community is on a Linux host) so
the default answer is that we're not headed anywhere. I think that
this is not going to be a loss of functionality because right now we
don't support GL acceleration on OSX hosts either (because there's
no virglrenderer there).

Gerd might know what would be the best approach to virtio-gpu on
an OSX host if there were developers interested in working on it.

> Information on support for graphics acceleration on an OSX client using

[side note: not sure what you mean by "client": host, or guest ?]

> Metal instead of OpenGL seems non-existent. From the QEMU documentation
> I gather there are a few ways to 'pass through' a device natively to the
> VM. Would this be the only way to currently access Metal on OSX? Has
> anyone actually tried this?

Does PCI passthrough work on OSX hosts? My default assumption would be
"no, it doesn't" -- the way we do passthrough on Linux hosts
depends on Linux-specific APIs (VFIO). If you meant "device
passthrough from a Linux host to an OSX guest" there's no reason
in theory why that shouldn't work, if OSX has drivers for whatever
the passed-through hardware is. Equally, if there were a
hypothetical OSX Metal driver for virtio-gpu you could use that.

thanks
-- PMM

[PATCH] target/i386: reimplement fyl2xp1 using floatx80 operations

[Joseph Myers]

The x87 fyl2xp1 emulation is currently based around conversion to
double.  This is inherently unsuitable for a good emulation of any
floatx80 operation, even before considering that it is a particularly
naive implementation using double (adding 1 then using log rather than
attempting a better emulation using log1p).

Reimplement using the soft-float operations, as was done for f2xm1; as
in that case, m68k has related operations but not exactly this one and
it seemed safest to implement directly rather than reusing the m68k
code to avoid accumulation of errors.

A test is included with many randomly generated inputs.  The
assumption of the test is that the result in round-to-nearest mode
should always be one of the two closest floating-point numbers to the
mathematical value of 2^x - 1; the implementation aims to do somewhat
better than that (about 70 correct bits before rounding).  I haven't
investigated how accurate hardware is.

Intel manuals describe a narrower range of valid arguments to this
instruction than AMD manuals.  The implementation accepts the wider
range (it's needed anyway for the core code to be reusable in a
subsequent patch reimplementing fyl2x), but the test only has inputs
in the narrower range so that it's valid on hardware that may reject
or produce poor results for inputs outside that range.

Code in the previous implementation that sets C2 for some out-of-range
arguments is not carried forward to the new implementation; C2 is
undefined for this instruction and I suspect that code was just
cut-and-pasted from the trigonometric instructions (fcos, fptan, fsin,
fsincos) where C2 *is* defined to be set for out-of-range arguments.

Signed-off-by: Joseph Myers 

---

This patch *does* depend on my previous one for f2xm1, but only at the
trivial level of needing a #include added by the previous patch.
---
 target/i386/fpu_helper.c   |  208 -
 tests/tcg/i386/test-i386-fyl2xp1.c | 1155 
 2 files changed, 1354 insertions(+), 9 deletions(-)
 create mode 100644 tests/tcg/i386/test-i386-fyl2xp1.c

diff --git a/target/i386/fpu_helper.c b/target/i386/fpu_helper.c
index 8f34ea9776..63b8d20824 100644
--- a/target/i386/fpu_helper.c
+++ b/target/i386/fpu_helper.c
@@ -1373,19 +1373,209 @@ void helper_fprem(CPUX86State *env)
 helper_fprem_common(env, true);
 }
 
+/* 128-bit significand of log2(e).  */
+#define log2_e_sig_high 0xb8aa3b295c17f0bbULL
+#define log2_e_sig_low 0xbe87fed0691d3e89ULL
+
+/*
+ * Polynomial coefficients for an approximation to log2((1+x)/(1-x)),
+ * with only odd powers of x used, for x in the interval [2*sqrt(2)-3,
+ * 3-2*sqrt(2)], which corresponds to logarithms of numbers in the
+ * interval [sqrt(2)/2, sqrt(2)].
+ */
+#define fyl2x_coeff_0 make_floatx80(0x4000, 0xb8aa3b295c17f0bcULL)
+#define fyl2x_coeff_0_low make_floatx80(0xbfbf, 0x834972fe2d7bab1bULL)
+#define fyl2x_coeff_1 make_floatx80(0x3ffe, 0xf6384ee1d01febb8ULL)
+#define fyl2x_coeff_2 make_floatx80(0x3ffe, 0x93bb62877cdfa2e3ULL)
+#define fyl2x_coeff_3 make_floatx80(0x3ffd, 0xd30bb153d808f269ULL)
+#define fyl2x_coeff_4 make_floatx80(0x3ffd, 0xa42589eaf451499eULL)
+#define fyl2x_coeff_5 make_floatx80(0x3ffd, 0x864d42c0f8f17517ULL)
+#define fyl2x_coeff_6 make_floatx80(0x3ffc, 0xe3476578adf26272ULL)
+#define fyl2x_coeff_7 make_floatx80(0x3ffc, 0xc506c5f874e6d80fULL)
+#define fyl2x_coeff_8 make_floatx80(0x3ffc, 0xac5cf50cc57d6372ULL)
+#define fyl2x_coeff_9 make_floatx80(0x3ffc, 0xb1ed0066d971a103ULL)
+
 void helper_fyl2xp1(CPUX86State *env)
 {
-double fptemp = floatx80_to_double(env, ST0);
-
-if ((fptemp + 1.0) > 0.0) {
-fptemp = log(fptemp + 1.0) / log(2.0); /* log2(ST + 1.0) */
-fptemp *= floatx80_to_double(env, ST1);
-ST1 = double_to_floatx80(env, fptemp);
-fpop(env);
+uint8_t old_flags = save_exception_flags(env);
+uint64_t arg0_sig = extractFloatx80Frac(ST0);
+int32_t arg0_exp = extractFloatx80Exp(ST0);
+bool arg0_sign = extractFloatx80Sign(ST0);
+uint64_t arg1_sig = extractFloatx80Frac(ST1);
+int32_t arg1_exp = extractFloatx80Exp(ST1);
+bool arg1_sign = extractFloatx80Sign(ST1);
+
+if (floatx80_is_signaling_nan(ST0, >fp_status)) {
+float_raise(float_flag_invalid, >fp_status);
+ST1 = floatx80_silence_nan(ST0, >fp_status);
+} else if (floatx80_is_signaling_nan(ST1, >fp_status)) {
+float_raise(float_flag_invalid, >fp_status);
+ST1 = floatx80_silence_nan(ST1, >fp_status);
+} else if (floatx80_invalid_encoding(ST0) ||
+   floatx80_invalid_encoding(ST1)) {
+float_raise(float_flag_invalid, >fp_status);
+ST1 = floatx80_default_nan(>fp_status);
+} else if (floatx80_is_any_nan(ST0)) {
+ST1 = ST0;
+} else if (floatx80_is_any_nan(ST1)) {
+/* Pass this NaN through.  */
+} else if (arg0_exp > 0x3ffd ||
+   (arg0_exp == 0x3ffd && arg0_sig > (arg0_sign ?
+  

[PATCH v3 8/8] tpm: Disable interrupt support for TIS on sysbus

[Stefan Berger]

Disable interrupt support for the TIS on sysbus.

Signed-off-by: Stefan Berger 
---
 include/hw/acpi/tpm.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/hw/acpi/tpm.h b/include/hw/acpi/tpm.h
index d356f2e06e..21f81690a5 100644
--- a/include/hw/acpi/tpm.h
+++ b/include/hw/acpi/tpm.h
@@ -25,7 +25,7 @@
 #define TPM_TIS_ADDR_SIZE   0x5000
 
 #define TPM_TIS_ISA_IRQ 13/* only one possible */
-#define TPM_TIS_SYSBUS_IRQ  5
+#define TPM_TIS_SYSBUS_IRQ  TPM_IRQ_DISABLED
 
 #define TPM_TIS_NUM_LOCALITIES  5 /* per spec */
 #define TPM_TIS_LOCALITY_SHIFT  12
-- 
2.24.1

[PATCH v3 3/8] tests: Temporarily ignore DSDT table differences

[Stefan Berger]

Ignore DSDT table differences before enabling IRQ support for TPM.

Signed-off-by: Stefan Berger 
CC: Michael S. Tsirkin 
Reviewed-by: Eric Auger 
---
 tests/qtest/bios-tables-test-allowed-diff.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index dfb8523c8b..bb4ce8967b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1 +1,2 @@
 /* List of comma-separated changed AML files to ignore */
+"tests/data/acpi/q35/DSDT.tis",
-- 
2.24.1

[PATCH v3 0/8] tpm: Enable usage of TPM TIS with interrupts

[Stefan Berger]

This series of patches enables the usage of the TPM TIS with interrupts.
We use the unused IRQ 13, which is also accepted by Windows.

Stefan

v2->v3:
 - Extended series to disable IRQ for TIS on sysbus

v1->v2:
 - Added updated DSDT

Stefan Berger (8):
  tpm_tis: Allow lowering of IRQ also when locality is not active
  tpm: Extend TPMIfClass with get_irqnum() function
  tests: Temporarily ignore DSDT table differences
  tpm: Split TPM_TIS_IRQ into TPM_TIS_ISA_IRQ and TPM_TIS_SYSBUS_IRQ
  acpi: Enable TPM IRQ
  tests: Add updated DSDT
  tpm: Guard irq related ops in case interrupts are disabled
  tpm: Disable interrupt support for TIS on sysbus

 hw/i386/acpi-build.c |  11 +--
 hw/tpm/tpm_tis_common.c  |  12 +---
 hw/tpm/tpm_tis_isa.c |  17 ++---
 hw/tpm/tpm_tis_sysbus.c  |  12 +++-
 include/hw/acpi/tpm.h|   3 ++-
 include/sysemu/tpm.h |  12 
 tests/data/acpi/q35/DSDT.tis | Bin 8357 -> 8360 bytes
 7 files changed, 53 insertions(+), 14 deletions(-)

-- 
2.24.1

[PATCH v3 4/8] tpm: Split TPM_TIS_IRQ into TPM_TIS_ISA_IRQ and TPM_TIS_SYSBUS_IRQ

[Stefan Berger]

Before the enablement of interrupts on PCs, split the TPM_TIS_IRQ
into TPM_TIS_ISA_IRQ for PCs and TPM_TIS_SYSBUS_IRQ for ARM.

Signed-off-by: Stefan Berger 
---
 hw/tpm/tpm_tis_isa.c| 2 +-
 hw/tpm/tpm_tis_sysbus.c | 3 ++-
 include/hw/acpi/tpm.h   | 3 ++-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/hw/tpm/tpm_tis_isa.c b/hw/tpm/tpm_tis_isa.c
index ed6d422f05..27222a9a49 100644
--- a/hw/tpm/tpm_tis_isa.c
+++ b/hw/tpm/tpm_tis_isa.c
@@ -97,7 +97,7 @@ static void tpm_tis_isa_reset(DeviceState *dev)
 }
 
 static Property tpm_tis_isa_properties[] = {
-DEFINE_PROP_UINT32("irq", TPMStateISA, state.irq_num, TPM_TIS_IRQ),
+DEFINE_PROP_UINT32("irq", TPMStateISA, state.irq_num, TPM_TIS_ISA_IRQ),
 DEFINE_PROP_TPMBE("tpmdev", TPMStateISA, state.be_driver),
 DEFINE_PROP_BOOL("ppi", TPMStateISA, state.ppi_enabled, true),
 DEFINE_PROP_END_OF_LIST(),
diff --git a/hw/tpm/tpm_tis_sysbus.c b/hw/tpm/tpm_tis_sysbus.c
index 86b3988be5..bf4583c3f6 100644
--- a/hw/tpm/tpm_tis_sysbus.c
+++ b/hw/tpm/tpm_tis_sysbus.c
@@ -97,7 +97,8 @@ static void tpm_tis_sysbus_reset(DeviceState *dev)
 }
 
 static Property tpm_tis_sysbus_properties[] = {
-DEFINE_PROP_UINT32("irq", TPMStateSysBus, state.irq_num, TPM_TIS_IRQ),
+DEFINE_PROP_UINT32("irq", TPMStateSysBus, state.irq_num,
+   TPM_TIS_SYSBUS_IRQ),
 DEFINE_PROP_TPMBE("tpmdev", TPMStateSysBus, state.be_driver),
 DEFINE_PROP_BOOL("ppi", TPMStateSysBus, state.ppi_enabled, false),
 DEFINE_PROP_END_OF_LIST(),
diff --git a/include/hw/acpi/tpm.h b/include/hw/acpi/tpm.h
index 1a2a57a21f..d5caee9771 100644
--- a/include/hw/acpi/tpm.h
+++ b/include/hw/acpi/tpm.h
@@ -24,7 +24,8 @@
 #define TPM_TIS_ADDR_BASE   0xFED4
 #define TPM_TIS_ADDR_SIZE   0x5000
 
-#define TPM_TIS_IRQ 5
+#define TPM_TIS_ISA_IRQ 5
+#define TPM_TIS_SYSBUS_IRQ  5
 
 #define TPM_TIS_NUM_LOCALITIES  5 /* per spec */
 #define TPM_TIS_LOCALITY_SHIFT  12
-- 
2.24.1

[PATCH v3 5/8] acpi: Enable TPM IRQ

[Stefan Berger]

From: Stefan Berger 

Move the TPM TIS IRQ to unused IRQ 13, which is the only one accepted by
Windows. Query for the TPM's irq number and enable the TPM IRQ unless
TPM_IRQ_DISABLED is returned.

Signed-off-by: Stefan Berger 
CC: Michael S. Tsirkin 
---
 hw/i386/acpi-build.c  | 11 +--
 include/hw/acpi/tpm.h |  2 +-
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 900f786d08..bb9a7f8497 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -2021,6 +2021,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 build_append_pci_bus_devices(scope, bus, pm->pcihp_bridge_en);
 
 if (TPM_IS_TIS_ISA(tpm)) {
+int8_t irq = tpm_get_irqnum(tpm);
 if (misc->tpm_version == TPM_VERSION_2_0) {
 dev = aml_device("TPM");
 aml_append(dev, aml_name_decl("_HID",
@@ -2035,12 +2036,10 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 crs = aml_resource_template();
 aml_append(crs, aml_memory32_fixed(TPM_TIS_ADDR_BASE,
TPM_TIS_ADDR_SIZE, AML_READ_WRITE));
-/*
-FIXME: TPM_TIS_IRQ=5 conflicts with PNP0C0F irqs,
-Rewrite to take IRQ from TPM device model and
-fix default IRQ value there to use some unused IRQ
- */
-/* aml_append(crs, aml_irq_no_flags(TPM_TIS_IRQ)); */
+
+if (irq != TPM_IRQ_DISABLED) {
+aml_append(crs, aml_irq_no_flags(irq));
+}
 aml_append(dev, aml_name_decl("_CRS", crs));
 
 tpm_build_ppi_acpi(tpm, dev);
diff --git a/include/hw/acpi/tpm.h b/include/hw/acpi/tpm.h
index d5caee9771..d356f2e06e 100644
--- a/include/hw/acpi/tpm.h
+++ b/include/hw/acpi/tpm.h
@@ -24,7 +24,7 @@
 #define TPM_TIS_ADDR_BASE   0xFED4
 #define TPM_TIS_ADDR_SIZE   0x5000
 
-#define TPM_TIS_ISA_IRQ 5
+#define TPM_TIS_ISA_IRQ 13/* only one possible */
 #define TPM_TIS_SYSBUS_IRQ  5
 
 #define TPM_TIS_NUM_LOCALITIES  5 /* per spec */
-- 
2.24.1

[PATCH v3 6/8] tests: Add updated DSDT

[Stefan Berger]

Add the updated DSDT following the interrupt enablement.

@@ -5,13 +5,13 @@
  *
  * Disassembling to symbolic ASL+ operators
  *
- * Disassembly of tests/data/acpi/q35/DSDT.tis, Mon Jun 15 09:57:05 2020
+ * Disassembly of /tmp/aml-Y77YL0, Mon Jun 15 09:57:05 2020
  *
  * Original Table Header:
  * Signature"DSDT"
- * Length   0x20A5 (8357)
+ * Length   0x20A8 (8360)
  * Revision 0x01  32-bit table (V1), no 64-bit math support
- * Checksum 0xAD
+ * Checksum 0x77
  * OEM ID   "BOCHS "
  * OEM Table ID "BXPCDSDT"
  * OEM Revision 0x0001 (1)
@@ -3162,6 +3162,8 @@
 0xFED4, // Address Base
 0x5000, // Address Length
 )
+IRQNoFlags ()
+{13}
 })
 OperationRegion (TPP2, SystemMemory, 0xFED45100, 0x5A)
 Field (TPP2, AnyAcc, NoLock, Preserve)
**

Signed-off-by: Stefan Berger 
CC: Michael S. Tsirkin 
---
 tests/data/acpi/q35/DSDT.tis| Bin 8357 -> 8360 bytes
 tests/qtest/bios-tables-test-allowed-diff.h |   1 -
 2 files changed, 1 deletion(-)

diff --git a/tests/data/acpi/q35/DSDT.tis b/tests/data/acpi/q35/DSDT.tis
index 
56b6fb0c3298517d080e38fea05a748b9f1dba54..3f9db960aa05d399fa7f8449e6db688788211832
 100644
GIT binary patch
delta 64
zcmZ4LxWbXkCDllkS`nVeK7N60A%iEs(FaWXJ6
UFkJb^5Wv8o#GtUbT~3Y(068!Z;Q#;t

delta 61
zcmZ4CxYUu$CDGx@7bj*wH}7v$n=<78lD
RV7T&+A%KBlbC;YP695=#58(g+

diff --git a/tests/qtest/bios-tables-test-allowed-diff.h 
b/tests/qtest/bios-tables-test-allowed-diff.h
index bb4ce8967b..dfb8523c8b 100644
--- a/tests/qtest/bios-tables-test-allowed-diff.h
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
@@ -1,2 +1 @@
 /* List of comma-separated changed AML files to ignore */
-"tests/data/acpi/q35/DSDT.tis",
-- 
2.24.1

[PATCH v3 2/8] tpm: Extend TPMIfClass with get_irqnum() function

[Stefan Berger]

From: Stefan Berger 

Implement get_irqnum() as part of the TPMIfClass to get the assigned IRQ
number or TPM_IRQ_DISABLED (-1) in case IRQs cannot be used.

Signed-off-by: Stefan Berger 
---
 hw/tpm/tpm_tis_isa.c|  9 +
 hw/tpm/tpm_tis_sysbus.c |  9 +
 include/sysemu/tpm.h| 12 
 3 files changed, 30 insertions(+)

diff --git a/hw/tpm/tpm_tis_isa.c b/hw/tpm/tpm_tis_isa.c
index 30ba37079d..ed6d422f05 100644
--- a/hw/tpm/tpm_tis_isa.c
+++ b/hw/tpm/tpm_tis_isa.c
@@ -80,6 +80,14 @@ static enum TPMVersion tpm_tis_isa_get_tpm_version(TPMIf *ti)
 return tpm_tis_get_tpm_version(s);
 }
 
+static int8_t tpm_tis_isa_get_irqnum(TPMIf *ti)
+{
+TPMStateISA *isadev = TPM_TIS_ISA(ti);
+TPMState *s = >state;
+
+return s->irq_num;
+}
+
 static void tpm_tis_isa_reset(DeviceState *dev)
 {
 TPMStateISA *isadev = TPM_TIS_ISA(dev);
@@ -148,6 +156,7 @@ static void tpm_tis_isa_class_init(ObjectClass *klass, void 
*data)
 dc->reset = tpm_tis_isa_reset;
 tc->request_completed = tpm_tis_isa_request_completed;
 tc->get_version = tpm_tis_isa_get_tpm_version;
+tc->get_irqnum = tpm_tis_isa_get_irqnum;
 }
 
 static const TypeInfo tpm_tis_isa_info = {
diff --git a/hw/tpm/tpm_tis_sysbus.c b/hw/tpm/tpm_tis_sysbus.c
index eced1fc843..86b3988be5 100644
--- a/hw/tpm/tpm_tis_sysbus.c
+++ b/hw/tpm/tpm_tis_sysbus.c
@@ -80,6 +80,14 @@ static enum TPMVersion tpm_tis_sysbus_get_tpm_version(TPMIf 
*ti)
 return tpm_tis_get_tpm_version(s);
 }
 
+static int8_t tpm_tis_sysbus_get_irqnum(TPMIf *ti)
+{
+TPMStateSysBus *sbdev = TPM_TIS_SYSBUS(ti);
+TPMState *s = >state;
+
+return s->irq_num;
+}
+
 static void tpm_tis_sysbus_reset(DeviceState *dev)
 {
 TPMStateSysBus *sbdev = TPM_TIS_SYSBUS(dev);
@@ -137,6 +145,7 @@ static void tpm_tis_sysbus_class_init(ObjectClass *klass, 
void *data)
 dc->reset = tpm_tis_sysbus_reset;
 tc->request_completed = tpm_tis_sysbus_request_completed;
 tc->get_version = tpm_tis_sysbus_get_tpm_version;
+tc->get_irqnum = tpm_tis_sysbus_get_irqnum;
 }
 
 static const TypeInfo tpm_tis_sysbus_info = {
diff --git a/include/sysemu/tpm.h b/include/sysemu/tpm.h
index 03fb25941c..a81fb4e18e 100644
--- a/include/sysemu/tpm.h
+++ b/include/sysemu/tpm.h
@@ -25,6 +25,8 @@ typedef enum TPMVersion {
 TPM_VERSION_2_0 = 2,
 } TPMVersion;
 
+#define TPM_IRQ_DISABLED  -1
+
 #define TYPE_TPM_IF "tpm-if"
 #define TPM_IF_CLASS(klass) \
 OBJECT_CLASS_CHECK(TPMIfClass, (klass), TYPE_TPM_IF)
@@ -41,6 +43,7 @@ typedef struct TPMIfClass {
 enum TpmModel model;
 void (*request_completed)(TPMIf *obj, int ret);
 enum TPMVersion (*get_version)(TPMIf *obj);
+int8_t (*get_irqnum)(TPMIf *obj);
 } TPMIfClass;
 
 #define TYPE_TPM_TIS_ISA"tpm-tis"
@@ -74,4 +77,13 @@ static inline TPMVersion tpm_get_version(TPMIf *ti)
 return TPM_IF_GET_CLASS(ti)->get_version(ti);
 }
 
+static inline int8_t tpm_get_irqnum(TPMIf *ti)
+{
+if (!ti || !TPM_IF_GET_CLASS(ti)->get_irqnum) {
+return TPM_IRQ_DISABLED;
+}
+
+return TPM_IF_GET_CLASS(ti)->get_irqnum(ti);
+}
+
 #endif /* QEMU_TPM_H */
-- 
2.24.1

[PATCH v3 7/8] tpm: Guard irq related ops in case interrupts are disabled

[Stefan Berger]

Check for irq_num having the value of TPM_IRQ_DISABLED before calling any
IRQ related functions or allowing the user to try to enable interrupts.
Explicitly allow the value of TPM_IRQ_DISABLED in irq_num.

Signed-off-by: Stefan Berger 
---
 hw/tpm/tpm_tis_common.c | 12 +++-
 hw/tpm/tpm_tis_isa.c|  6 --
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/hw/tpm/tpm_tis_common.c b/hw/tpm/tpm_tis_common.c
index 0f42696f1f..13b233309e 100644
--- a/hw/tpm/tpm_tis_common.c
+++ b/hw/tpm/tpm_tis_common.c
@@ -359,7 +359,11 @@ static uint64_t tpm_tis_mmio_read(void *opaque, hwaddr 
addr,
 val = s->loc[locty].inte;
 break;
 case TPM_TIS_REG_INT_VECTOR:
-val = s->irq_num;
+if (s->irq_num != TPM_IRQ_DISABLED) {
+val = s->irq_num;
+} else {
+val = 0;
+}
 break;
 case TPM_TIS_REG_INT_STATUS:
 val = s->loc[locty].ints;
@@ -591,6 +595,9 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
 if (s->active_locty != locty) {
 break;
 }
+if (s->irq_num == TPM_IRQ_DISABLED) {
+val &= ~TPM_TIS_INT_ENABLED;
+}
 
 s->loc[locty].inte &= mask;
 s->loc[locty].inte |= (val & (TPM_TIS_INT_ENABLED |
@@ -601,6 +608,9 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
 /* hard wired -- ignore */
 break;
 case TPM_TIS_REG_INT_STATUS:
+if (s->irq_num == TPM_IRQ_DISABLED) {
+break;
+}
 /* clearing of interrupt flags */
 if (((val & TPM_TIS_INTERRUPTS_SUPPORTED)) &&
 (s->loc[locty].ints & TPM_TIS_INTERRUPTS_SUPPORTED)) {
diff --git a/hw/tpm/tpm_tis_isa.c b/hw/tpm/tpm_tis_isa.c
index 27222a9a49..d72f733ead 100644
--- a/hw/tpm/tpm_tis_isa.c
+++ b/hw/tpm/tpm_tis_isa.c
@@ -127,13 +127,15 @@ static void tpm_tis_isa_realizefn(DeviceState *dev, Error 
**errp)
 error_setg(errp, "'tpmdev' property is required");
 return;
 }
-if (s->irq_num > 15) {
+if (s->irq_num > 15 && s->irq_num != TPM_IRQ_DISABLED) {
 error_setg(errp, "IRQ %d is outside valid range of 0 to 15",
s->irq_num);
 return;
 }
 
-isa_init_irq(ISA_DEVICE(dev), >irq, s->irq_num);
+if (s->irq_num != TPM_IRQ_DISABLED) {
+isa_init_irq(ISA_DEVICE(dev), >irq, s->irq_num);
+}
 
 memory_region_add_subregion(isa_address_space(ISA_DEVICE(dev)),
 TPM_TIS_ADDR_BASE, >mmio);
-- 
2.24.1

[PATCH v3 1/8] tpm_tis: Allow lowering of IRQ also when locality is not active

[Stefan Berger]

From: Stefan Berger 

This patch fixes a bug that occurs when using interrupts. It
allows to lower the IRQ also when a locality is not active.

Signed-off-by: Stefan Berger 
Reviewed-by: Eric Auger 
---
 hw/tpm/tpm_tis_common.c | 4 
 1 file changed, 4 deletions(-)

diff --git a/hw/tpm/tpm_tis_common.c b/hw/tpm/tpm_tis_common.c
index 1af4bce139..0f42696f1f 100644
--- a/hw/tpm/tpm_tis_common.c
+++ b/hw/tpm/tpm_tis_common.c
@@ -601,10 +601,6 @@ static void tpm_tis_mmio_write(void *opaque, hwaddr addr,
 /* hard wired -- ignore */
 break;
 case TPM_TIS_REG_INT_STATUS:
-if (s->active_locty != locty) {
-break;
-}
-
 /* clearing of interrupt flags */
 if (((val & TPM_TIS_INTERRUPTS_SUPPORTED)) &&
 (s->loc[locty].ints & TPM_TIS_INTERRUPTS_SUPPORTED)) {
-- 
2.24.1

[Bug 1883784] [NEW] [ppc64le] qemu behavior differs from ppc64le hardware

[Evan Nemerson]

Public bug reported:

I have some code which passes my test suite on PPC64LE hardware when
compiled with GCC 10, but the saem binary fails with both qemu-ppc64le
4.2 (on Fedora 32) and qemu-ppc64le-static 5.0.0 (Debian testing).

I'm not getting any errors about illegal instructions or anything, like
that; the results are just silently different on qemu.

I've generated a reduced test case, which is attached along with the
binaries (both are the same code, one is just statically linked).  They
should execute successufully on PPC64LE hardware, but on qemu they hit a
__builtin_abort (because the computed value doesn't match the expected
value).

Without being familiar with PPC assembly I'm not sure what else I can
do, but if there is anything please let me know.

** Affects: qemu
 Importance: Undecided
 Status: New


** Tags: ppc64le

** Attachment added: "test case"
   
https://bugs.launchpad.net/bugs/1883784/+attachment/5384531/+files/mm_cvtpd_ps.tar.bz2

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1883784

Title:
  [ppc64le] qemu behavior differs from ppc64le hardware

Status in QEMU:
  New

Bug description:
  I have some code which passes my test suite on PPC64LE hardware when
  compiled with GCC 10, but the saem binary fails with both qemu-ppc64le
  4.2 (on Fedora 32) and qemu-ppc64le-static 5.0.0 (Debian testing).

  I'm not getting any errors about illegal instructions or anything,
  like that; the results are just silently different on qemu.

  I've generated a reduced test case, which is attached along with the
  binaries (both are the same code, one is just statically linked).
  They should execute successufully on PPC64LE hardware, but on qemu
  they hit a __builtin_abort (because the computed value doesn't match
  the expected value).

  Without being familiar with PPC assembly I'm not sure what else I can
  do, but if there is anything please let me know.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1883784/+subscriptions

Re: [PATCH v2 0/5] hw/riscv: sifive_u: Add Mode Select (MSEL[3:0]) support

[Alistair Francis]

On Mon, Jun 15, 2020 at 5:51 PM Bin Meng  wrote:
>
> From: Bin Meng 
>
> This series updates the 'sifive_u' machine support:
>
> - Change SiFive E/U series CPU reset vector to 0x1004
> - Support Mode Select (MSEL[3:0]) settings at 0x1000 via a new
>   "msel" machine property
> - Add a dummy DDR memory controller device
>
> With this series, QEMU can boot U-Boot SPL built for SiFive FU540
> all the way up to loading U-Boot proper from MMC:
>
> $ qemu-system-riscv64 -nographic -M sifive_u,msel=6 -m 8G -bios u-boot-spl.bin
>
> U-Boot SPL 2020.07-rc3-00208-g88bd5b1 (Jun 08 2020 - 20:16:10 +0800)
> Trying to boot from MMC1
> Unhandled exception: Load access fault
> EPC: 08009be6 TVAL: 10050014
>
> The last big gap for the 'sifive_u' machine is the QSPI modeling.
>
> Changes in v2:
> - Drop the already applied patch 01 to 11 in v1
> - new patch: Rename IBEX CPU init routine
> - rebase on https://github.com/alistair23/qemu riscv-to-apply.next branch
> - rename SiFive E/U CPU init routine names
>
> Bin Meng (5):
>   target/riscv: Rename IBEX CPU init routine
>   hw/riscv: sifive: Change SiFive E/U CPU reset vector to 0x1004
>   hw/riscv: sifive_u: Support different boot source per MSEL pin state
>   hw/riscv: sifive_u: Sort the SoC memmap table entries
>   hw/riscv: sifive_u: Add a dummy DDR memory controller device

Applied to the RISC-V tree

Alistair

>
>  hw/riscv/sifive_e.c | 10 +
>  hw/riscv/sifive_u.c | 51 
> ++---
>  include/hw/riscv/sifive_u.h |  7 +++
>  target/riscv/cpu.c  | 20 +-
>  4 files changed, 62 insertions(+), 26 deletions(-)
>
> --
> 2.7.4
>
>

Re: [PATCH v6 0/5] RISC-V multi-socket support

[Alistair Francis]

On Mon, Jun 15, 2020 at 8:23 PM Anup Patel  wrote:
>
> This series adds multi-socket support for RISC-V virt machine and
> RISC-V spike machine. The multi-socket support will help us improve
> various RISC-V operating systems, firmwares, and bootloader to
> support RISC-V NUMA systems.
>
> These patch can be found in riscv_multi_socket_v6 branch at:
> https://github.com/avpatel/qemu.git
>
> Changes since v5:
>  - Rebased patches on Spike changes from Alistair
>  - Added comments describing RISC-V NUMA helper functions
>
> Changes since v4:
>  - Re-arrange patches and move CLINT and PLIC patches before other
>patches because these are already reviewed
>  - Added PATCH3 for common RISC-V multi-socket helpers
>  - Added support for "-numa cpu,node-id" option in PATCH4 and PATCH5
>
> Changes since v3:
>  - Use "-numa" QEMU options to populate sockets instead of custom
>"multi-socket" sub-option in machine name
>
> Changes since v2:
>  - Dropped PATCH1 as it is not required any more
>  - Added "multi-socket" sub-option for Spike and Virt machine
>which can be used to enable/disable mult-socket support
>
> Changes since v1:
>  - Fixed checkpatch errors and warnings
>  - Added PATCH1 for knowning whether "sockets" sub-option was specified
>  - Remove SPIKE_CPUS_PER_SOCKET_MIN and SPIKE_CPUS_PER_SOCKET_MAX in PATCH3
>  - Remove VIRT_CPUS_PER_SOCKET_MIN and VIRT_CPUS_PER_SOCKET_MAX in PATCH5
>
> Anup Patel (5):
>   hw/riscv: Allow creating multiple instances of CLINT
>   hw/riscv: Allow creating multiple instances of PLIC
>   hw/riscv: Add helpers for RISC-V multi-socket NUMA machines
>   hw/riscv: spike: Allow creating multiple NUMA sockets
>   hw/riscv: virt: Allow creating multiple NUMA sockets

Applied to the RISC-V tree

Alistair

>
>  hw/riscv/Makefile.objs  |   1 +
>  hw/riscv/numa.c | 242 +++
>  hw/riscv/sifive_clint.c |  20 +-
>  hw/riscv/sifive_e.c |   4 +-
>  hw/riscv/sifive_plic.c  |  24 +-
>  hw/riscv/sifive_u.c |   4 +-
>  hw/riscv/spike.c| 237 +-
>  hw/riscv/virt.c | 530 ++--
>  include/hw/riscv/numa.h | 113 +++
>  include/hw/riscv/sifive_clint.h |   7 +-
>  include/hw/riscv/sifive_plic.h  |  12 +-
>  include/hw/riscv/spike.h|  11 +-
>  include/hw/riscv/virt.h |   9 +-
>  13 files changed, 873 insertions(+), 341 deletions(-)
>  create mode 100644 hw/riscv/numa.c
>  create mode 100644 include/hw/riscv/numa.h
>
> --
> 2.25.1
>
>

Re: [PATCH v4 0/4] block: seriously improve savevm performance

[no-reply]

Patchew URL: https://patchew.org/QEMU/20200616162035.29857-1-...@openvz.org/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Subject: [PATCH v4 0/4] block: seriously improve savevm performance
Type: series
Message-id: 20200616162035.29857-1-...@openvz.org

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
551826e block/io: improve savevm performance
81a93fd block, migration: add bdrv_flush_vmstate helper
05e3395 block/aio_task: drop aio_task_pool_wait_one() helper
61e0ce3 block/aio_task: allow start/wait task from any coroutine
d04a716 migration/savevm: respect qemu_fclose() error code in save_snapshot()

=== OUTPUT BEGIN ===
1/5 Checking commit d04a7160d2c0 (migration/savevm: respect qemu_fclose() error 
code in save_snapshot())
2/5 Checking commit 61e0ce32d320 (block/aio_task: allow start/wait task from 
any coroutine)
3/5 Checking commit 05e339500af8 (block/aio_task: drop aio_task_pool_wait_one() 
helper)
4/5 Checking commit 81a93fdf74a9 (block, migration: add bdrv_flush_vmstate 
helper)
WARNING: Block comments use a leading /* on a separate line
#93: FILE: include/block/block.h:575:
+/* bdrv_flush_vmstate() is mandatory to commit vmstate changes if

WARNING: Block comments use * on subsequent lines
#94: FILE: include/block/block.h:576:
+/* bdrv_flush_vmstate() is mandatory to commit vmstate changes if
+   bdrv_save_vmstate() was ever called */

WARNING: Block comments use a trailing */ on a separate line
#94: FILE: include/block/block.h:576:
+   bdrv_save_vmstate() was ever called */

ERROR: braces {} are necessary for all arms of this statement
#108: FILE: migration/savevm.c:154:
+if (err < 0)
[...]

total: 1 errors, 3 warnings, 60 lines checked

Patch 4/5 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

5/5 Checking commit 551826e4ae66 (block/io: improve savevm performance)
WARNING: Block comments use a leading /* on a separate line
#132: FILE: block/io.c:2711:
+/* Caller is responsible for cleanup. We should block all further

WARNING: Block comments use a trailing */ on a separate line
#133: FILE: block/io.c:2712:
+ * save operations for this exact state */

total: 0 errors, 2 warnings, 179 lines checked

Patch 5/5 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
=== OUTPUT END ===

Test command exited with code: 1


The full log is available at
http://patchew.org/logs/20200616162035.29857-1-...@openvz.org/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

QEMU | Pipeline #156886967 has failed for master | 5c24bce3

[GitLab via]

Your pipeline has failed.

Project: QEMU ( https://gitlab.com/qemu-project/qemu )
Branch: master ( https://gitlab.com/qemu-project/qemu/-/commits/master )

Commit: 5c24bce3 ( 
https://gitlab.com/qemu-project/qemu/-/commit/5c24bce3056ff209a1ecc50ff4b7e65b85ad8e74
 )
Commit Message: Merge remote-tracking branch 'remotes/stsquad/t...
Commit Author: Peter Maydell ( https://gitlab.com/pm215 )

Pipeline #156886967 ( 
https://gitlab.com/qemu-project/qemu/-/pipelines/156886967 ) triggered by Alex 
Bennée ( https://gitlab.com/stsquad )
had 1 failed build.

Job #597977855 ( https://gitlab.com/qemu-project/qemu/-/jobs/597977855/raw )

Stage: test
Name: build-tcg-disabled
Trace: 215  ...[17:39:31] ...  
215  pass   [17:39:31] [17:40:59]  87s   
216  ...[17:40:59] ...  
216  pass   [17:40:59] [17:41:03]   4s   
218  ...[17:41:03] ...  
218  pass   [17:41:03] [17:41:04]   1s   
222  ...[17:41:04] ...  
222  pass   [17:41:04] [17:41:05]   1s   
227  ...[17:41:05] ...  
227  pass   [17:41:05] [17:41:05]   0s   
234  ...[17:41:05] ...  
234  pass   [17:41:05] [17:41:06]   1s   
246  ...[17:41:06] ...  
246  pass   [17:41:06] [17:41:06]   0s   
247  ...[17:41:06] ...  
247  pass   [17:41:06] [17:41:08]   1s   
248  ...[17:41:08] ...  
248  pass   [17:41:08] [17:41:08]   0s   
250  ...[17:41:08] ...  
250  pass   [17:41:08] [17:41:09]   1s   
254  ...[17:41:09] ...  
254  pass   [17:41:09] [17:41:09]   0s   
255  ...[17:41:09] ...  
255  pass   [17:41:09] [17:41:11]   2s   
257  ...[17:41:11] ...  
257  pass   [17:41:11] [17:41:21]  10s   
258  ...[17:41:21] ...  
258  pass   [17:41:21] [17:41:21]   0s   
260  ...[17:41:21] ...  
260  pass   [17:41:21] [17:41:22]   1s   
261  ...[17:41:22] ...  
261  pass   [17:41:22] [17:41:46]  24s   
262  ...[17:41:46] ...  
262  pass   [17:41:46] [17:41:47]   1s   
263  ...[17:41:47] ...  
263  pass   [17:41:47] [17:41:49]   2s   
264  ...[17:41:49] ...  
264  pass   [17:41:49] [17:41:53]   4s   
270  ...[17:41:53] ...  
270  pass   [17:41:53] [17:41:55]   2s   
272  ...[17:41:55] ...  
272  pass   [17:41:55] [17:41:56]   1s   
273  ...[17:41:56] ...  
273  pass   [17:41:56] [17:41:56]   0s   
277  ...[17:41:56] ...  
277  pass   [17:41:56] [17:41:57]   1s   
279  ...[17:41:57] ...  
279  pass   [17:41:57] [17:41:58]   1s   
Failures: 051
Failed 1 of 57 iotests
section_end:1592329331:build_script
section_start:1592329331:after_script
Running after_script
section_end:1592329335:after_script
section_start:1592329335:upload_artifacts_on_failure
Uploading artifacts for failed job
section_end:1592329337:upload_artifacts_on_failure
ERROR: Job failed: exit code 1



-- 
You're receiving this email because of your account on gitlab.com.

Accessing the Metal graphics API with OSX as VM client

[Trystan Larey-Williams]

Hi all,

I'm trying to get a sense of where QEMU headed in terms of supporting 
Apple's Metal API. Apple will likely be removing OpenGL support entirely 
from OSX, perhaps as early as the next major release of OSX in Sep/Oct. 
Information on support for graphics acceleration on an OSX client using 
Metal instead of OpenGL seems non-existent. From the QEMU documentation 
I gather there are a few ways to 'pass through' a device natively to the 
VM. Would this be the only way to currently access Metal on OSX? Has 
anyone actually tried this?


Thanks,
Trystan

Re: [PATCH] block: file-posix: Fail unmap with NO_FALLBACK on block device

[Eric Blake]

On 6/16/20 10:32 AM, Kevin Wolf wrote:

Am 15.06.2020 um 21:32 hat Nir Soffer geschrieben:

We can zero 2.3 g/s:

# time blkdiscard -z test-lv

real 0m43.902s
user 0m0.002s
sys 0m0.130s



We can write 445m/s:

# dd if=/dev/zero bs=2M count=51200 of=test-lv oflag=direct conv=fsync
107374182400 bytes (107 GB, 100 GiB) copied, 241.257 s, 445 MB/s


So using FALLOC_FL_PUNCH_HOLE _is_ faster after all. What might not be
faster is zeroing out the whole device and then overwriting a
considerable part of it again.


Yeah, there can indeed be a difference between a pre-zeroing which can 
be super-fast (on a posix file, truncate to 0 and back to the desired 
size, for example), and where it is faster than writes but still slower 
than a single pass.




I think this means that we shouldn't fail write_zeroes at the file-posix
level even if BDRV_REQ_NO_FALLBACK is given. Instead, qemu-img convert
is where I see a fix.


Is the kernel able to tell us reliably when we can perform a fast 
pre-zero pass?  If it can't, it's that much harder to define when 
BDRV_REQ_NO_FALLBACK makes a difference.




Certainly qemu-img could be cleverer and zero out more selectively. The
idea of doing a blk_make_zero() first seems to have caused some
problems, though of course its introduction was also justified with
performance, so improving one case might hurt another if we're not
careful.

However, when Peter Lieven introduced this (commit 5a37b60a61c), we
didn't use write_zeroes yet during the regular copy loop (we do since
commit 690c7301600). So chances are that blk_make_zero() doesn't
actually help any more now.

Can you run another test with the patch below? I think it should perform
the same as yours. Eric, Peter, do you think this would have a negative
effect for NBD and/or iscsi?


I'm still hoping to revive my work on making bdrv_make_zero a per-driver 
callback with smarts for the fastest possible pre-zeroing that driver is 
capable of, or fast failure when BDRV_REQ_NO_FALLBACK is set and it is 
no faster to pre-zero than it is to just write zeroes when needed.  I 
can certainly construct NBD scenarios in either direction (where a 
pre-zeroing pass is faster because of less network traffic, or where a 
pre-zeroing pass is slower because of increased I/O - in fact, that was 
part of my KVM Forum 2019 demo on why the NBD protocol added a FAST_ZERO 
flag mirroring the idea of qemu's BDRV_REQ_NO_FALLBACK).




The other option would be providing an option and making it Someone
Else's Problem.


Matching what we recently did with --target-is-zero.



Kevin


diff --git a/qemu-img.c b/qemu-img.c
index d7e846e607..bdb9f6aa46 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -2084,15 +2084,6 @@ static int convert_do_copy(ImgConvertState *s)
  s->has_zero_init = bdrv_has_zero_init(blk_bs(s->target));
  }

-if (!s->has_zero_init && !s->target_has_backing &&
-bdrv_can_write_zeroes_with_unmap(blk_bs(s->target)))
-{
-ret = blk_make_zero(s->target, BDRV_REQ_MAY_UNMAP | 
BDRV_REQ_NO_FALLBACK);
-if (ret == 0) {
-s->has_zero_init = true;
-}
-}
-
  /* Allocate buffer for copied data. For compressed images, only one 
cluster
   * can be copied at a time. */
  if (s->compressed) {



--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: [PATCH RFC v2 1/5] block: add bitmap-populate job

[Eric Blake]

On 6/16/20 2:46 PM, Eric Blake wrote:


+BlockJob *bitpop_job_create(



+    if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
+    return NULL;
+    }


What does this protect? And why does BACKUP_SOURCE describe acccurately
what this job does?


I'm less certain what the BLOCK_OP_TYPE_* constants are supposed to 
block, or if this is just copy/paste from backup.c. Does BlockOpType in 
block.h need a new entry?


As it is, our code base has slowly moved away from op_blockers.  We no 
longer have any explicit bdrv_op_block() except when blocking 
everything, then immediately followed up with unblocking a mere subset 
of all of the defined op types:


block.c:bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_COMMIT_TARGET,
block.c:bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_STREAM,
block.c:bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_SOURCE,
block.c:bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_TARGET,
block/replication.c:bdrv_op_unblock(top_bs, 
BLOCK_OP_TYPE_DATAPLANE, s->blocker);

blockjob.c:bdrv_op_unblock(bs, BLOCK_OP_TYPE_DATAPLANE, job->blocker);

Are we at the point where we can ditch op_blockers altogether in favor 
of the block permissions system?


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: [PATCH] block: file-posix: Fail unmap with NO_FALLBACK on block device

[Nir Soffer]

On Tue, Jun 16, 2020 at 8:39 PM Nir Soffer  wrote:
>
> On Tue, Jun 16, 2020 at 6:32 PM Kevin Wolf  wrote:
> >
> > Am 15.06.2020 um 21:32 hat Nir Soffer geschrieben:
> > > We can zero 2.3 g/s:
> > >
> > > # time blkdiscard -z test-lv
> > >
> > > real 0m43.902s
> > > user 0m0.002s
> > > sys 0m0.130s
> >
> > > We can write 445m/s:
> > >
> > > # dd if=/dev/zero bs=2M count=51200 of=test-lv oflag=direct conv=fsync
> > > 107374182400 bytes (107 GB, 100 GiB) copied, 241.257 s, 445 MB/s
> >
> > So using FALLOC_FL_PUNCH_HOLE _is_ faster after all. What might not be
> > faster is zeroing out the whole device and then overwriting a
> > considerable part of it again.
> >
> > I think this means that we shouldn't fail write_zeroes at the file-posix
> > level even if BDRV_REQ_NO_FALLBACK is given. Instead, qemu-img convert
> > is where I see a fix.
> >
> > Certainly qemu-img could be cleverer and zero out more selectively. The
> > idea of doing a blk_make_zero() first seems to have caused some
> > problems, though of course its introduction was also justified with
> > performance, so improving one case might hurt another if we're not
> > careful.
> >
> > However, when Peter Lieven introduced this (commit 5a37b60a61c), we
> > didn't use write_zeroes yet during the regular copy loop (we do since
> > commit 690c7301600). So chances are that blk_make_zero() doesn't
> > actually help any more now.
> >
> > Can you run another test with the patch below?
>
> Sure, I can try this.

Tried it, and it performs the same as expected.

> > I think it should perform
> > the same as yours. Eric, Peter, do you think this would have a negative
> > effect for NBD and/or iscsi?
> >
> > The other option would be providing an option and making it Someone
> > Else's Problem.
> >
> > Kevin
> >
> >
> > diff --git a/qemu-img.c b/qemu-img.c
> > index d7e846e607..bdb9f6aa46 100644
> > --- a/qemu-img.c
> > +++ b/qemu-img.c
> > @@ -2084,15 +2084,6 @@ static int convert_do_copy(ImgConvertState *s)
> >  s->has_zero_init = bdrv_has_zero_init(blk_bs(s->target));
> >  }
> >
> > -if (!s->has_zero_init && !s->target_has_backing &&
> > -bdrv_can_write_zeroes_with_unmap(blk_bs(s->target)))
> > -{
> > -ret = blk_make_zero(s->target, BDRV_REQ_MAY_UNMAP | 
> > BDRV_REQ_NO_FALLBACK);
> > -if (ret == 0) {
> > -s->has_zero_init = true;
> > -}
> > -}
>
> This will work of course, but now we will not do bulk zero for any target

I would like to have a minimal change to increase the chance that we can
consume this very soon in oVirt.

> I think we never do this for regular files anyway since we truncate
> files, and there
> is nothing to zero, but maybe there is some case when this is useful?
>
> BTW, do we use BDRV_REQ_NO_FALLBACK elsewhere? maybe we can remove it.
>
> >  /* Allocate buffer for copied data. For compressed images, only one 
> > cluster
> >   * can be copied at a time. */
> >  if (s->compressed) {
> >

Re: [PATCH RFC v2 1/5] block: add bitmap-populate job

[John Snow]

On 6/16/20 3:46 PM, Eric Blake wrote:
> I'm less certain what the BLOCK_OP_TYPE_* constants are supposed to
> block, or if this is just copy/paste from backup.c. Does BlockOpType in
> block.h need a new entry?

Copy paste. I wasn't sure myself.

Re: [PATCH RFC v2 1/5] block: add bitmap-populate job

[Eric Blake]

On 6/4/20 4:01 AM, Kevin Wolf wrote:

Am 14.05.2020 um 05:49 hat John Snow geschrieben:

This job copies the allocation map into a bitmap. It's a job because
there's no guarantee that allocation interrogation will be quick (or
won't hang), so it cannot be retrofit into block-dirty-bitmap-merge.

It was designed with different possible population patterns in mind,
but only top layer allocation was implemented for now.


Other patterns that might make sense someday:
all-ones (we already have bitmap-clear for all zeroes)
an inverse flag (set bits for all unallocated portions)
compressed (set bits for portions that are compressed)

but yeah, I don't see it worth implementing any of them without a client.



Signed-off-by: John Snow 
---
  qapi/block-core.json  |  48 +
  qapi/job.json |   2 +-
  include/block/block_int.h |  21 
  block/bitmap-alloc.c  | 207 ++


bitmap-populate.c to be more consistent with the actual job name?


Seems reasonable to me.




  blockjob.c|   3 +-
  block/Makefile.objs   |   1 +
  6 files changed, 280 insertions(+), 2 deletions(-)
  create mode 100644 block/bitmap-alloc.c


[...]


+BlockJob *bitpop_job_create(



+if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
+return NULL;
+}


What does this protect? And why does BACKUP_SOURCE describe acccurately
what this job does?


I'm less certain what the BLOCK_OP_TYPE_* constants are supposed to 
block, or if this is just copy/paste from backup.c. Does BlockOpType in 
block.h need a new entry?





+if (bdrv_dirty_bitmap_check(target_bitmap, BDRV_BITMAP_DEFAULT, errp)) {
+return NULL;
+}
+
+if (pattern != BITMAP_PATTERN_ALLOCATION_TOP) {
+error_setg(errp, "Unrecognized bitmap pattern");
+return NULL;
+}
+
+len = bdrv_getlength(bs);
+if (len < 0) {
+error_setg_errno(errp, -len, "unable to get length for '%s'",
+ bdrv_get_device_name(bs));


This operates on the node level, so bdrv_get_device_or_node_name() is
necessary to avoid empty strings in the message.


Easy to fix.




+return NULL;
+}
+
+/* NB: new bitmap is anonymous and enabled */
+cluster_size = bdrv_dirty_bitmap_granularity(target_bitmap);
+new_bitmap = bdrv_create_dirty_bitmap(bs, cluster_size, NULL, errp);
+if (!new_bitmap) {
+return NULL;
+}
+
+/* Take ownership; we reserve the right to write into this on-commit. */
+bdrv_dirty_bitmap_set_busy(target_bitmap, true);
+
+job = block_job_create(job_id, _job_driver, txn, bs,
+   BLK_PERM_CONSISTENT_READ,


I don't think we actually rely on CONSISTENT_READ, but then, using the
job on inconsistent nodes probably makes little sense and we can always
relax the restriction later if necessary.


+   BLK_PERM_ALL & ~BLK_PERM_RESIZE,
+   0, creation_flags,
+   cb, opaque, errp);
+if (!job) {
+bdrv_dirty_bitmap_set_busy(target_bitmap, false);
+bdrv_release_dirty_bitmap(new_bitmap);
+return NULL;
+}
+
+job->bs = bs;
+job->on_error = on_error;
+job->target_bitmap = target_bitmap;
+job->new_bitmap = new_bitmap;
+job->len = len;
+job_progress_set_remaining(>common.job, job->len);
+
+return >common;
+}


Kevin



--
Eric Blake, Principal Software Engineer
Red Hat, Inc.   +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Re: [PATCH RFC v2] target/arm: Implement SVE2 FLOGB

[Richard Henderson]

On 4/30/20 12:14 PM, Stephen Long wrote:
> Signed-off-by: Stephen Long 
> ---
> 
> I made the changes Richard requested. I took out the status field for
> the helper function.
> 
>  include/fpu/softfloat.h|  5 +++
>  target/arm/helper-sve.h|  4 +++
>  target/arm/sve.decode  |  4 +++
>  target/arm/sve_helper.c| 63 ++
>  target/arm/translate-sve.c |  9 ++
>  5 files changed, 85 insertions(+)
> 
> diff --git a/include/fpu/softfloat.h b/include/fpu/softfloat.h
> index ecb8ba0114..275d138145 100644
> --- a/include/fpu/softfloat.h
> +++ b/include/fpu/softfloat.h
> @@ -260,6 +260,11 @@ static inline int float16_is_zero_or_denormal(float16 a)
>  return (float16_val(a) & 0x7c00) == 0;
>  }
>  
> +static inline bool float16_is_normal(float16 a)
> +{
> +return (((float16_val(a) >> 10) + 1) & 0x1f) >= 2;
> +}

I split this out to its own patch.

> +static int16_t do_float16_logb_as_int(float16 a)
> +{
> +if (float16_is_normal(a)) {
> +return extract16(a, 10, 5) - 15;
> +} else if (float16_is_infinity(a)) {
> +return INT16_MAX;
> +} else if (float16_is_any_nan(a) || float16_is_zero(a)) {
> +return INT16_MIN;
> +}
> +// denormal

CODING_STYLE prohibits c++ comments.  Fixed.

> +static bool trans_FLOGB(DisasContext *s, arg_rpr_esz *a)
> +{
> +static gen_helper_gvec_3 * const fns[] = {
> +NULL,   gen_helper_flogb_h,
> +gen_helper_flogb_s, gen_helper_flogb_d
> +};
> +return do_sve2_zpz_ool(s, a, fns[a->esz - 1]);

Incorrect subtract in the indexing.  Fixed.

Queued with the above changes.


r~

[PATCH 1/3] riscv: Unify Qemu's reset vector code path

[Atish Patra]

Currently, all riscv machines have identical reset vector code
implementations with memory addresses being different for all machines.
They can be easily combined into a single function in common code.

Move it to common function and let all the machines use the common function.

Signed-off-by: Atish Patra 
---
 hw/riscv/boot.c | 46 +
 hw/riscv/sifive_u.c | 38 +++---
 hw/riscv/spike.c| 38 +++---
 hw/riscv/virt.c | 37 +++--
 include/hw/riscv/boot.h |  2 ++
 5 files changed, 57 insertions(+), 104 deletions(-)

diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c
index adb421b91b68..8ed96da600c9 100644
--- a/hw/riscv/boot.c
+++ b/hw/riscv/boot.c
@@ -22,12 +22,16 @@
 #include "qemu/units.h"
 #include "qemu/error-report.h"
 #include "exec/cpu-defs.h"
+#include "exec/address-spaces.h"
 #include "hw/boards.h"
 #include "hw/loader.h"
 #include "hw/riscv/boot.h"
 #include "elf.h"
+#include "sysemu/device_tree.h"
 #include "sysemu/qtest.h"
 
+#include 
+
 #if defined(TARGET_RISCV32)
 # define KERNEL_BOOT_ADDRESS 0x8040
 #else
@@ -155,3 +159,45 @@ hwaddr riscv_load_initrd(const char *filename, uint64_t 
mem_size,
 
 return *start + size;
 }
+
+void riscv_setup_rom_reset_vec(hwaddr start_addr, hwaddr rom_base,
+   hwaddr rom_size, void *fdt)
+{
+int i;
+/* reset vector */
+uint32_t reset_vec[8] = {
+0x0297,  /* 1:  auipc  t0, %pcrel_hi(dtb) */
+0x02028593,  /* addi   a1, t0, %pcrel_lo(1b) */
+0xf1402573,  /* csrr   a0, mhartid  */
+#if defined(TARGET_RISCV32)
+0x0182a283,  /* lw t0, 24(t0) */
+#elif defined(TARGET_RISCV64)
+0x0182b283,  /* ld t0, 24(t0) */
+#endif
+0x00028067,  /* jr t0 */
+0x,
+start_addr,  /* start: .dword */
+0x,
+ /* dtb: */
+};
+
+/* copy in the reset vector in little_endian byte order */
+for (i = 0; i < sizeof(reset_vec) >> 2; i++) {
+reset_vec[i] = cpu_to_le32(reset_vec[i]);
+}
+rom_add_blob_fixed_as("mrom.reset", reset_vec, sizeof(reset_vec),
+  rom_base, _space_memory);
+
+/* copy in the device tree */
+if (fdt_pack(fdt) || fdt_totalsize(fdt) >
+rom_size - sizeof(reset_vec)) {
+error_report("not enough space to store device-tree");
+exit(1);
+}
+qemu_fdt_dumpdtb(fdt, fdt_totalsize(fdt));
+rom_add_blob_fixed_as("mrom.fdt", fdt, fdt_totalsize(fdt),
+   rom_base + sizeof(reset_vec),
+   _space_memory);
+
+return;
+}
diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
index f9fef2be9170..c2712570e0d9 100644
--- a/hw/riscv/sifive_u.c
+++ b/hw/riscv/sifive_u.c
@@ -325,7 +325,6 @@ static void sifive_u_machine_init(MachineState *machine)
 MemoryRegion *main_mem = g_new(MemoryRegion, 1);
 MemoryRegion *flash0 = g_new(MemoryRegion, 1);
 target_ulong start_addr = memmap[SIFIVE_U_DRAM].base;
-int i;
 
 /* Initialize SoC */
 object_initialize_child(OBJECT(machine), "soc", >soc,
@@ -374,40 +373,9 @@ static void sifive_u_machine_init(MachineState *machine)
 start_addr = memmap[SIFIVE_U_FLASH0].base;
 }
 
-/* reset vector */
-uint32_t reset_vec[8] = {
-0x0297,/* 1:  auipc  t0, %pcrel_hi(dtb) */
-0x02028593,/* addi   a1, t0, %pcrel_lo(1b) */
-0xf1402573,/* csrr   a0, mhartid  */
-#if defined(TARGET_RISCV32)
-0x0182a283,/* lw t0, 24(t0) */
-#elif defined(TARGET_RISCV64)
-0x0182b283,/* ld t0, 24(t0) */
-#endif
-0x00028067,/* jr t0 */
-0x,
-start_addr,/* start: .dword */
-0x,
-   /* dtb: */
-};
-
-/* copy in the reset vector in little_endian byte order */
-for (i = 0; i < sizeof(reset_vec) >> 2; i++) {
-reset_vec[i] = cpu_to_le32(reset_vec[i]);
-}
-rom_add_blob_fixed_as("mrom.reset", reset_vec, sizeof(reset_vec),
-  memmap[SIFIVE_U_MROM].base, _space_memory);
-
-/* copy in the device tree */
-if (fdt_pack(s->fdt) || fdt_totalsize(s->fdt) >
-memmap[SIFIVE_U_MROM].size - sizeof(reset_vec)) {
-error_report("not enough space to store device-tree");
-exit(1);
-}
-qemu_fdt_dumpdtb(s->fdt, fdt_totalsize(s->fdt));
-rom_add_blob_fixed_as("mrom.fdt", s->fdt, fdt_totalsize(s->fdt),
-  memmap[SIFIVE_U_MROM].base + sizeof(reset_vec),
- 

[PATCH 0/3] Add OpenSBI dynamic firmware support

[Atish Patra]

This series adds support OpenSBI dynamic firmware support to Qemu.
Qemu loader passes the information about the DT and next stage (i.e. kernel
or U-boot) via "a2" register. It allows the user to build bigger OS images
without worrying about overwriting DT. It also unifies the reset vector code
in rom and dt placement. Now, the DT is copied directly in DRAM instead of ROM.

The changes have been verified on following qemu machines.

64bit:
 - spike, sifive_u, virt
32bit:
 - virt

I have also verified fw_jump on all the above platforms to ensure that this
series doesn't break the existing setup.

Atish Patra (3):
riscv: Unify Qemu's reset vector code path
RISC-V: Copy the fdt in dram instead of ROM
riscv: Add opensbi firmware dynamic support

hw/riscv/boot.c | 95 +
hw/riscv/sifive_u.c | 59 
hw/riscv/spike.c| 55 ---
hw/riscv/virt.c | 55 ---
include/hw/riscv/boot.h |  5 ++
include/hw/riscv/boot_opensbi.h | 58 
6 files changed, 223 insertions(+), 104 deletions(-)
create mode 100644 include/hw/riscv/boot_opensbi.h

--
2.26.2

[PATCH 2/3] RISC-V: Copy the fdt in dram instead of ROM

[Atish Patra]

Currently, the fdt is copied to the ROM after the reset vector. The firmware
has to copy it to DRAM. Instead of this, directly copy the device tree to a
pre-computed dram address. The device tree load address should be as far as
possible from kernel and initrd images. That's why it is kept at the end of
the DRAM or 4GB whichever is lesser.

Signed-off-by: Atish Patra 
---
 hw/riscv/boot.c | 45 ++---
 hw/riscv/sifive_u.c | 14 -
 hw/riscv/spike.c| 14 -
 hw/riscv/virt.c | 13 +++-
 include/hw/riscv/boot.h |  5 -
 5 files changed, 75 insertions(+), 16 deletions(-)

diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c
index 8ed96da600c9..0378b7f1bd58 100644
--- a/hw/riscv/boot.c
+++ b/hw/riscv/boot.c
@@ -160,25 +160,51 @@ hwaddr riscv_load_initrd(const char *filename, uint64_t 
mem_size,
 return *start + size;
 }
 
+hwaddr riscv_calc_fdt_load_addr(hwaddr dram_base, uint64_t mem_size, void *fdt)
+{
+hwaddr temp, fdt_addr;
+hwaddr dram_end = dram_base + mem_size;
+int fdtsize = fdt_totalsize(fdt);
+
+if (fdtsize <= 0) {
+error_report("invalid device-tree");
+exit(1);
+}
+/*
+ * We should put fdt as far as possible to avoid kernel/initrd overwriting
+ * its content. But it should be addressable by 32 bit system as well.
+ * Thus, put it at an aligned address that less than fdt size from end of
+ * dram or 4GB whichever is lesser.
+ */
+temp = MIN(dram_end, 4096 * MiB);
+fdt_addr = QEMU_ALIGN_DOWN(temp - fdtsize, 2 * MiB);
+
+return fdt_addr;
+}
+
 void riscv_setup_rom_reset_vec(hwaddr start_addr, hwaddr rom_base,
-   hwaddr rom_size, void *fdt)
+   hwaddr rom_size,
+   hwaddr fdt_load_addr, void *fdt)
 {
 int i;
 /* reset vector */
-uint32_t reset_vec[8] = {
-0x0297,  /* 1:  auipc  t0, %pcrel_hi(dtb) */
-0x02028593,  /* addi   a1, t0, %pcrel_lo(1b) */
+uint32_t reset_vec[10] = {
+0x0297,  /* 1:  auipc  t0, %pcrel_hi(fw_dyn) */
 0xf1402573,  /* csrr   a0, mhartid  */
 #if defined(TARGET_RISCV32)
+0x0202a583,  /* lw a1, 32(t0) */
 0x0182a283,  /* lw t0, 24(t0) */
 #elif defined(TARGET_RISCV64)
+0x0202b583,  /* ld a1, 32(t0) */
 0x0182b283,  /* ld t0, 24(t0) */
 #endif
 0x00028067,  /* jr t0 */
 0x,
 start_addr,  /* start: .dword */
 0x,
- /* dtb: */
+fdt_load_addr,   /* fdt_laddr: .dword */
+0x,
+ /* fw_dyn: */
 };
 
 /* copy in the reset vector in little_endian byte order */
@@ -189,14 +215,9 @@ void riscv_setup_rom_reset_vec(hwaddr start_addr, hwaddr 
rom_base,
   rom_base, _space_memory);
 
 /* copy in the device tree */
-if (fdt_pack(fdt) || fdt_totalsize(fdt) >
-rom_size - sizeof(reset_vec)) {
-error_report("not enough space to store device-tree");
-exit(1);
-}
 qemu_fdt_dumpdtb(fdt, fdt_totalsize(fdt));
-rom_add_blob_fixed_as("mrom.fdt", fdt, fdt_totalsize(fdt),
-   rom_base + sizeof(reset_vec),
+
+rom_add_blob_fixed_as("fdt", fdt, fdt_totalsize(fdt), fdt_load_addr,
_space_memory);
 
 return;
diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
index c2712570e0d9..1a1540c7f98d 100644
--- a/hw/riscv/sifive_u.c
+++ b/hw/riscv/sifive_u.c
@@ -31,6 +31,7 @@
  */
 
 #include "qemu/osdep.h"
+#include "qemu/units.h"
 #include "qemu/log.h"
 #include "qemu/error-report.h"
 #include "qapi/error.h"
@@ -325,6 +326,7 @@ static void sifive_u_machine_init(MachineState *machine)
 MemoryRegion *main_mem = g_new(MemoryRegion, 1);
 MemoryRegion *flash0 = g_new(MemoryRegion, 1);
 target_ulong start_addr = memmap[SIFIVE_U_DRAM].base;
+hwaddr fdt_load_addr;
 
 /* Initialize SoC */
 object_initialize_child(OBJECT(machine), "soc", >soc,
@@ -369,13 +371,23 @@ static void sifive_u_machine_init(MachineState *machine)
 }
 }
 
+/* Compute the fdt load address in dram */
+fdt_load_addr = riscv_calc_fdt_load_addr(memmap[SIFIVE_U_DRAM].base,
+ machine->ram_size, s->fdt);
+
+if (fdt_load_addr >= (memmap[SIFIVE_U_DRAM].base + machine->ram_size)) {
+error_report("Not enough space for FDT after kernel + initrd");
+exit(1);
+ }
+
 if (s->start_in_flash) {
 start_addr = memmap[SIFIVE_U_FLASH0].base;
 }
 
 /* load the reset vector */
 riscv_setup_rom_reset_vec(start_addr, 

[PATCH 3/3] riscv: Add opensbi firmware dynamic support

[Atish Patra]

OpenSBI is the default firmware in Qemu and has various firmware loading
options. Currently, qemu loader uses fw_jump which has a compile time
pre-defined address where fdt & kernel image must reside. This puts a
constraint on image size of the Linux kernel depending on the fdt location
and available memory. However, fw_dynamic allows the loader to specify
the next stage location (i.e. Linux kernel/U-boot) in memory and other
configurable boot options available in OpenSBI.

Add support for OpenSBI dynamic firmware loading support. This doesn't
break existing setup and fw_jump will continue to work as it is. Any
other firmware will continue to work without any issues as long as it
doesn't expect anything specific from loader in "a2" register.

Signed-off-by: Atish Patra 
---
 hw/riscv/boot.c | 32 --
 hw/riscv/sifive_u.c | 11 +--
 hw/riscv/spike.c| 11 +--
 hw/riscv/virt.c | 11 +--
 include/hw/riscv/boot.h |  2 +-
 include/hw/riscv/boot_opensbi.h | 58 +
 6 files changed, 116 insertions(+), 9 deletions(-)
 create mode 100644 include/hw/riscv/boot_opensbi.h

diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c
index 0378b7f1bd58..47530f2732cf 100644
--- a/hw/riscv/boot.c
+++ b/hw/riscv/boot.c
@@ -26,6 +26,7 @@
 #include "hw/boards.h"
 #include "hw/loader.h"
 #include "hw/riscv/boot.h"
+#include "hw/riscv/boot_opensbi.h"
 #include "elf.h"
 #include "sysemu/device_tree.h"
 #include "sysemu/qtest.h"
@@ -34,8 +35,10 @@
 
 #if defined(TARGET_RISCV32)
 # define KERNEL_BOOT_ADDRESS 0x8040
+#define fw_dynamic_info_data(__val) cpu_to_le32(__val)
 #else
 # define KERNEL_BOOT_ADDRESS 0x8020
+#define fw_dynamic_info_data(__val) cpu_to_le64(__val)
 #endif
 
 void riscv_find_and_load_firmware(MachineState *machine,
@@ -183,13 +186,25 @@ hwaddr riscv_calc_fdt_load_addr(hwaddr dram_base, 
uint64_t mem_size, void *fdt)
 }
 
 void riscv_setup_rom_reset_vec(hwaddr start_addr, hwaddr rom_base,
-   hwaddr rom_size,
+   hwaddr rom_size, uint64_t kernel_entry,
hwaddr fdt_load_addr, void *fdt)
 {
 int i;
+struct fw_dynamic_info dinfo;
+uint64_t dinfo_len;
+
+dinfo.magic = fw_dynamic_info_data(FW_DYNAMIC_INFO_MAGIC_VALUE);
+dinfo.version =  fw_dynamic_info_data(FW_DYNAMIC_INFO_VERSION);
+dinfo.next_mode = fw_dynamic_info_data(FW_DYNAMIC_INFO_NEXT_MODE_S);
+dinfo.next_addr = fw_dynamic_info_data(kernel_entry);
+dinfo.options = 0;
+dinfo.boot_hart = 0;
+dinfo_len = sizeof(dinfo);
+
 /* reset vector */
 uint32_t reset_vec[10] = {
 0x0297,  /* 1:  auipc  t0, %pcrel_hi(fw_dyn) */
+0x02828613,  /* addi   a2, t0, %pcrel_lo(1b) */
 0xf1402573,  /* csrr   a0, mhartid  */
 #if defined(TARGET_RISCV32)
 0x0202a583,  /* lw a1, 32(t0) */
@@ -199,7 +214,6 @@ void riscv_setup_rom_reset_vec(hwaddr start_addr, hwaddr 
rom_base,
 0x0182b283,  /* ld t0, 24(t0) */
 #endif
 0x00028067,  /* jr t0 */
-0x,
 start_addr,  /* start: .dword */
 0x,
 fdt_load_addr,   /* fdt_laddr: .dword */
@@ -214,6 +228,20 @@ void riscv_setup_rom_reset_vec(hwaddr start_addr, hwaddr 
rom_base,
 rom_add_blob_fixed_as("mrom.reset", reset_vec, sizeof(reset_vec),
   rom_base, _space_memory);
 
+/**
+ * copy the dynamic firmware info. This information is specific to
+ * OpenSBI but doesn't break any other firmware as long as they don't
+ * expect any certain value in "a2" register.
+ */
+if (fdt_pack(fdt) || fdt_totalsize(fdt) >
+rom_size - dinfo_len) {
+error_report("not enough space to store device-tree");
+exit(1);
+}
+
+rom_add_blob_fixed_as("mrom.finfo", , dinfo_len,
+   rom_base + sizeof(reset_vec),
+   _space_memory);
 /* copy in the device tree */
 qemu_fdt_dumpdtb(fdt, fdt_totalsize(fdt));
 
diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
index 1a1540c7f98d..11b8814b9240 100644
--- a/hw/riscv/sifive_u.c
+++ b/hw/riscv/sifive_u.c
@@ -327,6 +327,7 @@ static void sifive_u_machine_init(MachineState *machine)
 MemoryRegion *flash0 = g_new(MemoryRegion, 1);
 target_ulong start_addr = memmap[SIFIVE_U_DRAM].base;
 hwaddr fdt_load_addr;
+uint64_t kernel_entry;
 
 /* Initialize SoC */
 object_initialize_child(OBJECT(machine), "soc", >soc,
@@ -356,7 +357,7 @@ static void sifive_u_machine_init(MachineState *machine)
  memmap[SIFIVE_U_DRAM].base, NULL);
 
 if (machine->kernel_filename) {
-uint64_t kernel_entry = riscv_load_kernel(machine->kernel_filename,
+  

Re: [PATCH] hw/acpi: specify 64-bit acpi table

[Jason A. Donenfeld]

> > increment the revision to '2' so that these larger addresses are
> > addressable. This matters because the DSDT revision represents the
> > maximum capability of all other SSDTs. This is also what arm does.
> it was keept at 1 for compat reasons with WindowsXP.
> by now it is long time EOL, so it might be fine to bump version,
> but it would be nice to know if this change breaks XP or not?

I just installed Windows XP twice, once without the patch and once
with the patch. The command line I used for this was:

qemu-system-x86_64 -m 3G -cpu host -enable-kvm -M pc-1.0 -drive file=disk.qcow
2 -cdrom en_windows_xp_professional_with_service_pack_3_x86_cd_vl_x14-73974.iso

Aside from the nostalgia being completely overwhelming, both installs
were successful, and I was greeted with the terrific bliss.bmp
background.

Re: [PATCH v2] target/arm: Implement SVE2 fp convert precision

[Richard Henderson]

On 4/30/20 6:28 AM, Stephen Long wrote:
> Implements FCVTLT, FCVTX, FCVTNT, FCVTXNT
> 
> Signed-off-by: Stephen Long 
> ---
> 
> Fixed a compilation error and collapsed the translation functions with a
> macro.
> 
>> Ignore my previous patchset. I missed the insn FCVTX and I ended up
>> squashing those commits into this one. At the moment, I'm working on a
>> patch for the SVE2 bitwise shift by imm insns.

Having missed this just a minute ago, I squashed FCVTX into the adjusted v1
patch for FCVTXNT, using do_frint_mode.


r~

[PATCH 0/1] configure: prefer python's sphinx module

[John Snow]

Hi, this is a followup to my patch which attempted to prefer
'sphinx-build' to 'sphinx-build-3' which intended to prefer a VENV
installation of sphinx over Fedora's system installation.

That got confusing, though, so here's something that's simpler and
better: use python to invoke sphinx so we don't have to worry about
python/sphinx version mismatches.

This should essentially always DTRT. In cases where a specific sphinx is
preferred, you would use a virtual environment with sphinx installed and
configure QEMU with e.g. --python /path/to/my/venv/python35

John Snow (1):
  configure: prefer python's sphinx module

 docs/system/deprecated.rst | 19 +++
 configure  | 20 +---
 2 files changed, 28 insertions(+), 11 deletions(-)

-- 
2.21.3

[PATCH 1/1] configure: prefer python's sphinx module

[John Snow]

Using an explicit entry path script for sphinx can lead to confusing
results: If the python binary belongs to a virtual environment, our
configure script may still select a sphinx script that belongs to the
system distribution packages.

It is likely best to use python itself (whichever one the user provides)
to resolve the sphinx script. This has a few benefits:

1. It will always be Python 3. Script entry points like 'sphinx-build'
might attempt to invoke python2 -- or indeed, any version of python that
the user did not specify with --python.

2. When using a user installation of sphinx, it will naturally prefer
that version.

3. When using a virtual environment, it will naturally prefer that
version.

4. Removing explicit python script entry points gives us greater control
within the QEMU build ecosystem; we can be confident we are respecting
the user's --python configuration, if any.

It's my hope that this will make it simpler to integrate some optional
pipenv functionality into the build for adding regression testing to our
python module -- by offloading more of the python environment
configuration and testing directly to the python tooling ecosystem.

This would, ideally, free us up to use more modern python packages not
always offered in older system distributions. (For instance, we already
violate this requirement with sphinx, which does not have the necessary
versions in our oldest build platforms.)

Signed-off-by: John Snow 
---
 docs/system/deprecated.rst | 19 +++
 configure  | 20 +---
 2 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
index 544ece0a45e..a762a8c8043 100644
--- a/docs/system/deprecated.rst
+++ b/docs/system/deprecated.rst
@@ -17,6 +17,25 @@ they were first deprecated in the 2.10.0 release.
 What follows is a list of all features currently marked as
 deprecated.
 
+Configure script options
+
+
+``--sphinx-build=`` (since 5.1)
+'''
+
+The ``--sphinx-build`` option to select a specific sphinx-build entry
+point is replaced by configuring Python accordingly. QEMU will now
+default to using ``$python -m sphinx`` to use Python's preferred version
+of sphinx.
+
+Python will generally default to preferring user packages installed with
+``pip install --user`` first, and system distribution packages
+second. By specifying a custom Python binary or activating a virtual
+environment, Python will alter its module search behavior. As a last
+resort, the PYTHONPATH environment variable can be modified to specify
+an explicit directory.
+
+
 System emulator command line arguments
 --
 
diff --git a/configure b/configure
index b01b5e3bed0..e04b9d836ee 100755
--- a/configure
+++ b/configure
@@ -932,16 +932,6 @@ do
 fi
 done
 
-sphinx_build=
-for binary in sphinx-build-3 sphinx-build
-do
-if has "$binary"
-then
-sphinx_build=$(command -v "$binary")
-break
-fi
-done
-
 # Check for ancillary tools used in testing
 genisoimage=
 for binary in genisoimage mkisofs
@@ -1014,7 +1004,9 @@ for opt do
   ;;
   --python=*) python="$optarg"
   ;;
-  --sphinx-build=*) sphinx_build="$optarg"
+  --sphinx-build=*)
+  sphinx_build="$optarg"
+  echo "--sphinx-build is deprecated. QEMU uses the specified python's 
sphinx module."
   ;;
   --gcov=*) gcov_tool="$optarg"
   ;;
@@ -4996,6 +4988,12 @@ has_sphinx_build() {
 "$TMPDIR1/sphinx/out"  >> config.log 2>&1
 }
 
+# While we support --sphinx-build, defer to that.
+# Otherwise, use the module execution feature of Python.
+if ! has $sphinx_build; then
+sphinx_build="$python -m sphinx"
+fi
+
 # Check if tools are available to build documentation.
 if test "$docs" != "no" ; then
   if has_sphinx_build; then
-- 
2.21.3

Re: [PATCH RFC 0/3] target/arm: Implement SVE2 fp conversion

[Richard Henderson]

On 4/28/20 10:43 AM, Stephen Long wrote:
> The only insn left in this category is BFCVTNT. I couldn't find any
> helper functions for bfloats so I'm not sure how to approach this insn.
> 
> Also, for insn FCVTXNT, I'm not sure if it is ok to set the status rounding
> mode to odd like that.
> 
> Stephen Long (3):
>   target/arm: Implement SVE2 FCVTNT
>   target/arm: Implement SVE2 FCVTLT
>   target/arm: Implement SVE2 FCVTXNT

Queued, with the change to the third patch as mentioned.


r~

Re: [PATCH RFC 3/3] target/arm: Implement SVE2 FCVTXNT

[Richard Henderson]

On 4/28/20 10:43 AM, Stephen Long wrote:
> +void HELPER(sve2_fcvtxnt)(void *vd, void *vn, void *vg,
> +  void *status, uint32_t desc)
> +{
> +set_float_rounding_mode(float_round_to_odd, status);
> +HELPER(sve2_fcvtnt_ds)(vd, vn, vg, status, desc);
> +}

This is incorrect, as it leaves the rounding mode set to odd.

I've adjusted trans_FCVTXNT to the existing do_frint_mode, which handles
switching to and back from a fixed rounding mode.


r~

Re: [PATCH] hw/acpi: specify 64-bit acpi table

[Jason A. Donenfeld]

On Tue, Jun 16, 2020 at 2:16 AM Igor Mammedov  wrote:
> On Mon, 15 Jun 2020 18:36:54 -0600
> "Jason A. Donenfeld"  wrote:
> > SSDTs cannot address 64-bit physical addresses in 32-bit tables, so we
> please clarify what accesses waht within tables (i.e. be more concrete).

If you add an ssdt or a custom_method in, say, Linux, your additional
methods are limited to 32-bit address space. For example, this is
invalid in current qemu:

DefinitionBlock ("blah.aml", "SSDT", 2, "", "", 0x1001) {
  OperationRegion (BLAH, SystemMemory, 0x1, 1)

But it becomes valid when applying this patch.