[RFC PATCH] gitlab-ci.yml: Speed up CI by using "meson test --no-rebuild"

2021-01-23 Thread Thomas Huth
Currently, our check-system-* jobs are recompiling the whole sources
again. This happens due to the fact that the jobs are checking out
the whole source tree and required submodules again, and only try
to use the "build" directory with the binaries and object files
as an artifact from the previous stage - which simply does not work
anymore (with the current version of meson). Due to some changed
time stamps, meson is always trying to rebuild the whole tree.

To fix this problem, use "meson test --no-rebuild" instead of
"make check" to avoid rebuilding all binaries every time. This
saves ca. 15 - 20 minutes of precious CI cycles in each run.

Signed-off-by: Thomas Huth 
---
 Marked as "RFC" since I'm not quite sure whether "meson test" has
 the same test coverage as "make check"... Paolo?

 .gitlab-ci.yml | 41 ++---
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index de3a3d25b5..c9fb11c325 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -34,6 +34,19 @@ include:
 make -j"$JOBS" $MAKE_CHECK_ARGS ;
   fi
 
+.native_meson_test_job:
+  stage: test
+  image: $CI_REGISTRY_IMAGE/qemu/$IMAGE:latest
+  script:
+- cd build
+- touch *
+- make git-submodule-update
+- if [ -x ../meson/meson.py ]; then
+  ../meson/meson.py test --no-rebuild -t 5 $MESON_TEST_ARGS ;
+  else
+  meson test --no-rebuild -t 5 $MESON_TEST_ARGS ;
+  fi
+
 .native_test_job_template: _test_job_definition
   stage: test
   image: $CI_REGISTRY_IMAGE/qemu/$IMAGE:latest
@@ -83,17 +96,15 @@ build-system-alpine:
   artifacts:
 expire_in: 2 days
 paths:
-  - .git-submodule-status
   - build
 
 check-system-alpine:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-system-alpine
   artifacts: true
   variables:
 IMAGE: alpine
-MAKE_CHECK_ARGS: check
 
 acceptance-system-alpine:
   <<: *native_test_job_definition
@@ -118,13 +129,12 @@ build-system-ubuntu:
   - build
 
 check-system-ubuntu:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-system-ubuntu
   artifacts: true
   variables:
 IMAGE: ubuntu2004
-MAKE_CHECK_ARGS: check
 
 acceptance-system-ubuntu:
   <<: *native_test_job_definition
@@ -149,13 +159,12 @@ build-system-debian:
   - build
 
 check-system-debian:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-system-debian
   artifacts: true
   variables:
 IMAGE: debian-amd64
-MAKE_CHECK_ARGS: check
 
 # No targets are built here, just tools, docs, and unit tests. This
 # also feeds into the eventual documentation deployment steps later
@@ -194,13 +203,12 @@ build-system-fedora:
   - build
 
 check-system-fedora:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-system-fedora
   artifacts: true
   variables:
 IMAGE: fedora
-MAKE_CHECK_ARGS: check
 
 acceptance-system-fedora:
   <<: *native_test_job_definition
@@ -226,13 +234,12 @@ build-system-centos:
   - build
 
 check-system-centos:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-system-centos
   artifacts: true
   variables:
 IMAGE: centos8
-MAKE_CHECK_ARGS: check
 
 acceptance-system-centos:
   <<: *native_test_job_definition
@@ -256,13 +263,12 @@ build-system-opensuse:
   - build
 
 check-system-opensuse:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-system-opensuse
   artifacts: true
   variables:
 IMAGE: opensuse-leap
-MAKE_CHECK_ARGS: check
 
 acceptance-system-opensuse:
<<: *native_test_job_definition
@@ -525,13 +531,12 @@ build-crypto-old-nettle:
   - build
 
 check-crypto-old-nettle:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-crypto-old-nettle
   artifacts: true
   variables:
 IMAGE: centos7
-MAKE_CHECK_ARGS: check
 
 
 build-crypto-old-gcrypt:
@@ -546,13 +551,12 @@ build-crypto-old-gcrypt:
   - build
 
 check-crypto-old-gcrypt:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-crypto-old-gcrypt
   artifacts: true
   variables:
 IMAGE: centos7
-MAKE_CHECK_ARGS: check
 
 
 build-crypto-only-gnutls:
@@ -567,13 +571,12 @@ build-crypto-only-gnutls:
   - build
 
 check-crypto-only-gnutls:
-  <<: *native_test_job_definition
+  extends: .native_meson_test_job
   needs:
 - job: build-crypto-only-gnutls
   artifacts: true
   variables:
 IMAGE: centos7
-MAKE_CHECK_ARGS: check
 
 # We don't need to exercise every backend with every front-end
 build-trace-multi-user:
-- 
2.27.0




[Bug 1893040] Re: External modules retreval using Go1.15 on s390x appears to have checksum and ECDSA verification issues

2021-01-23 Thread Thomas Huth
** Changed in: qemu
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1893040

Title:
   External modules retreval using Go1.15 on s390x appears to have
  checksum and ECDSA verification issues

Status in QEMU:
  Incomplete

Bug description:
  We are observing issue while building go-runner image and we suspect it is 
due to QEMU version being used. As referred in below issue:
  https://github.com/golang/go/issues/40949

  We tried to build go-runner image using go1.15 and register QEMU
  (docker run --rm --privileged multiarch/qemu-user-
  static@sha256:c772ee1965aa0be9915ee1b018a0dd92ea361b4fa1bcab5bbc033517749b2af4
  --reset -p yes) as mentioned in PR
  https://github.com/kubernetes/release/pull/1499. We observed below
  failure during build:

  
-
  ERROR: executor failed running [/bin/sh -c CGO_ENABLED=0 GOOS=linux 
GOARCH=${ARCH} go build -ldflags '-s -w -buildid= -extldflags "-static"'
 -o go-runner ${package}]: buildkit-runc did not terminate successfully
  --
   > [builder 7/7] RUN CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build 
-ldflags '-s -w -buildid= -extldflags "-static"' -o go-runner .:
  --
  failed to solve: rpc error: code = Unknown desc = executor failed running 
[/bin/sh -c CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -ldflags '-s 
-w -buildid= -extldflags "-static"' -o go-runner ${package}]: buildkit-runc 
did not terminate successfully
  Makefile:52: recipe for target 'container' failed
  make: *** [container] Error 1
  
-

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1893040/+subscriptions



[Bug 1886793] Re: "go install" command fails while running inside s390x docker container on x86_64 host using qemu

2021-01-23 Thread Thomas Huth
** Changed in: qemu
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1886793

Title:
  "go install" command fails while running inside s390x docker container
  on x86_64 host using qemu

Status in QEMU:
  Incomplete

Bug description:
  Steps to reproduce the issue:

  Register x86_64 host with the latest qemu-user-static.
  docker run --rm --privileged multiarch/qemu-user-static --reset -p yes

  Build the following Docker Image using following Dockerfile.s390x
  using command docker build -t test/crossbuild:latest-s390x -f
  Dockerfile.s390x .

  Dockerfile.s390x

  ##
  FROM alpine:3.11 as qemu
  ARG QEMU_VERSION=5.0.0-2
  ARG QEMU_ARCHS="s390x"
  RUN apk --update add curl
  #Enable non-native runs on amd64 architecture hosts
  RUN for i in ${QEMU_ARCHS}; do curl -L 
https://github.com/multiarch/qemu-user-static/releases/download/v${QEMU_VERSION}/qemu-${i}-static.tar.gz
 | tar zxvf - -C /usr/bin; done
  RUN chmod +x /usr/bin/qemu-*

  FROM s390x/golang:1.14.2-alpine3.11
  MAINTAINER LoZ Open Source Ecosystem 
(https://www.ibm.com/developerworks/community/groups/community/lozopensource)

  ARG MANIFEST_TOOL_VERSION=v1.0.2

  #Enable non-native builds of this image on an amd64 hosts.
  #This must be the first RUN command in this file!
  COPY --from=qemu /usr/bin/qemu-*-static /usr/bin/

  #Install su-exec for use in the entrypoint.sh (so processes run as the right 
user)
  #Install bash for the entry script (and because it's generally useful)
  #Install curl to download glide
  #Install git for fetching Go dependencies
  #Install ssh for fetching Go dependencies
  #Install mercurial for fetching go dependencies
  #Install wget since it's useful for fetching
  #Install make for building things
  #Install util-linux for column command (used for output formatting).
  #Install grep and sed for use in some Makefiles (e.g. pulling versions out of 
glide.yaml)
  #Install shadow for useradd (it allows to use big UID)
  RUN apk update && apk add --no-cache su-exec curl bash git openssh mercurial 
make wget util-linux tini file grep sed shadow
  RUN apk upgrade --no-cache

  #Disable ssh host key checking
  RUN echo 'Host *' >> /etc/ssh/ssh_config \
    && echo 'StrictHostKeyChecking no' >> /etc/ssh/ssh_config

  #Disable cgo so that binaries we build will be fully static.
  ENV CGO_ENABLED=0

  #Recompile the standard library with cgo disabled.  This prevents the 
standard library from being
  #marked stale, causing full rebuilds every time.
  RUN go install -v std

  #Install glide
  RUN go get github.com/Masterminds/glide
  ENV GLIDE_HOME /home/user/.glide

  #Install dep
  RUN go get github.com/golang/dep/cmd/dep

  #Install ginkgo CLI tool for running tests
  RUN go get github.com/onsi/ginkgo/ginkgo

  #Install linting tools.
  RUN wget -O - -q 
https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s 
v1.20.0
  RUN golangci-lint --version

  #Install license checking tool.
  RUN go get github.com/pmezard/licenses

  #Install tool to merge coverage reports.
  RUN go get github.com/wadey/gocovmerge

  #Install CLI tool for working with yaml files
  RUN go get github.com/mikefarah/yaml

  #Delete all the Go sources that were downloaded, we only rely on the binaries
  RUN rm -rf /go/src/*

  #Install vgo (should be removed once we take Go 1.11)
  RUN go get -u golang.org/x/vgo

  #Ensure that everything under the GOPATH is writable by everyone
  RUN chmod -R 777 $GOPATH

  RUN curl -sSL 
https://github.com/estesp/manifest-tool/releases/download/${MANIFEST_TOOL_VERSION}/manifest-tool-linux-s390x
 > manifest-tool && \
  chmod +x manifest-tool && \
  mv manifest-tool /usr/bin/

  COPY entrypoint.sh /usr/local/bin/entrypoint.sh
  ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/entrypoint.sh"]
  ##

  
  The build just hangs at RUN go install -v std


  Also, while running the same command inside s390x container on x86_64
  host, error Illegal instruction (core dumped) is thrown.

  Register x86_64 host with the latest qemu-user-static.
  docker run --rm --privileged multiarch/qemu-user-static --reset -p yes

  docker run -it -v /home/test/qemu-s390x-static:/usr/bin/qemu-s390x-
  static s390x/golang:1.14.2-alpine3.11

  Inside s390x container:

  apk update && apk add --no-cache su-exec curl bash git openssh mercurial make 
wget util-linux tini file grep sed shadow
  apk upgrade --no-cache

  #Disable cgo so that binaries we build will be fully static.
  export CGO_ENABLED=0
  go install -v std

  
  This gives the following error:
  Illegal instruction (core dumped)

  
  Environment:
  x86_64 Ub18.04 4.15.0-101-generic Ubuntu SMP x86_64 GNU/Linux

  QEMU user static version: 5.0.0-2

  Container application: Docker

  Client: Docker Engine - Community
  

Re: [PATCH] target/ppc: Fix truncation of env->hflags

2021-01-23 Thread David Gibson
On Sat, Jan 23, 2021 at 05:24:22PM -1000, Richard Henderson wrote:
> Use the cs_base field, because it happens to be the same
> size as hflags (and MSR, from which hflags is derived).
> 
> In translate, extract most bits from a local hflags variable.
> Mark several cases where code generation is *not* derived from
> data stored within the hashed elements of the TranslationBlock.

My knowledge of TCG isn't great, so I'm pretty much prepared to accept
this is correct on your say so.

But that commit message feels like it's following on from a
conversation that's not here, nor linked.  It'd be great if it
explained how said hflags truncation is happening, because it's
certainly not obvious to someone with only a fair to middling
understanding of TCG.


> Cc: David Gibson 
> Reported-by: Ivan Warren 
> Signed-off-by: Richard Henderson 
> ---
>  target/ppc/cpu.h   |  4 +--
>  target/ppc/translate.c | 64 --
>  2 files changed, 26 insertions(+), 42 deletions(-)
> 
> diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
> index 2609e4082e..4a05e4e544 100644
> --- a/target/ppc/cpu.h
> +++ b/target/ppc/cpu.h
> @@ -2396,8 +2396,8 @@ static inline void cpu_get_tb_cpu_state(CPUPPCState 
> *env, target_ulong *pc,
>  target_ulong *cs_base, uint32_t 
> *flags)
>  {
>  *pc = env->nip;
> -*cs_base = 0;
> -*flags = env->hflags;
> +*cs_base = env->hflags;
> +*flags = 0;
>  }
>  
>  void QEMU_NORETURN raise_exception(CPUPPCState *env, uint32_t exception);
> diff --git a/target/ppc/translate.c b/target/ppc/translate.c
> index 0984ce637b..1eb2e1b0c6 100644
> --- a/target/ppc/translate.c
> +++ b/target/ppc/translate.c
> @@ -7879,47 +7879,37 @@ static void 
> ppc_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
>  {
>  DisasContext *ctx = container_of(dcbase, DisasContext, base);
>  CPUPPCState *env = cs->env_ptr;
> +target_ulong hflags = ctx->base.tb->cs_base;
>  int bound;
>  
>  ctx->exception = POWERPC_EXCP_NONE;
>  ctx->spr_cb = env->spr_cb;
> -ctx->pr = msr_pr;
> +ctx->pr = (hflags >> MSR_PR) & 1;
>  ctx->mem_idx = env->dmmu_idx;
> -ctx->dr = msr_dr;
> -#if !defined(CONFIG_USER_ONLY)
> -ctx->hv = msr_hv || !env->has_hv_mode;
> +ctx->dr = (hflags >> MSR_DR) & 1;
> +#if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY)
> +ctx->hv = (hflags >> MSR_HV) & 1;
>  #endif
>  ctx->insns_flags = env->insns_flags;
>  ctx->insns_flags2 = env->insns_flags2;
>  ctx->access_type = -1;
>  ctx->need_access_type = !mmu_is_64bit(env->mmu_model);
> -ctx->le_mode = !!(env->hflags & (1 << MSR_LE));
> +ctx->le_mode = (hflags >> MSR_LE) & 1;
>  ctx->default_tcg_memop_mask = ctx->le_mode ? MO_LE : MO_BE;
>  ctx->flags = env->flags;
>  #if defined(TARGET_PPC64)
> -ctx->sf_mode = msr_is_64bit(env, env->msr);
> +ctx->sf_mode = (hflags >> MSR_SF) & 1;
>  ctx->has_cfar = !!(env->flags & POWERPC_FLAG_CFAR);
>  #endif
>  ctx->lazy_tlb_flush = env->mmu_model == POWERPC_MMU_32B
>  || env->mmu_model == POWERPC_MMU_601
>  || env->mmu_model & POWERPC_MMU_64;
>  
> -ctx->fpu_enabled = !!msr_fp;
> -if ((env->flags & POWERPC_FLAG_SPE) && msr_spe) {
> -ctx->spe_enabled = !!msr_spe;
> -} else {
> -ctx->spe_enabled = false;
> -}
> -if ((env->flags & POWERPC_FLAG_VRE) && msr_vr) {
> -ctx->altivec_enabled = !!msr_vr;
> -} else {
> -ctx->altivec_enabled = false;
> -}
> -if ((env->flags & POWERPC_FLAG_VSX) && msr_vsx) {
> -ctx->vsx_enabled = !!msr_vsx;
> -} else {
> -ctx->vsx_enabled = false;
> -}
> +ctx->fpu_enabled = (hflags >> MSR_FP) & 1;
> +ctx->spe_enabled = (hflags >> MSR_SPE) & 1;
> +ctx->altivec_enabled = (hflags >> MSR_VR) & 1;
> +ctx->vsx_enabled = (hflags >> MSR_VSX) & 1;
> +/* FIXME: This needs to be stored in env->hflags_nmsr. */
>  if ((env->flags & POWERPC_FLAG_SCV)
>  && (env->spr[SPR_FSCR] & (1ull << FSCR_SCV))) {
>  ctx->scv_enabled = true;
> @@ -7927,23 +7917,21 @@ static void 
> ppc_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
>  ctx->scv_enabled = false;
>  }
>  #if defined(TARGET_PPC64)
> -if ((env->flags & POWERPC_FLAG_TM) && msr_tm) {
> -ctx->tm_enabled = !!msr_tm;
> -} else {
> -ctx->tm_enabled = false;
> -}
> +ctx->tm_enabled = (hflags >> MSR_TM) & 1;
>  #endif
> +/* FIXME: This needs to be stored in env->hflags_nmsr. */
>  ctx->gtse = !!(env->spr[SPR_LPCR] & LPCR_GTSE);
> -if ((env->flags & POWERPC_FLAG_SE) && msr_se) {
> -ctx->singlestep_enabled = CPU_SINGLE_STEP;
> -} else {
> -ctx->singlestep_enabled = 0;
> -}
> -if ((env->flags & POWERPC_FLAG_BE) && msr_be) {
> -ctx->singlestep_enabled |= CPU_BRANCH_STEP;
> -}
> -if ((env->flags & POWERPC_FLAG_DE) && msr_de) {
> +
> +

[Bug 1745354] Re: CDOS ps/2 mouse problem

2021-01-23 Thread Launchpad Bug Tracker
[Expired for QEMU because there has been no activity for 60 days.]

** Changed in: qemu
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1745354

Title:
  CDOS ps/2 mouse problem

Status in QEMU:
  Expired

Bug description:
  Qemu v2.10.2 (also tested with 2.11.0)
  Host OS : CentOS 7 x86_64 (1708)
  Guest OS : Concurrent DOS 386 3.0 (with GEM)

  There is my launch command : 
  /usr/local/bin/qemu-system-i386 -m 4m -cpu 486 -hda /home/my_user/HDD.img 
-vga std

  When I'm launching the guest, it is not responding after focusing in
  the viewer. I think this is due to the ps/2 emulation because when I
  add "-usb -device usb-mouse" in my command I don't have this issue
  (but in this case, mouse is not supported by CDOS).

  I tested with an older version of Qemu (0.11) which uses the Bochs
  bios (instead of SeaBios in newer versions), and I don't have this
  issue either.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1745354/+subscriptions



[Bug 1752646] Re: Freezing VNC screen on some the UEFI framebuffer applications

2021-01-23 Thread Launchpad Bug Tracker
[Expired for QEMU because there has been no activity for 60 days.]

** Changed in: qemu
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1752646

Title:
  Freezing VNC screen on some the UEFI framebuffer applications

Status in QEMU:
  Expired

Bug description:
  Hi folks!

  I use TianCore (UEFI) formware on the qemu (master version last commit 
a6e0344).
  When kernel/linux is start, it using UEFI Framebuffer. Then I run UEFI 
application (which writes directly to the framebuffer) my VNS screen is 
freezing. Then I restart vnclient I see only one frame.

  When I run application, I getting in the file hw/display/vga.c on
  function 'vga_ioport_write' some commands, it change "s->ar_index"
  from 0x20 -> 0x10

  In the function vga_update_display:
  1751 if (!(s->ar_index & 0x20)) {
  1752 graphic_mode = GMODE_BLANK;
  1753 } else {

  And I got GMODE_BLANK mode. If I patch it:
  1751 if (0) {

  my VNC not freezing.

  From "Hardware Level VGA and SVGA Video Programming Information Page"
  I saw, what ar_index is 0x3C0 (Attribute Controller Data Write
  Register), 0x20(5-bit) is PAS -- Palette Address Source

  If there is a output via the UEFI framebuffer, does the difference
  have a PAS or not? Why do we need to pause the output if the PAS is
  exposed? Especially when the application outputs via framebuffer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1752646/+subscriptions



[Bug 1774853] Re: claims temp file is used by another process

2021-01-23 Thread Launchpad Bug Tracker
[Expired for QEMU because there has been no activity for 60 days.]

** Changed in: qemu
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1774853

Title:
  claims temp file is used by another process

Status in QEMU:
  Expired

Bug description:
  QEMU emulator version 2.12.50 (v2.12.0-12378-g99a34dc4d2-dirty)

  "c:\Program Files\qemu\qemu-system-x86_64.exe" -net none -parallel none -bios 
OVMF.fd -L . -hda fat:rw:image
  vvfat image chs 1024,16,63
  c:\Program Files\qemu\qemu-system-x86_64.exe: -hda fat:rw:image: Could not 
open 'C:\Users\tsiros\AppData\Local\Temp\qem5B92.tmp': The process cannot 
access the file because it is being used by another process.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1774853/+subscriptions



[Bug 1777786] Re: virtio-gpu-3d.c: change virtio_gpu_fence_poll timer scale

2021-01-23 Thread Launchpad Bug Tracker
[Expired for QEMU because there has been no activity for 60 days.]

** Changed in: qemu
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/186

Title:
  virtio-gpu-3d.c: change virtio_gpu_fence_poll timer scale

Status in QEMU:
  Expired

Bug description:
  We use virtio-gpu to accelerate Unigine Heaven Benchmark in VM. But we get 
only 5 FPS when we use AMD RX460 in our host.
  We found that guest os spent a lot of time in waiting for the return of 
glMapBufferRange/glUnmapBuffer commad. We suspected the host GPU was waiting 
for fence. So we finally change the timer of fence_poll. Afer change timer from
   ms to us, Benchmark result raise up to 22 FPS.

  From a4003af5c4fe92d55353f42767d0c45de95bb78f Mon Sep 17 00:00:00 2001
  From: chen wei 
  Date: Fri, 8 Jun 2018 17:34:45 +0800
  Subject: [PATCH] virtio-gpu:improve 3d performance greatly

opengl function need fence support.when CPU execute opengl function, it 
need wait fence for synchronize GPU.
  so qemu must deal with fence timely as possible. but now the expire time of 
the timer to deal with fence is 10 ms.
  I think it is too long for opengl. So i will change it to 20 ns.
Before change, when i play Unigine_Heaven 3d game with virglrenderer, the 
fps is 3.  atfer change the fps up to 23.

  Signed-off-by: chen wei   
  Signed-off-by: wang qiang 
  ---
   hw/display/virtio-gpu-3d.c | 4 ++--
   1 file changed, 2 insertions(+), 2 deletions(-)

  diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
  index 3558f38..c0a5d21 100644
  --- a/hw/display/virtio-gpu-3d.c
  +++ b/hw/display/virtio-gpu-3d.c
  @@ -582,7 +582,7 @@ static void virtio_gpu_fence_poll(void *opaque)
   virgl_renderer_poll();
   virtio_gpu_process_cmdq(g);
   if (!QTAILQ_EMPTY(>cmdq) || !QTAILQ_EMPTY(>fenceq)) {
  -timer_mod(g->fence_poll, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 10);
  +timer_mod(g->fence_poll, qemu_clock_get_us(QEMU_CLOCK_VIRTUAL) + 20);
   }
   }
   
  @@ -629,7 +629,7 @@ int virtio_gpu_virgl_init(VirtIOGPU *g)
   return ret;
   }
   
  -g->fence_poll = timer_new_ms(QEMU_CLOCK_VIRTUAL,
  +g->fence_poll = timer_new_us(QEMU_CLOCK_VIRTUAL,
virtio_gpu_fence_poll, g);
   
   if (virtio_gpu_stats_enabled(g->conf)) {
  -- 
  2.7.4

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/186/+subscriptions



[Bug 1777235] Re: NVME is missing support for Get Log Page command

2021-01-23 Thread Launchpad Bug Tracker
[Expired for QEMU because there has been no activity for 60 days.]

** Changed in: qemu
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1777235

Title:
  NVME is missing support for Get Log Page command

Status in QEMU:
  Expired

Bug description:
  "Get Log Page" is a mandatory admin command by the specification (NVMe
  1.2, Section 5, Figure 40) currently not implemented by device.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1777235/+subscriptions



[PATCH] target/ppc: Fix truncation of env->hflags

2021-01-23 Thread Richard Henderson
Use the cs_base field, because it happens to be the same
size as hflags (and MSR, from which hflags is derived).

In translate, extract most bits from a local hflags variable.
Mark several cases where code generation is *not* derived from
data stored within the hashed elements of the TranslationBlock.

Cc: David Gibson 
Reported-by: Ivan Warren 
Signed-off-by: Richard Henderson 
---
 target/ppc/cpu.h   |  4 +--
 target/ppc/translate.c | 64 --
 2 files changed, 26 insertions(+), 42 deletions(-)

diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
index 2609e4082e..4a05e4e544 100644
--- a/target/ppc/cpu.h
+++ b/target/ppc/cpu.h
@@ -2396,8 +2396,8 @@ static inline void cpu_get_tb_cpu_state(CPUPPCState *env, 
target_ulong *pc,
 target_ulong *cs_base, uint32_t *flags)
 {
 *pc = env->nip;
-*cs_base = 0;
-*flags = env->hflags;
+*cs_base = env->hflags;
+*flags = 0;
 }
 
 void QEMU_NORETURN raise_exception(CPUPPCState *env, uint32_t exception);
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 0984ce637b..1eb2e1b0c6 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -7879,47 +7879,37 @@ static void ppc_tr_init_disas_context(DisasContextBase 
*dcbase, CPUState *cs)
 {
 DisasContext *ctx = container_of(dcbase, DisasContext, base);
 CPUPPCState *env = cs->env_ptr;
+target_ulong hflags = ctx->base.tb->cs_base;
 int bound;
 
 ctx->exception = POWERPC_EXCP_NONE;
 ctx->spr_cb = env->spr_cb;
-ctx->pr = msr_pr;
+ctx->pr = (hflags >> MSR_PR) & 1;
 ctx->mem_idx = env->dmmu_idx;
-ctx->dr = msr_dr;
-#if !defined(CONFIG_USER_ONLY)
-ctx->hv = msr_hv || !env->has_hv_mode;
+ctx->dr = (hflags >> MSR_DR) & 1;
+#if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY)
+ctx->hv = (hflags >> MSR_HV) & 1;
 #endif
 ctx->insns_flags = env->insns_flags;
 ctx->insns_flags2 = env->insns_flags2;
 ctx->access_type = -1;
 ctx->need_access_type = !mmu_is_64bit(env->mmu_model);
-ctx->le_mode = !!(env->hflags & (1 << MSR_LE));
+ctx->le_mode = (hflags >> MSR_LE) & 1;
 ctx->default_tcg_memop_mask = ctx->le_mode ? MO_LE : MO_BE;
 ctx->flags = env->flags;
 #if defined(TARGET_PPC64)
-ctx->sf_mode = msr_is_64bit(env, env->msr);
+ctx->sf_mode = (hflags >> MSR_SF) & 1;
 ctx->has_cfar = !!(env->flags & POWERPC_FLAG_CFAR);
 #endif
 ctx->lazy_tlb_flush = env->mmu_model == POWERPC_MMU_32B
 || env->mmu_model == POWERPC_MMU_601
 || env->mmu_model & POWERPC_MMU_64;
 
-ctx->fpu_enabled = !!msr_fp;
-if ((env->flags & POWERPC_FLAG_SPE) && msr_spe) {
-ctx->spe_enabled = !!msr_spe;
-} else {
-ctx->spe_enabled = false;
-}
-if ((env->flags & POWERPC_FLAG_VRE) && msr_vr) {
-ctx->altivec_enabled = !!msr_vr;
-} else {
-ctx->altivec_enabled = false;
-}
-if ((env->flags & POWERPC_FLAG_VSX) && msr_vsx) {
-ctx->vsx_enabled = !!msr_vsx;
-} else {
-ctx->vsx_enabled = false;
-}
+ctx->fpu_enabled = (hflags >> MSR_FP) & 1;
+ctx->spe_enabled = (hflags >> MSR_SPE) & 1;
+ctx->altivec_enabled = (hflags >> MSR_VR) & 1;
+ctx->vsx_enabled = (hflags >> MSR_VSX) & 1;
+/* FIXME: This needs to be stored in env->hflags_nmsr. */
 if ((env->flags & POWERPC_FLAG_SCV)
 && (env->spr[SPR_FSCR] & (1ull << FSCR_SCV))) {
 ctx->scv_enabled = true;
@@ -7927,23 +7917,21 @@ static void ppc_tr_init_disas_context(DisasContextBase 
*dcbase, CPUState *cs)
 ctx->scv_enabled = false;
 }
 #if defined(TARGET_PPC64)
-if ((env->flags & POWERPC_FLAG_TM) && msr_tm) {
-ctx->tm_enabled = !!msr_tm;
-} else {
-ctx->tm_enabled = false;
-}
+ctx->tm_enabled = (hflags >> MSR_TM) & 1;
 #endif
+/* FIXME: This needs to be stored in env->hflags_nmsr. */
 ctx->gtse = !!(env->spr[SPR_LPCR] & LPCR_GTSE);
-if ((env->flags & POWERPC_FLAG_SE) && msr_se) {
-ctx->singlestep_enabled = CPU_SINGLE_STEP;
-} else {
-ctx->singlestep_enabled = 0;
-}
-if ((env->flags & POWERPC_FLAG_BE) && msr_be) {
-ctx->singlestep_enabled |= CPU_BRANCH_STEP;
-}
-if ((env->flags & POWERPC_FLAG_DE) && msr_de) {
+
+ctx->singlestep_enabled = ((hflags >> MSR_SE) & 1 ? CPU_SINGLE_STEP : 0)
+| ((hflags >> MSR_BE) & 1 ? CPU_BRANCH_STEP : 0);
+
+if ((hflags >> MSR_DE) & 1) {
 ctx->singlestep_enabled = 0;
+/*
+ * FIXME: This needs to be stored in env->hflags_nmsr,
+ * probably overlapping MSR_SE/MSR_BE like we do for
+ * MSR_LE and the ppc 601.
+ */
 target_ulong dbcr0 = env->spr[SPR_BOOKE_DBCR0];
 if (dbcr0 & DBCR0_ICMP) {
 ctx->singlestep_enabled |= CPU_SINGLE_STEP;
@@ -7956,10 +7944,6 @@ static void ppc_tr_init_disas_context(DisasContextBase 
*dcbase, CPUState *cs)
 if 

Re: PPC64 TCG problem.. MSR[SF] switching.

2021-01-23 Thread Richard Henderson
On 1/23/21 4:03 PM, Ivan Warren wrote:
> Hello people,
> 
> I have the following issue : I'm using an OS (not linux) on a
> qemu-system-ppc64. (in my case a Power8 qemu target with a x86_64 TCG target)
> 
> This OS provides a set of NARROW/WIDE (MSR[SF]) agnostic code snippets in the
> 1st 64K of addresses (so they can be called using the PPC 'bla' instruction).
> Possibly this is kernel provided code so that it can provide the best strategy
> for the current runtime environment depending on CPU model or whatever the
> SPAPR Hypervisor says.
> 
> One of the routine is 1st being called in NARROW mode, and the TCG generated
> code reflects that. For example it (seems) to generate address folding in the
> output TCG target code (looking at log out_asm output) and/or possibly uses 
> the
> 32 bit soft mmu helper (but can't be sure of this)..
> 
> Later the vCPU is switched to WIDE mode (MSR[SF]==1) and invokes the code
> again. No new code is being generated because it is already in the TCG cache,
> but that code is still the NARROW mode generated TCG target code so it fails
> miserably (address incorrectly truncated to 32 bit and/or wrong MMU strategy).

You are correct, this is a bug in the ppc translator.

The bug is in ppc_tr_init_disas_context:

ctx->sf_mode = msr_is_64bit(env, env->msr);

this is an incorrect read of env state within the translator.

It looks like ppc is attempting to do this correctly, by computing a value into
env->hflags, which includes MSR[SF].

However, this doesn't quite work out because in cpu_get_tb_cpu_state,

*flags = env->hflags;

truncates the value from target_ulong to uint32_t.

So the setting of the MSR[SF] bit gets lost.

> The solutions (if my assumptions are correct) I believe is either to flush the
> TCG output cache upon MSR[SF] switching (but that could kill performances if
> there is a lot of NARROW/WIDE switches... or have 2 TCG caches (one for narrow
> code and one for wide code).

The values stored by cpu_get_tb_cpu_state are saved, and we will only reuse an
entry in the TCG output cache when all of the values are the same.  So fixing
the truncation issue will fix this bug.

The easiest way to fix this is to (ab)use tb->cs_base to store env->hflags,
because they are both target_ulong values.

I will follow up with a partial patch for this general class of bug, which
should fix your specific case.


r~



[PATCH V6 6/6] hw/block/nvme: support for shared namespace in subsystem

2021-01-23 Thread Minwoo Im
nvme-ns device is registered to a nvme controller device during the
initialization in nvme_register_namespace() in case that 'bus' property
is given which means it's mapped to a single controller.

This patch introduced a new property 'subsys' just like the controller
device instance did to map a namespace to a NVMe subsystem.

If 'subsys' property is given to the nvme-ns device, it will belong to
the specified subsystem and will be attached to all controllers in that
subsystem by enabling shared namespace capability in NMIC(Namespace
Multi-path I/O and Namespace Capabilities) in Identify Namespace.

Usage:

  -device nvme-subsys,id=subsys0
  -device nvme,serial=foo,id=nvme0,subsys=subsys0
  -device nvme,serial=bar,id=nvme1,subsys=subsys0
  -device nvme,serial=baz,id=nvme2,subsys=subsys0
  -device nvme-ns,id=ns1,drive=,nsid=1,subsys=subsys0  # Shared
  -device nvme-ns,id=ns2,drive=,nsid=2,bus=nvme2   # Non-shared

  In the above example, 'ns1' will be shared to 'nvme0' and 'nvme1' in
  the same subsystem.  On the other hand, 'ns2' will be attached to the
  'nvme2' only as a private namespace in that subsystem.

All the namespace with 'subsys' parameter will attach all controllers in
the subsystem to the namespace by default.

Signed-off-by: Minwoo Im 
---
 hw/block/nvme-ns.c | 23 ++-
 hw/block/nvme-ns.h |  7 +++
 hw/block/nvme-subsys.c | 25 +
 hw/block/nvme-subsys.h |  3 +++
 hw/block/nvme.c| 10 +-
 5 files changed, 62 insertions(+), 6 deletions(-)

diff --git a/hw/block/nvme-ns.c b/hw/block/nvme-ns.c
index 62b25cf69bfa..9b493f2ead03 100644
--- a/hw/block/nvme-ns.c
+++ b/hw/block/nvme-ns.c
@@ -63,6 +63,10 @@ static int nvme_ns_init(NvmeNamespace *ns, Error **errp)
 
 id_ns->npda = id_ns->npdg = npdg - 1;
 
+if (nvme_ns_shared(ns)) {
+id_ns->nmic |= NVME_NMIC_NS_SHARED;
+}
+
 return 0;
 }
 
@@ -365,16 +369,25 @@ static void nvme_ns_realize(DeviceState *dev, Error 
**errp)
 return;
 }
 
-if (nvme_register_namespace(n, ns, errp)) {
-error_propagate_prepend(errp, local_err,
-"could not register namespace: ");
-return;
+if (ns->subsys) {
+if (nvme_subsys_register_ns(ns, errp)) {
+error_propagate_prepend(errp, local_err,
+"could not setup namespace to subsys: ");
+return;
+}
+} else {
+if (nvme_register_namespace(n, ns, errp)) {
+error_propagate_prepend(errp, local_err,
+"could not register namespace: ");
+return;
+}
 }
-
 }
 
 static Property nvme_ns_props[] = {
 DEFINE_BLOCK_PROPERTIES(NvmeNamespace, blkconf),
+DEFINE_PROP_LINK("subsys", NvmeNamespace, subsys, TYPE_NVME_SUBSYS,
+ NvmeSubsystem *),
 DEFINE_PROP_UINT32("nsid", NvmeNamespace, params.nsid, 0),
 DEFINE_PROP_UUID("uuid", NvmeNamespace, params.uuid),
 DEFINE_PROP_BOOL("zoned", NvmeNamespace, params.zoned, false),
diff --git a/hw/block/nvme-ns.h b/hw/block/nvme-ns.h
index 293ac990e3f6..929e78861903 100644
--- a/hw/block/nvme-ns.h
+++ b/hw/block/nvme-ns.h
@@ -47,6 +47,8 @@ typedef struct NvmeNamespace {
 const uint32_t *iocs;
 uint8_t  csi;
 
+NvmeSubsystem   *subsys;
+
 NvmeIdNsZoned   *id_ns_zoned;
 NvmeZone*zone_array;
 QTAILQ_HEAD(, NvmeZone) exp_open_zones;
@@ -77,6 +79,11 @@ static inline uint32_t nvme_nsid(NvmeNamespace *ns)
 return -1;
 }
 
+static inline bool nvme_ns_shared(NvmeNamespace *ns)
+{
+return !!ns->subsys;
+}
+
 static inline NvmeLBAF *nvme_ns_lbaf(NvmeNamespace *ns)
 {
 NvmeIdNs *id_ns = >id_ns;
diff --git a/hw/block/nvme-subsys.c b/hw/block/nvme-subsys.c
index e9d61c993c90..641de33e99fc 100644
--- a/hw/block/nvme-subsys.c
+++ b/hw/block/nvme-subsys.c
@@ -43,6 +43,31 @@ int nvme_subsys_register_ctrl(NvmeCtrl *n, Error **errp)
 return cntlid;
 }
 
+int nvme_subsys_register_ns(NvmeNamespace *ns, Error **errp)
+{
+NvmeSubsystem *subsys = ns->subsys;
+NvmeCtrl *n;
+int i;
+
+if (subsys->namespaces[nvme_nsid(ns)]) {
+error_setg(errp, "namespace %d already registerd to subsy %s",
+   nvme_nsid(ns), subsys->parent_obj.id);
+return -1;
+}
+
+subsys->namespaces[nvme_nsid(ns)] = ns;
+
+for (i = 0; i < ARRAY_SIZE(subsys->ctrls); i++) {
+n = subsys->ctrls[i];
+
+if (n && nvme_register_namespace(n, ns, errp)) {
+return -1;
+}
+}
+
+return 0;
+}
+
 static void nvme_subsys_setup(NvmeSubsystem *subsys)
 {
 snprintf((char *)subsys->subnqn, sizeof(subsys->subnqn),
diff --git a/hw/block/nvme-subsys.h b/hw/block/nvme-subsys.h
index 4eba50d96a1d..ccf6a71398d3 100644
--- a/hw/block/nvme-subsys.h
+++ b/hw/block/nvme-subsys.h
@@ -14,6 +14,7 @@
 OBJECT_CHECK(NvmeSubsystem, (obj), TYPE_NVME_SUBSYS)
 
 #define NVME_SUBSYS_MAX_CTRLS   

[PATCH V6 5/6] hw/block/nvme: add NMIC enum value for Identify Namespace

2021-01-23 Thread Minwoo Im
Added Namespace Multi-path I/O and Namespace Sharing Capabilities (NMIC)
field to support shared namespace from controller(s).

This field is in Identify Namespace data structure in [30].

Signed-off-by: Minwoo Im 
---
 include/block/nvme.h | 4 
 1 file changed, 4 insertions(+)

diff --git a/include/block/nvme.h b/include/block/nvme.h
index d6415a869c1c..ad68cdc2b92d 100644
--- a/include/block/nvme.h
+++ b/include/block/nvme.h
@@ -1203,6 +1203,10 @@ enum NvmeNsIdentifierType {
 NVME_NIDT_CSI   = 0x04,
 };
 
+enum NvmeIdNsNmic {
+NVME_NMIC_NS_SHARED = 1 << 0,
+};
+
 enum NvmeCsi {
 NVME_CSI_NVM= 0x00,
 NVME_CSI_ZONED  = 0x02,
-- 
2.17.1




Re: [RFC PATCH 0/4] hw/intc: enable GICv4 memory layout for GICv3 driver

2021-01-23 Thread no-reply
Patchew URL: https://patchew.org/QEMU/20210124025306.3949-1-l...@nuviainc.com/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 20210124025306.3949-1-l...@nuviainc.com
Subject: [RFC PATCH 0/4] hw/intc: enable GICv4 memory layout for GICv3 driver

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
 - [tag update]  
patchew/20210123230105.2076270-1-richard.hender...@linaro.org -> 
patchew/20210123230105.2076270-1-richard.hender...@linaro.org
 * [new tag] patchew/20210124025306.3949-1-l...@nuviainc.com -> 
patchew/20210124025306.3949-1-l...@nuviainc.com
Switched to a new branch 'test'
22ce3eb hw/intc: make gicv3_idreg() distinguish between gicv3/gicv4
4d2400c hw/intc: set GICD_TYPER.DVIS for GICv4
bab9208 hw/intc: add helper function to determine gicv3 redistributor size
71fa48f hw/intc: don't bail out gicv3 model init for revision 4

=== OUTPUT BEGIN ===
1/4 Checking commit 71fa48fa1624 (hw/intc: don't bail out gicv3 model init for 
revision 4)
2/4 Checking commit bab920855fbe (hw/intc: add helper function to determine 
gicv3 redistributor size)
3/4 Checking commit 4d2400cda07b (hw/intc: set GICD_TYPER.DVIS for GICv4)
ERROR: superfluous trailing semicolon
#25: FILE: hw/intc/arm_gicv3_dist.c:391:
+*data |= (1 << 18);;

total: 1 errors, 0 warnings, 9 lines checked

Patch 3/4 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

4/4 Checking commit 22ce3eb6f90a (hw/intc: make gicv3_idreg() distinguish 
between gicv3/gicv4)
=== OUTPUT END ===

Test command exited with code: 1


The full log is available at
http://patchew.org/logs/20210124025306.3949-1-l...@nuviainc.com/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

[PATCH V6 4/6] hw/block/nvme: support for multi-controller in subsystem

2021-01-23 Thread Minwoo Im
We have nvme-subsys and nvme devices mapped together.  To support
multi-controller scheme to this setup, controller identifier(id) has to
be managed.  Earlier, cntlid(controller id) used to be always 0 because
we didn't have any subsystem scheme that controller id matters.

This patch introduced 'cntlid' attribute to the nvme controller
instance(NvmeCtrl) and make it allocated by the nvme-subsys device
mapped to the controller.  If nvme-subsys is not given to the
controller, then it will always be 0 as it was.

Added 'ctrls' array in the nvme-subsys instance to manage attached
controllers to the subsystem with a limit(32).  This patch didn't take
list for the controllers to make it seamless with nvme-ns device.

Signed-off-by: Minwoo Im 
---
 hw/block/nvme-subsys.c | 21 +
 hw/block/nvme-subsys.h |  4 
 hw/block/nvme.c| 29 +
 hw/block/nvme.h|  1 +
 4 files changed, 55 insertions(+)

diff --git a/hw/block/nvme-subsys.c b/hw/block/nvme-subsys.c
index aa82911b951c..e9d61c993c90 100644
--- a/hw/block/nvme-subsys.c
+++ b/hw/block/nvme-subsys.c
@@ -22,6 +22,27 @@
 #include "nvme.h"
 #include "nvme-subsys.h"
 
+int nvme_subsys_register_ctrl(NvmeCtrl *n, Error **errp)
+{
+NvmeSubsystem *subsys = n->subsys;
+int cntlid;
+
+for (cntlid = 0; cntlid < ARRAY_SIZE(subsys->ctrls); cntlid++) {
+if (!subsys->ctrls[cntlid]) {
+break;
+}
+}
+
+if (cntlid == ARRAY_SIZE(subsys->ctrls)) {
+error_setg(errp, "no more free controller id");
+return -1;
+}
+
+subsys->ctrls[cntlid] = n;
+
+return cntlid;
+}
+
 static void nvme_subsys_setup(NvmeSubsystem *subsys)
 {
 snprintf((char *)subsys->subnqn, sizeof(subsys->subnqn),
diff --git a/hw/block/nvme-subsys.h b/hw/block/nvme-subsys.h
index 40f06a4c7db0..4eba50d96a1d 100644
--- a/hw/block/nvme-subsys.h
+++ b/hw/block/nvme-subsys.h
@@ -20,6 +20,10 @@ typedef struct NvmeNamespace NvmeNamespace;
 typedef struct NvmeSubsystem {
 DeviceState parent_obj;
 uint8_t subnqn[256];
+
+NvmeCtrl*ctrls[NVME_SUBSYS_MAX_CTRLS];
 } NvmeSubsystem;
 
+int nvme_subsys_register_ctrl(NvmeCtrl *n, Error **errp);
+
 #endif /* NVME_SUBSYS_H */
diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index b525fca14103..7138389be4bd 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -4435,6 +4435,9 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice 
*pci_dev)
 strpadcpy((char *)id->mn, sizeof(id->mn), "QEMU NVMe Ctrl", ' ');
 strpadcpy((char *)id->fr, sizeof(id->fr), "1.0", ' ');
 strpadcpy((char *)id->sn, sizeof(id->sn), n->params.serial, ' ');
+
+id->cntlid = cpu_to_le16(n->cntlid);
+
 id->rab = 6;
 id->ieee[0] = 0x00;
 id->ieee[1] = 0x02;
@@ -4481,6 +4484,10 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice 
*pci_dev)
 id->psd[0].enlat = cpu_to_le32(0x10);
 id->psd[0].exlat = cpu_to_le32(0x4);
 
+if (n->subsys) {
+id->cmic |= NVME_CMIC_MULTI_CTRL;
+}
+
 NVME_CAP_SET_MQES(n->bar.cap, 0x7ff);
 NVME_CAP_SET_CQR(n->bar.cap, 1);
 NVME_CAP_SET_TO(n->bar.cap, 0xf);
@@ -4495,6 +4502,24 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice 
*pci_dev)
 n->bar.intmc = n->bar.intms = 0;
 }
 
+static int nvme_init_subsys(NvmeCtrl *n, Error **errp)
+{
+int cntlid;
+
+if (!n->subsys) {
+return 0;
+}
+
+cntlid = nvme_subsys_register_ctrl(n, errp);
+if (cntlid < 0) {
+return -1;
+}
+
+n->cntlid = cntlid;
+
+return 0;
+}
+
 static void nvme_realize(PCIDevice *pci_dev, Error **errp)
 {
 NvmeCtrl *n = NVME(pci_dev);
@@ -4515,6 +4540,10 @@ static void nvme_realize(PCIDevice *pci_dev, Error 
**errp)
 return;
 }
 
+if (nvme_init_subsys(n, errp)) {
+error_propagate(errp, local_err);
+return;
+}
 nvme_init_ctrl(n, pci_dev);
 
 /* setup a namespace if the controller drive property was given */
diff --git a/hw/block/nvme.h b/hw/block/nvme.h
index 04d4684601fd..b8f5f2d6ffb8 100644
--- a/hw/block/nvme.h
+++ b/hw/block/nvme.h
@@ -134,6 +134,7 @@ typedef struct NvmeCtrl {
 NvmeBus  bus;
 BlockConfconf;
 
+uint16_tcntlid;
 boolqs_created;
 uint32_tpage_size;
 uint16_tpage_bits;
-- 
2.17.1




[PATCH V6 3/6] hw/block/nvme: add CMIC enum value for Identify Controller

2021-01-23 Thread Minwoo Im
Added Controller Multi-path I/O and Namespace Sharing Capabilities
(CMIC) field to support multi-controller in the following patches.

This field is in Identify Controller data structure in [76].

Signed-off-by: Minwoo Im 
---
 include/block/nvme.h | 4 
 1 file changed, 4 insertions(+)

diff --git a/include/block/nvme.h b/include/block/nvme.h
index e4b918064df9..d6415a869c1c 100644
--- a/include/block/nvme.h
+++ b/include/block/nvme.h
@@ -1034,6 +1034,10 @@ enum NvmeIdCtrlLpa {
 NVME_LPA_EXTENDED = 1 << 2,
 };
 
+enum NvmeIdCtrlCmic {
+NVME_CMIC_MULTI_CTRL= 1 << 1,
+};
+
 #define NVME_CTRL_SQES_MIN(sqes) ((sqes) & 0xf)
 #define NVME_CTRL_SQES_MAX(sqes) (((sqes) >> 4) & 0xf)
 #define NVME_CTRL_CQES_MIN(cqes) ((cqes) & 0xf)
-- 
2.17.1




[PATCH V6 1/6] hw/block/nvme: introduce nvme-subsys device

2021-01-23 Thread Minwoo Im
To support multi-path in QEMU NVMe device model, We need to have NVMe
subsystem hierarchy to map controllers and namespaces to a NVMe
subsystem.

This patch introduced a simple nvme-subsys device model.  The subsystem
will be prepared with subsystem NQN with  provided in
nvme-subsys device:

  ex) -device nvme-subsys,id=subsys0: nqn.2019-08.org.qemu:subsys0

Signed-off-by: Minwoo Im 
---
 hw/block/meson.build   |  2 +-
 hw/block/nvme-subsys.c | 60 ++
 hw/block/nvme-subsys.h | 25 ++
 hw/block/nvme.c|  3 +++
 4 files changed, 89 insertions(+), 1 deletion(-)
 create mode 100644 hw/block/nvme-subsys.c
 create mode 100644 hw/block/nvme-subsys.h

diff --git a/hw/block/meson.build b/hw/block/meson.build
index 602ca6c8541d..83ea2d37978d 100644
--- a/hw/block/meson.build
+++ b/hw/block/meson.build
@@ -13,7 +13,7 @@ softmmu_ss.add(when: 'CONFIG_SSI_M25P80', if_true: 
files('m25p80.c'))
 softmmu_ss.add(when: 'CONFIG_SWIM', if_true: files('swim.c'))
 softmmu_ss.add(when: 'CONFIG_XEN', if_true: files('xen-block.c'))
 softmmu_ss.add(when: 'CONFIG_SH4', if_true: files('tc58128.c'))
-softmmu_ss.add(when: 'CONFIG_NVME_PCI', if_true: files('nvme.c', 'nvme-ns.c'))
+softmmu_ss.add(when: 'CONFIG_NVME_PCI', if_true: files('nvme.c', 'nvme-ns.c', 
'nvme-subsys.c'))
 
 specific_ss.add(when: 'CONFIG_VIRTIO_BLK', if_true: files('virtio-blk.c'))
 specific_ss.add(when: 'CONFIG_VHOST_USER_BLK', if_true: 
files('vhost-user-blk.c'))
diff --git a/hw/block/nvme-subsys.c b/hw/block/nvme-subsys.c
new file mode 100644
index ..aa82911b951c
--- /dev/null
+++ b/hw/block/nvme-subsys.c
@@ -0,0 +1,60 @@
+/*
+ * QEMU NVM Express Subsystem: nvme-subsys
+ *
+ * Copyright (c) 2021 Minwoo Im 
+ *
+ * This code is licensed under the GNU GPL v2.  Refer COPYING.
+ */
+
+#include "qemu/units.h"
+#include "qemu/osdep.h"
+#include "qemu/uuid.h"
+#include "qemu/iov.h"
+#include "qemu/cutils.h"
+#include "qapi/error.h"
+#include "hw/qdev-properties.h"
+#include "hw/qdev-core.h"
+#include "hw/block/block.h"
+#include "block/aio.h"
+#include "block/accounting.h"
+#include "sysemu/sysemu.h"
+#include "hw/pci/pci.h"
+#include "nvme.h"
+#include "nvme-subsys.h"
+
+static void nvme_subsys_setup(NvmeSubsystem *subsys)
+{
+snprintf((char *)subsys->subnqn, sizeof(subsys->subnqn),
+ "nqn.2019-08.org.qemu:%s", subsys->parent_obj.id);
+}
+
+static void nvme_subsys_realize(DeviceState *dev, Error **errp)
+{
+NvmeSubsystem *subsys = NVME_SUBSYS(dev);
+
+nvme_subsys_setup(subsys);
+}
+
+static void nvme_subsys_class_init(ObjectClass *oc, void *data)
+{
+DeviceClass *dc = DEVICE_CLASS(oc);
+
+set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
+
+dc->realize = nvme_subsys_realize;
+dc->desc = "Virtual NVMe subsystem";
+}
+
+static const TypeInfo nvme_subsys_info = {
+.name = TYPE_NVME_SUBSYS,
+.parent = TYPE_DEVICE,
+.class_init = nvme_subsys_class_init,
+.instance_size = sizeof(NvmeSubsystem),
+};
+
+static void nvme_subsys_register_types(void)
+{
+type_register_static(_subsys_info);
+}
+
+type_init(nvme_subsys_register_types)
diff --git a/hw/block/nvme-subsys.h b/hw/block/nvme-subsys.h
new file mode 100644
index ..40f06a4c7db0
--- /dev/null
+++ b/hw/block/nvme-subsys.h
@@ -0,0 +1,25 @@
+/*
+ * QEMU NVM Express Subsystem: nvme-subsys
+ *
+ * Copyright (c) 2021 Minwoo Im 
+ *
+ * This code is licensed under the GNU GPL v2.  Refer COPYING.
+ */
+
+#ifndef NVME_SUBSYS_H
+#define NVME_SUBSYS_H
+
+#define TYPE_NVME_SUBSYS "nvme-subsys"
+#define NVME_SUBSYS(obj) \
+OBJECT_CHECK(NvmeSubsystem, (obj), TYPE_NVME_SUBSYS)
+
+#define NVME_SUBSYS_MAX_CTRLS   32
+
+typedef struct NvmeCtrl NvmeCtrl;
+typedef struct NvmeNamespace NvmeNamespace;
+typedef struct NvmeSubsystem {
+DeviceState parent_obj;
+uint8_t subnqn[256];
+} NvmeSubsystem;
+
+#endif /* NVME_SUBSYS_H */
diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index 21aec90637fa..aabccdf36f4b 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -25,6 +25,7 @@
  *  mdts=,zoned.append_size_limit= \
  *  -device nvme-ns,drive=,bus=,nsid=,\
  *  zoned=
+ *  -device nvme-subsys,id=
  *
  * Note cmb_size_mb denotes size of CMB in MB. CMB is assumed to be at
  * offset 0 in BAR2 and supports only WDS, RDS and SQS for now. By default, the
@@ -38,6 +39,8 @@
  *
  * The PMR will use BAR 4/5 exclusively.
  *
+ * To place controller(s) and namespace(s) to a subsystem, then provide
+ * nvme-subsys device as above.
  *
  * nvme device parameters
  * ~~
-- 
2.17.1




[PATCH V6 0/6] hw/block/nvme: support multi-path for ctrl/ns

2021-01-23 Thread Minwoo Im
Hello,

This is sixth patch series for the support of NVMe subsystem scheme with
multi-controller and namespace sharing in a subsystem.

This version has a fix in nvme_init_ctrl() when 'cntlid' is set to the
Identify Controller data structure by making it by cpu_to_le16() as
Keith reviewed.

Here's test result with a simple 'nvme list -v' command from this model:

  -device nvme-subsys,id=subsys0 \
  -device nvme,serial=foo,id=nvme0,subsys=subsys0 \
  -device nvme,serial=bar,id=nvme1,subsys=subsys0 \
  -device nvme,serial=baz,id=nvme2,subsys=subsys0 \
  -device nvme-ns,id=ns1,drive=drv10,nsid=1,subsys=subsys0 \
  -device nvme-ns,id=ns2,drive=drv11,nsid=2,bus=nvme2 \
  \
  -device nvme,serial=qux,id=nvme3 \
  -device nvme-ns,id=ns3,drive=drv12,nsid=3,bus=nvme3 \
  \
  -device nvme-subsys,id=subsys1 \
  -device nvme,serial=quux,id=nvme4,subsys=subsys1 \
  -device nvme-ns,id=ns4,drive=drv13,nsid=1,subsys=subsys1,zoned=true \

  root@vm:~/work# nvme list -v
  NVM Express Subsystems

  SubsystemSubsystem-NQN
Controllers
   

 
  nvme-subsys1 nqn.2019-08.org.qemu:subsys0 
nvme0, nvme1, nvme2
  nvme-subsys3 nqn.2019-08.org.qemu:qux 
nvme3
  nvme-subsys4 nqn.2019-08.org.qemu:subsys1 
nvme4

  NVM Express Controllers

  Device   SN   MN   FR 
  TxPort AddressSubsystemNamespaces
     
 -- --  
  nvme0foo  QEMU NVMe Ctrl   1.0
  pcie   :00:06.0   nvme-subsys1 nvme1c0n1
  nvme1bar  QEMU NVMe Ctrl   1.0
  pcie   :00:07.0   nvme-subsys1 nvme1c1n1
  nvme2baz  QEMU NVMe Ctrl   1.0
  pcie   :00:08.0   nvme-subsys1 nvme1c2n1, nvme1c2n2
  nvme3qux  QEMU NVMe Ctrl   1.0
  pcie   :00:09.0   nvme-subsys3 nvme3n1
  nvme4quux QEMU NVMe Ctrl   1.0
  pcie   :00:0a.0   nvme-subsys4 nvme4c4n1

  NVM Express Namespaces

  Device   NSID Usage  Format   Controllers
    --  

  nvme1n1  1134.22  MB / 134.22  MB512   B +  0 B   nvme0, 
nvme1, nvme2
  nvme1n2  2268.44  MB / 268.44  MB512   B +  0 B   nvme2
  nvme3n1  3268.44  MB / 268.44  MB512   B +  0 B   nvme3
  nvme4n1  1268.44  MB / 268.44  MB512   B +  0 B   nvme4

Thanks,

Since V5:
  - Fix endianness for 'cntlid' in Identify Controller data structure.
(Keith)

Since V4:
  - Code clean-up to snprintf rather than duplicating it and copy.
(Keith)
  - Documentation for 'subsys' clean-up.  (Keith)
  - Remove 'cntlid' param from nvme_init_ctrl().  (Keith)
  - Put error_propagate() in nvme_realize().  (Keith)

Since RFC V3:
  - Exclude 'deatched' scheme from this series.  This will be covered in
the next series by covering all the ns-related admin commands
including ZNS and ns-mgmt. (Niklas)
  - Rebased on nvme-next.
  - Remove RFC tag from this V4.

Since RFC V2:
  - Rebased on nvme-next branch with trivial patches from the previous
version(V2) applied. (Klaus)
  - Fix enumeration type name convention with NvmeIdNs prefix. (Klaus)
  - Put 'cntlid' to NvmeCtrl instance in nvme_init_ctrl() which was
missed in V2.
  - Added 'detached' parameter to nvme-ns device to decide whether to
attach or not to controller(s) in the subsystem. (Klaus)
  - Implemented Identify Active Namespace ID List aprt from Identify
Allocated Namespace ID List by removing fall-thru statement.

Since RFC V1:
  - Updated namespace sharing scheme to be based on nvme-subsys
hierarchy.

Minwoo Im (6):
  hw/block/nvme: introduce nvme-subsys device
  hw/block/nvme: support to map controller to a subsystem
  hw/block/nvme: add CMIC enum value for Identify Controller
  hw/block/nvme: support for multi-controller in subsystem
  hw/block/nvme: add NMIC enum value for Identify Namespace
  hw/block/nvme: support for shared namespace in subsystem

 hw/block/meson.build   |   2 +-
 hw/block/nvme-ns.c |  23 +++--
 hw/block/nvme-ns.h |   7 +++
 hw/block/nvme-subsys.c | 106 +
 hw/block/nvme-subsys.h |  32 +
 hw/block/nvme.c|  72 +---
 hw/block/nvme.h|   

[RFC PATCH 3/4] hw/intc: set GICD_TYPER.DVIS for GICv4

2021-01-23 Thread Leif Lindholm
The VLPI frames are what make the redistributor size change, so ensure
we state in GICD_TYPER that we have them.

Signed-off-by: Leif Lindholm 
---
 hw/intc/arm_gicv3_dist.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/intc/arm_gicv3_dist.c b/hw/intc/arm_gicv3_dist.c
index b65f56f903..833deb0a74 100644
--- a/hw/intc/arm_gicv3_dist.c
+++ b/hw/intc/arm_gicv3_dist.c
@@ -387,6 +387,9 @@ static MemTxResult gicd_readl(GICv3State *s, hwaddr offset,
 
 *data = (1 << 25) | (1 << 24) | (sec_extn << 10) |
 (0xf << 19) | itlinesnumber;
+if (s->revision == 4) {
+*data |= (1 << 18);;
+}
 return MEMTX_OK;
 }
 case GICD_IIDR:
-- 
2.20.1




[RFC PATCH 2/4] hw/intc: add helper function to determine gicv3 redistributor size

2021-01-23 Thread Leif Lindholm
GICv3 sets aside 128K for each redistributor block, whereas GICv4 sets
aside 256K. To enable use of the gicv3 model for gicv4, abstract this
away as the helper function gicv3_redist_size() and replace the current
hardcoded locations with calls to this function.

Signed-off-by: Leif Lindholm 
---
 hw/intc/arm_gicv3_common.c |  2 +-
 hw/intc/arm_gicv3_redist.c | 13 +
 include/hw/intc/arm_gicv3_common.h |  3 +++
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/hw/intc/arm_gicv3_common.c b/hw/intc/arm_gicv3_common.c
index 7365d24873..a8510b39a1 100644
--- a/hw/intc/arm_gicv3_common.c
+++ b/hw/intc/arm_gicv3_common.c
@@ -299,7 +299,7 @@ void gicv3_init_irqs_and_mmio(GICv3State *s, 
qemu_irq_handler handler,
 
 memory_region_init_io(>iomem_redist[i], OBJECT(s),
   ops ? [1] : NULL, s, name,
-  s->redist_region_count[i] * GICV3_REDIST_SIZE);
+  s->redist_region_count[i] * 
gicv3_redist_size(s));
 sysbus_init_mmio(sbd, >iomem_redist[i]);
 g_free(name);
 }
diff --git a/hw/intc/arm_gicv3_redist.c b/hw/intc/arm_gicv3_redist.c
index 8645220d61..544f4d82ff 100644
--- a/hw/intc/arm_gicv3_redist.c
+++ b/hw/intc/arm_gicv3_redist.c
@@ -14,6 +14,11 @@
 #include "trace.h"
 #include "gicv3_internal.h"
 
+int gicv3_redist_size(GICv3State *s)
+{
+return (s->revision == 3 ? GICV3_REDIST_SIZE : GICV4_REDIST_SIZE);
+}
+
 static uint32_t mask_group(GICv3CPUState *cs, MemTxAttrs attrs)
 {
 /* Return a 32-bit mask which should be applied for this set of 32
@@ -429,8 +434,8 @@ MemTxResult gicv3_redist_read(void *opaque, hwaddr offset, 
uint64_t *data,
  * want to allow splitting of redistributor pages into several
  * blocks so we can support more CPUs.
  */
-cpuidx = offset / 0x2;
-offset %= 0x2;
+cpuidx = offset / gicv3_redist_size(s);
+offset %= gicv3_redist_size(s);
 assert(cpuidx < s->num_cpu);
 
 cs = >cpu[cpuidx];
@@ -486,8 +491,8 @@ MemTxResult gicv3_redist_write(void *opaque, hwaddr offset, 
uint64_t data,
  * want to allow splitting of redistributor pages into several
  * blocks so we can support more CPUs.
  */
-cpuidx = offset / 0x2;
-offset %= 0x2;
+cpuidx = offset / gicv3_redist_size(s);
+offset %= gicv3_redist_size(s);
 assert(cpuidx < s->num_cpu);
 
 cs = >cpu[cpuidx];
diff --git a/include/hw/intc/arm_gicv3_common.h 
b/include/hw/intc/arm_gicv3_common.h
index 91491a2f66..ab88d14867 100644
--- a/include/hw/intc/arm_gicv3_common.h
+++ b/include/hw/intc/arm_gicv3_common.h
@@ -37,6 +37,7 @@
 #define GICV3_MAXSPI (GICV3_MAXIRQ - GIC_INTERNAL)
 
 #define GICV3_REDIST_SIZE 0x2
+#define GICV4_REDIST_SIZE (GICV3_REDIST_SIZE + 0x2)
 
 /* Number of SGI target-list bits */
 #define GICV3_TARGETLIST_BITS 16
@@ -295,4 +296,6 @@ struct ARMGICv3CommonClass {
 void gicv3_init_irqs_and_mmio(GICv3State *s, qemu_irq_handler handler,
   const MemoryRegionOps *ops, Error **errp);
 
+int gicv3_redist_size(GICv3State *s);
+
 #endif
-- 
2.20.1




[PATCH V6 2/6] hw/block/nvme: support to map controller to a subsystem

2021-01-23 Thread Minwoo Im
nvme controller(nvme) can be mapped to a NVMe subsystem(nvme-subsys).
This patch maps a controller to a subsystem by adding a parameter
'subsys' to the nvme device.

To map a controller to a subsystem, we need to put nvme-subsys first and
then maps the subsystem to the controller:

  -device nvme-subsys,id=subsys0
  -device nvme,serial=foo,id=nvme0,subsys=subsys0

If 'subsys' property is not given to the nvme controller, then subsystem
NQN will be created with serial (e.g., 'foo' in above example),
Otherwise, it will be based on subsys id (e.g., 'subsys0' in above
example).

Signed-off-by: Minwoo Im 
---
 hw/block/nvme.c | 30 +-
 hw/block/nvme.h |  3 +++
 2 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/hw/block/nvme.c b/hw/block/nvme.c
index aabccdf36f4b..b525fca14103 100644
--- a/hw/block/nvme.c
+++ b/hw/block/nvme.c
@@ -22,7 +22,8 @@
  *  [pmrdev=,] \
  *  max_ioqpairs=, \
  *  aerl=, aer_max_queued=, \
- *  mdts=,zoned.append_size_limit= \
+ *  mdts=,zoned.append_size_limit=, \
+ *  subsys= \
  *  -device nvme-ns,drive=,bus=,nsid=,\
  *  zoned=
  *  -device nvme-subsys,id=
@@ -44,6 +45,13 @@
  *
  * nvme device parameters
  * ~~
+ * - `subsys`
+ *   NVM Subsystem device. If given, a subsystem NQN will be initialized with
+ *given. Otherwise,  will be taken for subsystem NQN.
+ *   Also, it will enable multi controller capability represented in Identify
+ *   Controller data structure in CMIC (Controller Multi-path I/O and Namesapce
+ *   Sharing Capabilities), if given.
+ *
  * - `aerl`
  *   The Asynchronous Event Request Limit (AERL). Indicates the maximum number
  *   of concurrently outstanding Asynchronous Event Request commands support
@@ -4404,11 +4412,23 @@ static int nvme_init_pci(NvmeCtrl *n, PCIDevice 
*pci_dev, Error **errp)
 return 0;
 }
 
+static void nvme_init_subnqn(NvmeCtrl *n)
+{
+NvmeSubsystem *subsys = n->subsys;
+NvmeIdCtrl *id = >id_ctrl;
+
+if (!subsys) {
+snprintf((char *)id->subnqn, sizeof(id->subnqn),
+ "nqn.2019-08.org.qemu:%s", n->params.serial);
+} else {
+pstrcpy((char *)id->subnqn, sizeof(id->subnqn), (char*)subsys->subnqn);
+}
+}
+
 static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice *pci_dev)
 {
 NvmeIdCtrl *id = >id_ctrl;
 uint8_t *pci_conf = pci_dev->config;
-char *subnqn;
 
 id->vid = cpu_to_le16(pci_get_word(pci_conf + PCI_VENDOR_ID));
 id->ssvid = cpu_to_le16(pci_get_word(pci_conf + PCI_SUBSYSTEM_VENDOR_ID));
@@ -4455,9 +4475,7 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice 
*pci_dev)
 id->sgls = cpu_to_le32(NVME_CTRL_SGLS_SUPPORT_NO_ALIGN |
NVME_CTRL_SGLS_BITBUCKET);
 
-subnqn = g_strdup_printf("nqn.2019-08.org.qemu:%s", n->params.serial);
-strpadcpy((char *)id->subnqn, sizeof(id->subnqn), subnqn, '\0');
-g_free(subnqn);
+nvme_init_subnqn(n);
 
 id->psd[0].mp = cpu_to_le16(0x9c4);
 id->psd[0].enlat = cpu_to_le32(0x10);
@@ -4545,6 +4563,8 @@ static Property nvme_props[] = {
 DEFINE_BLOCK_PROPERTIES(NvmeCtrl, namespace.blkconf),
 DEFINE_PROP_LINK("pmrdev", NvmeCtrl, pmr.dev, TYPE_MEMORY_BACKEND,
  HostMemoryBackend *),
+DEFINE_PROP_LINK("subsys", NvmeCtrl, subsys, TYPE_NVME_SUBSYS,
+ NvmeSubsystem *),
 DEFINE_PROP_STRING("serial", NvmeCtrl, params.serial),
 DEFINE_PROP_UINT32("cmb_size_mb", NvmeCtrl, params.cmb_size_mb, 0),
 DEFINE_PROP_UINT32("num_queues", NvmeCtrl, params.num_queues, 0),
diff --git a/hw/block/nvme.h b/hw/block/nvme.h
index dee6092bd45f..04d4684601fd 100644
--- a/hw/block/nvme.h
+++ b/hw/block/nvme.h
@@ -2,6 +2,7 @@
 #define HW_NVME_H
 
 #include "block/nvme.h"
+#include "nvme-subsys.h"
 #include "nvme-ns.h"
 
 #define NVME_MAX_NAMESPACES 256
@@ -170,6 +171,8 @@ typedef struct NvmeCtrl {
 
 uint8_t zasl;
 
+NvmeSubsystem   *subsys;
+
 NvmeNamespace   namespace;
 NvmeNamespace   *namespaces[NVME_MAX_NAMESPACES];
 NvmeSQueue  **sq;
-- 
2.17.1




[RFC PATCH 4/4] hw/intc: make gicv3_idreg() distinguish between gicv3/gicv4

2021-01-23 Thread Leif Lindholm
Make gicv3_idreg() able to return either gicv3 or gicv4 data.
Add a parameter to specify gic version.

Signed-off-by: Leif Lindholm 
---
 hw/intc/arm_gicv3_dist.c   |  2 +-
 hw/intc/arm_gicv3_redist.c |  2 +-
 hw/intc/gicv3_internal.h   | 12 ++--
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/hw/intc/arm_gicv3_dist.c b/hw/intc/arm_gicv3_dist.c
index 833deb0a74..d32a1d5f48 100644
--- a/hw/intc/arm_gicv3_dist.c
+++ b/hw/intc/arm_gicv3_dist.c
@@ -544,7 +544,7 @@ static MemTxResult gicd_readl(GICv3State *s, hwaddr offset,
 }
 case GICD_IDREGS ... GICD_IDREGS + 0x2f:
 /* ID registers */
-*data = gicv3_idreg(offset - GICD_IDREGS);
+*data = gicv3_idreg(offset - GICD_IDREGS, s->revision);
 return MEMTX_OK;
 case GICD_SGIR:
 /* WO registers, return unknown value */
diff --git a/hw/intc/arm_gicv3_redist.c b/hw/intc/arm_gicv3_redist.c
index 544f4d82ff..faa68c9a71 100644
--- a/hw/intc/arm_gicv3_redist.c
+++ b/hw/intc/arm_gicv3_redist.c
@@ -239,7 +239,7 @@ static MemTxResult gicr_readl(GICv3CPUState *cs, hwaddr 
offset,
 *data = cs->gicr_nsacr;
 return MEMTX_OK;
 case GICR_IDREGS ... GICR_IDREGS + 0x2f:
-*data = gicv3_idreg(offset - GICR_IDREGS);
+*data = gicv3_idreg(offset - GICR_IDREGS, cs->gic->revision);
 return MEMTX_OK;
 default:
 return MEMTX_ERROR;
diff --git a/hw/intc/gicv3_internal.h b/hw/intc/gicv3_internal.h
index 05303a55c8..ded2df66eb 100644
--- a/hw/intc/gicv3_internal.h
+++ b/hw/intc/gicv3_internal.h
@@ -321,7 +321,7 @@ static inline uint32_t gicv3_iidr(void)
 return 0x43b;
 }
 
-static inline uint32_t gicv3_idreg(int regoffset)
+static inline uint32_t gicv3_idreg(int regoffset, int revision)
 {
 /* Return the value of the CoreSight ID register at the specified
  * offset from the first ID register (as found in the distributor
@@ -331,7 +331,15 @@ static inline uint32_t gicv3_idreg(int regoffset)
 static const uint8_t gicd_ids[] = {
 0x44, 0x00, 0x00, 0x00, 0x92, 0xB4, 0x3B, 0x00, 0x0D, 0xF0, 0x05, 0xB1
 };
-return gicd_ids[regoffset / 4];
+static const uint8_t gicdv4_ids[] = {
+0x44, 0x00, 0x00, 0x00, 0x92, 0xB4, 0x4B, 0x00, 0x0D, 0xF0, 0x05, 0xB1
+};
+
+if (revision == 3) {
+return gicd_ids[regoffset / 4];
+} else {
+return gicdv4_ids[regoffset / 4];
+}
 }
 
 /**
-- 
2.20.1




[RFC PATCH 0/4] hw/intc: enable GICv4 memory layout for GICv3 driver

2021-01-23 Thread Leif Lindholm
GICv4 sets aside 256K per redistributor configuration block, whereas GICv3
only uses 128K. However, some codebases (like TF-A, EDK2) will happily use
the GICv3 functionality only.

This set aims at enabling these codebases to run, without actually enabling
full support for GICv4. 

This creates a ... problematic ... system, which will misbehave if you try
to use the virtual LPIs. But it does help with letting me use QEMU for
modelling a platform containing a GICv4, and share firmware images with
other prototyping platforms.

Leif Lindholm (4):
  hw/intc: don't bail out gicv3 model init for revision 4
  hw/intc: add helper function to determine gicv3 redistributor size
  hw/intc: set GICD_TYPER.DVIS for GICv4
  hw/intc: make gicv3_idreg() distinguish between gicv3/gicv4

 hw/intc/arm_gicv3_common.c |  4 ++--
 hw/intc/arm_gicv3_dist.c   |  5 -
 hw/intc/arm_gicv3_redist.c | 15 ++-
 hw/intc/gicv3_internal.h   | 12 ++--
 include/hw/intc/arm_gicv3_common.h |  3 +++
 5 files changed, 29 insertions(+), 10 deletions(-)

-- 
2.20.1




[RFC PATCH 1/4] hw/intc: don't bail out gicv3 model init for revision 4

2021-01-23 Thread Leif Lindholm
As a first step towards GICv4 compatibility, add support for gic revision 4
to GICv3 driver (i.e. don't bail out if revision 4 is encountered).

Signed-off-by: Leif Lindholm 
---
 hw/intc/arm_gicv3_common.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/intc/arm_gicv3_common.c b/hw/intc/arm_gicv3_common.c
index 58ef65f589..7365d24873 100644
--- a/hw/intc/arm_gicv3_common.c
+++ b/hw/intc/arm_gicv3_common.c
@@ -315,7 +315,7 @@ static void arm_gicv3_common_realize(DeviceState *dev, 
Error **errp)
  * conditions. However, in future it could be used, for example, if we
  * implement GICv4.
  */
-if (s->revision != 3) {
+if (s->revision != 3 && s->revision != 4) {
 error_setg(errp, "unsupported GIC revision %d", s->revision);
 return;
 }
-- 
2.20.1




[Bug 1912065] Re: Segfaults in tcg/optimize.c:212 after commit 7c79721606be11b5bc556449e5bcbc331ef6867d

2021-01-23 Thread Richard Henderson
A full solution to the problem:
https://patchew.org/QEMU/20210123230105.2076270-1-richard.hender...@linaro.org/

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1912065

Title:
  Segfaults in tcg/optimize.c:212 after commit
  7c79721606be11b5bc556449e5bcbc331ef6867d

Status in QEMU:
  In Progress

Bug description:
  QEMU segfaults to NULL dereference in tcg/optimize.c:212 semi-randomly
  after commit 7c79721606be11b5bc556449e5bcbc331ef6867d

  Exception Type:EXC_BAD_ACCESS (SIGSEGV)
  Exception Codes:   KERN_INVALID_ADDRESS at 0x0020
  Exception Note:EXC_CORPSE_NOTIFY

  ...

  Thread 4 Crashed:
  0   qemu-system-ppc   0x000109cd26d2 tcg_opt_gen_mov + 
178 (optimize.c:212)
  1   qemu-system-ppc   0x000109ccf838 tcg_optimize + 5656
  2   qemu-system-ppc   0x000109c27600 tcg_gen_code + 64 
(tcg.c:4490)
  3   qemu-system-ppc   0x000109c17b6d tb_gen_code + 493 
(translate-all.c:1952)
  4   qemu-system-ppc   0x000109c16085 tb_find + 41 
(cpu-exec.c:454) [inlined]
  5   qemu-system-ppc   0x000109c16085 cpu_exec + 2117 
(cpu-exec.c:810)
  6   qemu-system-ppc   0x000109c09ac3 tcg_cpus_exec + 35 
(tcg-cpus.c:57)
  7   qemu-system-ppc   0x000109c75edd rr_cpu_thread_fn + 
445 (tcg-cpus-rr.c:217)
  8   qemu-system-ppc   0x000109e41fae qemu_thread_start + 
126 (qemu-thread-posix.c:521)
  9   libsystem_pthread.dylib   0x7fff2038e950 _pthread_start + 224
  10  libsystem_pthread.dylib   0x7fff2038a47b thread_start + 15

  Here the crash is in tcg/optimize.c line 212:

mask = si->mask;

  "si" is NULL. The NULL value arises from tcg/optimize.c line 198:

   si = ts_info(src_ts);

  I did not attempt to determine the root cause of this issue, however.
  It clearly is related to the "tcg/optimize" changes in this commit.
  The previous commit c0dd6654f207810b16a75b673258f5ce2ceffbf0 doesn't
  crash.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1912065/+subscriptions



PPC64 TCG problem.. MSR[SF] switching.

2021-01-23 Thread Ivan Warren

Hello people,

I have the following issue : I'm using an OS (not linux) on a 
qemu-system-ppc64. (in my case a Power8 qemu target with a x86_64 TCG 
target)


This OS provides a set of NARROW/WIDE (MSR[SF]) agnostic code snippets 
in the 1st 64K of addresses (so they can be called using the PPC 'bla' 
instruction). Possibly this is kernel provided code so that it can 
provide the best strategy for the current runtime environment depending 
on CPU model or whatever the SPAPR Hypervisor says.


One of the routine is 1st being called in NARROW mode, and the TCG 
generated code reflects that. For example it (seems) to generate address 
folding in the output TCG target code (looking at log out_asm output) 
and/or possibly uses the 32 bit soft mmu helper (but can't be sure of 
this)..


Later the vCPU is switched to WIDE mode (MSR[SF]==1) and invokes the 
code again. No new code is being generated because it is already in the 
TCG cache, but that code is still the NARROW mode generated TCG target 
code so it fails miserably (address incorrectly truncated to 32 bit 
and/or wrong MMU strategy).


The solutions (if my assumptions are correct) I believe is either to 
flush the TCG output cache upon MSR[SF] switching (but that could kill 
performances if there is a lot of NARROW/WIDE switches... or have 2 TCG 
caches (one for narrow code and one for wide code).


It may also affect other architectures that can switch addressing modes 
(for example, s390x has 3 possible different modes that can be switched 
directly from problem state although it doesn't affect the MMU)..


Ideas ? Comments ?

Thanks,

--Ivan




smime.p7s
Description: S/MIME Cryptographic Signature


Re: [PATCH v2 09/12] qapi/meson: Restrict qdev code to system-mode emulation

2021-01-23 Thread Philippe Mathieu-Daudé
On 1/23/21 7:10 PM, Paolo Bonzini wrote:
> On 22/01/21 21:44, Philippe Mathieu-Daudé wrote:
>> Beside a CPU device, user-mode emulation doesn't access
>> anything else from qdev subsystem.
>>
>> Tools don't need anything from qdev.
> 
> I prefer to avoid stubs.  So if this patch can simply be dropped with no
> effects on 10-12, that's nicer for me.

The alternative is ugly:

-- >8 --
diff --git a/hw/core/qdev.c b/hw/core/qdev.c
index cefc5eaa0a9..d09f32e38d6 100644
--- a/hw/core/qdev.c
+++ b/hw/core/qdev.c
@@ -950,7 +950,9 @@ static void device_finalize(Object *obj)
 if (dev->pending_deleted_event) {
 g_assert(dev->canonical_path);

+#ifdef CONFIG_USER_ONLY
 qapi_event_send_device_deleted(!!dev->id, dev->id,
dev->canonical_path);
+#endif
 g_free(dev->canonical_path);
 dev->canonical_path = NULL;
 }
---

Maybe wrapping it in an inlined function?




Re: [PATCH] tcg: Restart code generation when we run out of temps

2021-01-23 Thread Philippe Mathieu-Daudé
On 1/24/21 12:01 AM, Richard Henderson wrote:
> Some large translation blocks can generate so many unique
> constants that we run out of temps to hold them.  In this
> case, longjmp back to the start of code generation and
> restart with a smaller translation block.

Clever and way nicer.
Reviewed-by: Philippe Mathieu-Daudé 

> 
> Buglink: https://bugs.launchpad.net/bugs/1912065
> Signed-off-by: Richard Henderson 
> ---
> 
> This replaces both the patch to increase the number of temps,
> and the buggy patch set that dynamically allocated the temps.
> 
> 
> r~
> 
> ---
>  include/tcg/tcg.h |  3 +++
>  accel/tcg/translate-all.c | 15 ++-
>  tcg/tcg.c | 11 ---
>  3 files changed, 25 insertions(+), 4 deletions(-)



Re: [PATCH v2 7/7] m68k: add Virtual M68k Machine

2021-01-23 Thread Philippe Mathieu-Daudé
On 12/20/20 12:26 PM, Laurent Vivier wrote:
> The machine is based on Goldfish interfaces defined by Google
> for Android simulator. It uses Goldfish-rtc (timer and RTC),
> Goldfish-pic (PIC) and Goldfish-tty (for serial port and early tty).
> 
> The machine is created with 128 virtio-mmio bus, and they can
> be used to use serial console, GPU, disk, NIC, HID, ...
> 
> Signed-off-by: Laurent Vivier 
> ---
>  default-configs/devices/m68k-softmmu.mak  |   1 +
>  .../standard-headers/asm-m68k/bootinfo-virt.h |  18 +
>  hw/m68k/virt.c| 312 ++
>  MAINTAINERS   |   9 +
>  hw/m68k/Kconfig   |  10 +
>  hw/m68k/meson.build   |   1 +
>  6 files changed, 351 insertions(+)
>  create mode 100644 include/standard-headers/asm-m68k/bootinfo-virt.h
>  create mode 100644 hw/m68k/virt.c
...

> diff --git a/include/standard-headers/asm-m68k/bootinfo-virt.h 
> b/include/standard-headers/asm-m68k/bootinfo-virt.h
> new file mode 100644
> index ..81be1e092497
> --- /dev/null
> +++ b/include/standard-headers/asm-m68k/bootinfo-virt.h
> @@ -0,0 +1,18 @@
> +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> +/*
> +** asm/bootinfo-virt.h -- Virtual-m68k-specific boot information definitions
> +*/
> +
> +#ifndef _UAPI_ASM_M68K_BOOTINFO_VIRT_H
> +#define _UAPI_ASM_M68K_BOOTINFO_VIRT_H
> +
> +#define BI_VIRT_QEMU_VERSION 0x8000
> +#define BI_VIRT_GF_PIC_BASE  0x8001
> +#define BI_VIRT_GF_RTC_BASE  0x8002
> +#define BI_VIRT_GF_TTY_BASE  0x8003
> +#define BI_VIRT_VIRTIO_BASE  0x8004
> +#define BI_VIRT_CTRL_BASE0x8005
> +
> +#define VIRT_BOOTI_VERSION   MK_BI_VERSION(2, 0)
> +
> +#endif /* _UAPI_ASM_M68K_BOOTINFO_MAC_H */

Doesn't this belong to patch #1?



Re: [PATCH v2 6/7] goldfish_rtc: re-arm the alarm after migration

2021-01-23 Thread Philippe Mathieu-Daudé
On 12/20/20 12:26 PM, Laurent Vivier wrote:
> After a migration the clock offset is updated, but we also
> need to re-arm the alarm if needed.
> 
> Signed-off-by: Laurent Vivier 
> Reviewed-by: Alistair Francis 
> ---
>  hw/rtc/goldfish_rtc.c | 2 ++
>  1 file changed, 2 insertions(+)

Reviewed-by: Philippe Mathieu-Daudé 



Re: [PATCH v2 2/7] char: add goldfish-tty

2021-01-23 Thread Philippe Mathieu-Daudé
On 12/20/20 12:26 PM, Laurent Vivier wrote:
> Signed-off-by: Laurent Vivier 
> ---
>  include/hw/char/goldfish_tty.h |  36 +
>  hw/char/goldfish_tty.c | 266 +
>  hw/char/Kconfig|   3 +
>  hw/char/meson.build|   2 +
>  hw/char/trace-events   |   9 ++
>  5 files changed, 316 insertions(+)
>  create mode 100644 include/hw/char/goldfish_tty.h
>  create mode 100644 hw/char/goldfish_tty.c
...

> +static void goldfish_tty_cmd(GoldfishTTYState *s, uint32_t cmd)
> +{
> +int to_copy;
> +
> +switch (cmd) {
> +case CMD_INT_DISABLE:
> +if (s->int_enabled) {
> +if (s->data_in_count) {
> +qemu_set_irq(s->irq, 0);
> +}
> +s->int_enabled = false;
> +}
> +break;
> +case CMD_INT_ENABLE:
> +if (!s->int_enabled) {
> +if (s->data_in_count) {
> +qemu_set_irq(s->irq, 1);
> +}
> +s->int_enabled = true;
> +}
> +break;
> +case CMD_WRITE_BUFFER:
> +to_copy = s->data_len;
> +while (to_copy) {
> +int len;
> +
> +len = MIN(GOLFISH_TTY_BUFFER_SIZE, to_copy);
> +
> +address_space_rw(_space_memory, s->data_ptr,
> + MEMTXATTRS_UNSPECIFIED, s->data_out, len, 0);

Could this fail, no need to check return value?

> +to_copy -= len;
> +qemu_chr_fe_write_all(>chr, s->data_out, len);
> +}
> +break;
> +case CMD_READ_BUFFER:
> +to_copy = MIN(s->data_len, s->data_in_count);
> +address_space_rw(_space_memory, s->data_ptr,
> + MEMTXATTRS_UNSPECIFIED, s->data_in, to_copy, 1);

Ditto.

> +s->data_in_count -= to_copy;
> +memmove(s->data_in, s->data_in + to_copy, s->data_in_count);
> +if (s->int_enabled && !s->data_in_count) {
> +qemu_set_irq(s->irq, 0);
> +}
> +break;
> +}
> +}
> +
> +static void goldfish_tty_write(void *opaque, hwaddr addr,
> +   uint64_t value, unsigned size)
> +{
> +GoldfishTTYState *s = opaque;
> +unsigned char c;
> +
> +trace_goldfish_tty_write(s, addr, size, value);
> +
> +switch (addr) {
> +case REG_PUT_CHAR:
> +c = value;
> +qemu_chr_fe_write_all(>chr, , sizeof(c));
> +break;
> +case REG_CMD:
> +goldfish_tty_cmd(s, value);
> +break;
> +case REG_DATA_PTR:
> +s->data_ptr = value;
> +break;
> +case REG_DATA_PTR_HIGH:
> +s->data_ptr = (value << 32) | (uint32_t)s->data_ptr;
> +break;
> +case REG_DATA_LEN:
> +s->data_len = value;
> +break;
> +default:
> +qemu_log_mask(LOG_UNIMP,
> +  "%s: unimplemented register write 
> 0x%02"HWADDR_PRIx"\n",
> +  __func__, addr);
> +break;
> +}
> +}
> +
> +static const MemoryRegionOps goldfish_tty_ops = {
> +.read = goldfish_tty_read,
> +.write = goldfish_tty_write,
> +.endianness = DEVICE_NATIVE_ENDIAN,
> +.valid.max_access_size = 4,
> +.impl.max_access_size = 4,

Missing:

  .impl.min = 4,

Otherwise:
Reviewed-by: Philippe Mathieu-Daudé 

> +};
> +



Re: [PATCH v2 3/7] intc: add goldfish-pic

2021-01-23 Thread Philippe Mathieu-Daudé
On 12/20/20 12:26 PM, Laurent Vivier wrote:
> Signed-off-by: Laurent Vivier 
> ---
>  include/hw/intc/goldfish_pic.h |  33 +
>  hw/intc/goldfish_pic.c | 214 +
>  hw/intc/Kconfig|   3 +
>  hw/intc/meson.build|   1 +
>  hw/intc/trace-events   |   8 ++
>  5 files changed, 259 insertions(+)
>  create mode 100644 include/hw/intc/goldfish_pic.h
>  create mode 100644 hw/intc/goldfish_pic.c
> 
> diff --git a/include/hw/intc/goldfish_pic.h b/include/hw/intc/goldfish_pic.h
> new file mode 100644
> index ..26e7ca75a3ec
> --- /dev/null
> +++ b/include/hw/intc/goldfish_pic.h
> @@ -0,0 +1,33 @@
> +/*
> + * SPDX-License-Identifer: GPL-2.0-or-later
> + *
> + * Goldfish PIC
> + *
> + * (c) 2020 Laurent Vivier 
> + *
> + */
> +
> +#ifndef HW_INTC_GOLDFISH_PIC_H
> +#define HW_INTC_GOLDFISH_PIC_H
> +
> +#define TYPE_GOLDFISH_PIC "goldfish_pic"
> +OBJECT_DECLARE_SIMPLE_TYPE(GoldfishPICState, GOLDFISH_PIC)
> +
> +#define GOLDFISH_PIC_IRQ_NB 32
> +
> +struct GoldfishPICState {
> +SysBusDevice parent_obj;
> +
> +MemoryRegion iomem;
> +qemu_irq irq;
> +
> +uint32_t pending;
> +uint32_t enabled;
> +
> +/* statistics */
> +uint64_t stats_irq_count[32];

GOLDFISH_PIC_IRQ_NB?

> +/* for tracing */
> +int idx;
> +};
> +
> +#endif
> diff --git a/hw/intc/goldfish_pic.c b/hw/intc/goldfish_pic.c

> +static const MemoryRegionOps goldfish_pic_ops = {
> +.read = goldfish_pic_read,
> +.write = goldfish_pic_write,
> +.endianness = DEVICE_NATIVE_ENDIAN,
> +.valid.max_access_size = 4,
> +.impl.max_access_size = 4,

Missing:

   .impl.min_access_size = 4,

Otherwise:
Reviewed-by: Philippe Mathieu-Daudé 

> +};
> +



[PATCH] tcg: Restart code generation when we run out of temps

2021-01-23 Thread Richard Henderson
Some large translation blocks can generate so many unique
constants that we run out of temps to hold them.  In this
case, longjmp back to the start of code generation and
restart with a smaller translation block.

Buglink: https://bugs.launchpad.net/bugs/1912065
Signed-off-by: Richard Henderson 
---

This replaces both the patch to increase the number of temps,
and the buggy patch set that dynamically allocated the temps.


r~

---
 include/tcg/tcg.h |  3 +++
 accel/tcg/translate-all.c | 15 ++-
 tcg/tcg.c | 11 ---
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index c5a9d65d5f..0f0695e90d 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -680,6 +680,9 @@ struct TCGContext {
 
 uint16_t gen_insn_end_off[TCG_MAX_INSNS];
 target_ulong gen_insn_data[TCG_MAX_INSNS][TARGET_INSN_START_WORDS];
+
+/* Exit to translator on overflow. */
+sigjmp_buf jmp_trans;
 };
 
 static inline bool temp_readonly(TCGTemp *ts)
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index d09c187e0f..81d4c83f22 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -1926,11 +1926,17 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
 ti = profile_getclock();
 #endif
 
+gen_code_size = sigsetjmp(tcg_ctx->jmp_trans, 0);
+if (unlikely(gen_code_size != 0)) {
+goto error_return;
+}
+
 tcg_func_start(tcg_ctx);
 
 tcg_ctx->cpu = env_cpu(env);
 gen_intermediate_code(cpu, tb, max_insns);
 tcg_ctx->cpu = NULL;
+max_insns = tb->icount;
 
 trace_translate_block(tb, tb->pc, tb->tc.ptr);
 
@@ -1955,6 +1961,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
 
 gen_code_size = tcg_gen_code(tcg_ctx, tb);
 if (unlikely(gen_code_size < 0)) {
+ error_return:
 switch (gen_code_size) {
 case -1:
 /*
@@ -1966,6 +1973,9 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
  * flush the TBs, allocate a new TB, re-initialize it per
  * above, and re-do the actual code generation.
  */
+qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
+  "Restarting code generation for "
+  "code_gen_buffer overflow\n");
 goto buffer_overflow;
 
 case -2:
@@ -1978,9 +1988,12 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
  * Try again with half as many insns as we attempted this time.
  * If a single insn overflows, there's a bug somewhere...
  */
-max_insns = tb->icount;
 assert(max_insns > 1);
 max_insns /= 2;
+qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
+  "Restarting code generation with "
+  "smaller translation block (max %d insns)\n",
+  max_insns);
 goto tb_overflow;
 
 default:
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 67b08f708d..9e1b0d73c7 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -1205,18 +1205,23 @@ void tcg_func_start(TCGContext *s)
 QSIMPLEQ_INIT(>labels);
 }
 
-static inline TCGTemp *tcg_temp_alloc(TCGContext *s)
+static TCGTemp *tcg_temp_alloc(TCGContext *s)
 {
 int n = s->nb_temps++;
-tcg_debug_assert(n < TCG_MAX_TEMPS);
+
+if (n >= TCG_MAX_TEMPS) {
+/* Signal overflow, starting over with fewer guest insns. */
+siglongjmp(s->jmp_trans, -2);
+}
 return memset(>temps[n], 0, sizeof(TCGTemp));
 }
 
-static inline TCGTemp *tcg_global_alloc(TCGContext *s)
+static TCGTemp *tcg_global_alloc(TCGContext *s)
 {
 TCGTemp *ts;
 
 tcg_debug_assert(s->nb_globals == s->nb_temps);
+tcg_debug_assert(s->nb_globals < TCG_MAX_TEMPS);
 s->nb_globals++;
 ts = tcg_temp_alloc(s);
 ts->kind = TEMP_GLOBAL;
-- 
2.25.1




[Bug 1912065] Re: Segfaults in tcg/optimize.c:212 after commit 7c79721606be11b5bc556449e5bcbc331ef6867d

2021-01-23 Thread Roman Bolshakov
Richard, thanks for providing the workaround. It helps.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1912065

Title:
  Segfaults in tcg/optimize.c:212 after commit
  7c79721606be11b5bc556449e5bcbc331ef6867d

Status in QEMU:
  In Progress

Bug description:
  QEMU segfaults to NULL dereference in tcg/optimize.c:212 semi-randomly
  after commit 7c79721606be11b5bc556449e5bcbc331ef6867d

  Exception Type:EXC_BAD_ACCESS (SIGSEGV)
  Exception Codes:   KERN_INVALID_ADDRESS at 0x0020
  Exception Note:EXC_CORPSE_NOTIFY

  ...

  Thread 4 Crashed:
  0   qemu-system-ppc   0x000109cd26d2 tcg_opt_gen_mov + 
178 (optimize.c:212)
  1   qemu-system-ppc   0x000109ccf838 tcg_optimize + 5656
  2   qemu-system-ppc   0x000109c27600 tcg_gen_code + 64 
(tcg.c:4490)
  3   qemu-system-ppc   0x000109c17b6d tb_gen_code + 493 
(translate-all.c:1952)
  4   qemu-system-ppc   0x000109c16085 tb_find + 41 
(cpu-exec.c:454) [inlined]
  5   qemu-system-ppc   0x000109c16085 cpu_exec + 2117 
(cpu-exec.c:810)
  6   qemu-system-ppc   0x000109c09ac3 tcg_cpus_exec + 35 
(tcg-cpus.c:57)
  7   qemu-system-ppc   0x000109c75edd rr_cpu_thread_fn + 
445 (tcg-cpus-rr.c:217)
  8   qemu-system-ppc   0x000109e41fae qemu_thread_start + 
126 (qemu-thread-posix.c:521)
  9   libsystem_pthread.dylib   0x7fff2038e950 _pthread_start + 224
  10  libsystem_pthread.dylib   0x7fff2038a47b thread_start + 15

  Here the crash is in tcg/optimize.c line 212:

mask = si->mask;

  "si" is NULL. The NULL value arises from tcg/optimize.c line 198:

   si = ts_info(src_ts);

  I did not attempt to determine the root cause of this issue, however.
  It clearly is related to the "tcg/optimize" changes in this commit.
  The previous commit c0dd6654f207810b16a75b673258f5ce2ceffbf0 doesn't
  crash.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1912065/+subscriptions



Re: [PATCH 22/25] hw/arm/armsse: Use Clock to set system_clock_scale

2021-01-23 Thread Peter Maydell
On Sat, 23 Jan 2021 at 20:30, Luc Michel  wrote:
>
> On 19:06 Thu 21 Jan , Peter Maydell wrote:
> > Use the MAINCLK Clock input to set the system_clock_scale variable
> > rather than using the mainclk_frq property.
> >
> > Signed-off-by: Peter Maydell 
> > ---
> > At some point we should make the SysTick take a Clock itself so
> > that we can get rid of the system_clock_scale global entirely.
> > (In fact we want two Clocks: one that is the CPU clock and one
> > for the 'external reference clock' whose period is currently
> > hardcoded at 1000ns in systick_scale()...)
> > ---
> >  hw/arm/armsse.c | 21 +
> >  1 file changed, 17 insertions(+), 4 deletions(-)
> >
> > diff --git a/hw/arm/armsse.c b/hw/arm/armsse.c
> > index 4349ce9bfdb..1da0c1be4c7 100644
> > --- a/hw/arm/armsse.c
> > +++ b/hw/arm/armsse.c
> > @@ -232,6 +232,16 @@ static void armsse_forward_sec_resp_cfg(ARMSSE *s)
> >  qdev_connect_gpio_out(dev_splitter, 2, s->sec_resp_cfg_in);
> >  }
> >
> > +static void armsse_mainclk_update(void *opaque)
> > +{
> > +ARMSSE *s = ARM_SSE(opaque);
> > +/*
> > + * Set system_clock_scale from our Clock input; this is what
> > + * controls the tick rate of the CPU SysTick timer.
> > + */
> > +system_clock_scale = clock_ticks_to_ns(s->mainclk, 1);
> > +}
> > +
> I think you forgot to connect this callback to the clock itself (the
> `qdev_init_clock_in` call in `armsse_init`).

Whoops, yes :-) As it happens all ARMSSE users are fixed-frequency
so this doesn't make a guest-visible difference, but it was
definitely my intention that this was a clock update callback.

> Moreover on a clock change event, shouldn't the SysTick timer be
> recomputed?

Systick correctly handles the system_clock_scale global being changed
at runtime, so once this callback is actually wired up to its Clock
that should just work.

thanks
-- PMM



Re: [PATCH] tcg: Increase the static number of temporaries

2021-01-23 Thread Richard Henderson
On 1/23/21 9:36 AM, Laurent Vivier wrote:
>>> -#define TCG_MAX_TEMPS 512
>>> +#define TCG_MAX_TEMPS 1024
>>
>> This seems not enough, I have:
>>
>> ERROR:.../tcg/tcg.c:1210:tcg_temp_alloc: assertion failed: (n < 
>> TCG_MAX_TEMPS)
>> Bail out! ERROR:.../tcg/tcg.c:1210:tcg_temp_alloc: assertion failed: (n < 
>> TCG_MAX_TEMPS)
>>
>> With my branch m68k-virt (68040 processor with virtio-mmio devices) booting 
>> debian sid.
> 
> The cause of the overflow is this sequence:

Thanks for the test case.  I was able to reproduce this with m68k-linux-user.
This TB uses 1063 separate constants.  :-/


r~



Re: [PATCH] coroutine-sigaltstack: Keep SIGUSR2 handler up

2021-01-23 Thread Paolo Bonzini

On 22/01/21 22:26, Laszlo Ersek wrote:

That seems bogus, per POSIX, given that all signals except SIGUSR2 are
included in the mask passed to sigsuspend().


What happens if you get a SIGSTOP at exactly the wrong time?  (Yeah I 
know how incredibly unlikely that would be).


BTW if we are in a mood for cleanup, there's no reason to use 
pthread_key_t instead of __thread + qemu_thread_atexit_add (adding a 
Notifier to struct CoroutineThreadState).  That would fix the issue with 
async-signal safety of pthread_getspecific.


(It makes sense for the function not to be async-signal safe since it 
can in principle allocate memory for the data.  In practice it's most 
likely okay if the function has been called before on this thread).


Paolo




Re: [PULL 00/10] tcg patch queue

2021-01-23 Thread Richard Henderson
On 1/23/21 8:50 AM, Richard Henderson wrote:
> The following changes since commit 0e32462630687a18039464511bd0447ada5709c3:
> 
>   Merge remote-tracking branch 
> 'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging 
> (2021-01-22 10:35:55 +)
> 
> are available in the Git repository at:
> 
>   https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20210123
> 
> for you to fetch changes up to 2e34067e9959f149a904cf1255985d3b68b52566:
> 
>   tcg: Toggle page execution for Apple Silicon (2021-01-22 12:48:01 -1000)
> 
> 
> Fix tcg constant segv.
> Optimize inline dup_const for MO_64.
> Update the cpu running flag in cpu_exec_step_atomic
> Some tidy up of tcg vs other accelerators

Please do not apply this pull.
The tcg constant fix isn't good enough.


r~


> 
> 
> Douglas Crosher (1):
>   tcg: update the cpu running flag in cpu_exec_step_atomic
> 
> Philippe Mathieu-Daudé (4):
>   accel/tcg: Make cpu_gen_init() static
>   accel/tcg: Restrict tb_gen_code() from other accelerators
>   accel/tcg: Declare missing cpu_loop_exit*() stubs
>   accel/tcg: Restrict cpu_io_recompile() from other accelerators
> 
> Richard Henderson (4):
>   qemu/compiler: Split out qemu_build_not_reached_always
>   tcg: Optimize inline dup_const for MO_64
>   tcg: Increase the static number of temporaries
>   accel/tcg: Move tb_flush_jmp_cache() to cputlb.c
> 
> Roman Bolshakov (1):
>   tcg: Toggle page execution for Apple Silicon
> 
>  accel/tcg/internal.h  | 20 
>  include/exec/exec-all.h   | 11 ---
>  include/qemu/compiler.h   |  5 +++--
>  include/qemu/osdep.h  | 28 
>  include/tcg/tcg.h |  5 +++--
>  accel/stubs/tcg-stub.c| 10 ++
>  accel/tcg/cpu-exec.c  |  7 +++
>  accel/tcg/cputlb.c| 19 +++
>  accel/tcg/translate-all.c | 23 +--
>  tcg/tcg.c |  7 ---
>  10 files changed, 99 insertions(+), 36 deletions(-)
>  create mode 100644 accel/tcg/internal.h
> 




[PATCH v8 4/5] iotests: rewrite check into python

2021-01-23 Thread Vladimir Sementsov-Ogievskiy
Just use classes introduced in previous three commits. Behavior
difference is described in these three commits.

Drop group file, as it becomes unused.

Drop common.env: now check is in python, and for tests we use same
python interpreter that runs the check itself. Use build environment
PYTHON in check-block instead, to keep "make check" use the same
python.

Checking for virtio-blk moved to iotests.py, as it actually iotests.py
dependency. Actually not all python iotests depend on it, so in future
it may be refactored to checked only when really needed.

Signed-off-by: Vladimir Sementsov-Ogievskiy 
---
 Makefile |1 -
 tests/check-block.sh |2 +-
 tests/qemu-iotests/check | 1095 --
 tests/qemu-iotests/common.env.in |3 -
 tests/qemu-iotests/group |  321 -
 tests/qemu-iotests/iotests.py|8 +
 tests/qemu-iotests/meson.build   |3 -
 7 files changed, 138 insertions(+), 1295 deletions(-)
 delete mode 100644 tests/qemu-iotests/common.env.in
 delete mode 100644 tests/qemu-iotests/group

diff --git a/Makefile b/Makefile
index 2a926aaeb0..d335d257bc 100644
--- a/Makefile
+++ b/Makefile
@@ -236,7 +236,6 @@ distclean: clean
rm -f config-host.mak config-host.h*
rm -f tests/tcg/config-*.mak
rm -f config-all-disas.mak config.status
-   rm -f tests/qemu-iotests/common.env
rm -f roms/seabios/config.mak roms/vgabios/config.mak
rm -f qemu-plugins-ld.symbols qemu-plugins-ld64.symbols
rm -f *-config-target.h *-config-devices.mak *-config-devices.h
diff --git a/tests/check-block.sh b/tests/check-block.sh
index e4f37905be..ac32fd67dd 100755
--- a/tests/check-block.sh
+++ b/tests/check-block.sh
@@ -76,7 +76,7 @@ export QEMU_CHECK_BLOCK_AUTO=1
 
 ret=0
 for fmt in $format_list ; do
-./check -makecheck -$fmt $group || ret=1
+${PYTHON} ./check -makecheck -$fmt $group || ret=1
 done
 
 exit $ret
diff --git a/tests/qemu-iotests/check b/tests/qemu-iotests/check
index 952762d5ed..5190dee82e 100755
--- a/tests/qemu-iotests/check
+++ b/tests/qemu-iotests/check
@@ -1,7 +1,8 @@
-#!/usr/bin/env bash
+#!/usr/bin/env python3
 #
-# Copyright (C) 2009 Red Hat, Inc.
-# Copyright (c) 2000-2002,2006 Silicon Graphics, Inc.  All Rights Reserved.
+# Configure environment and run group of tests in it.
+#
+# Copyright (c) 2020-2021 Virtuozzo International GmbH
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
@@ -14,967 +15,129 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see .
-#
-#
-# Control script for QA
-#
-
-status=0
-needwrap=true
-try=0
-n_bad=0
-bad=""
-notrun=""
-casenotrun=""
-interrupt=true
-makecheck=false
-
-_init_error()
-{
-echo "check: $1" >&2
-exit 1
-}
-
-if [ -L "$0" ]
-then
-# called from the build tree
-source_iotests=$(dirname "$(readlink "$0")")
-if [ -z "$source_iotests" ]
-then
-_init_error "failed to obtain source tree name from check symlink"
-fi
-source_iotests=$(cd "$source_iotests"; pwd) || _init_error "failed to 
enter source tree"
-build_iotests=$(cd "$(dirname "$0")"; pwd)
-else
-# called from the source tree
-source_iotests=$PWD
-# this may be an in-tree build (note that in the following code we may not
-# assume that it truly is and have to test whether the build results
-# actually exist)
-build_iotests=$PWD
-fi
-
-build_root="$build_iotests/../.."
-
-# we need common.env
-if ! . "$build_iotests/common.env"
-then
-_init_error "failed to source common.env (make sure the qemu-iotests are 
run from tests/qemu-iotests in the build tree)"
-fi
-
-# we need common.config
-if ! . "$source_iotests/common.config"
-then
-_init_error "failed to source common.config"
-fi
-
-_full_imgfmt_details()
-{
-if [ -n "$IMGOPTS" ]; then
-echo "$IMGFMT ($IMGOPTS)"
-else
-echo "$IMGFMT"
-fi
-}
-
-_full_platform_details()
-{
-os=$(uname -s)
-host=$(hostname -s)
-kernel=$(uname -r)
-platform=$(uname -m)
-echo "$os/$platform $host $kernel"
-}
-
-_full_env_details()
-{
-cat < /dev/null)
-if [ -n "$p" -a -x "$p" ]; then
-type -p "$p"
-else
-return 1
-fi
-}
-
-if [ -z "$TEST_DIR" ]; then
-TEST_DIR=$PWD/scratch
-fi
-mkdir -p "$TEST_DIR" || _init_error 'Failed to create TEST_DIR'
-
-tmp_sock_dir=false
-if [ -z "$SOCK_DIR" ]; then
-SOCK_DIR=$(mktemp -d)
-tmp_sock_dir=true
-fi
-mkdir -p "$SOCK_DIR" || _init_error 'Failed to create SOCK_DIR'
-
-diff="diff -u"
-verbose=false
-debug=false
-group=false
-xgroup=false
-imgopts=false
-showme=false
-sortme=false
-expunge=true
-have_test_arg=false
-cachemode=false
-aiomode=false
-
-tmp="${TEST_DIR}"/$$
-rm -f $tmp.list $tmp.tmp $tmp.sed
-
-export IMGFMT=raw
-export IMGFMT_GENERIC=true
-export 

[PATCH v8 3/5] iotests: add testrunner.py

2021-01-23 Thread Vladimir Sementsov-Ogievskiy
Add TestRunner class, which will run tests in a new python iotests
running framework.

There are some differences with current ./check behavior, most
significant are:
- Consider all tests self-executable, just run them, don't run python
  by hand.
- Elapsed time is cached in json file
- Elapsed time precision increased a bit
- Instead of using "diff -w" which ignores all whitespace differences,
  manually strip whitespace at line end then use python difflib, which
  no longer ignores spacing mid-line

Signed-off-by: Vladimir Sementsov-Ogievskiy 
---
 tests/qemu-iotests/testrunner.py | 366 +++
 1 file changed, 366 insertions(+)
 create mode 100644 tests/qemu-iotests/testrunner.py

diff --git a/tests/qemu-iotests/testrunner.py b/tests/qemu-iotests/testrunner.py
new file mode 100644
index 00..e80c25adba
--- /dev/null
+++ b/tests/qemu-iotests/testrunner.py
@@ -0,0 +1,366 @@
+# Class for actually running tests.
+#
+# Copyright (c) 2020-2021 Virtuozzo International GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+#
+
+import os
+from pathlib import Path
+import datetime
+import time
+import difflib
+import subprocess
+import contextlib
+import json
+import termios
+import sys
+from contextlib import contextmanager
+from contextlib import AbstractContextManager
+from typing import List, Optional, Iterator, Any, Sequence
+
+from testenv import TestEnv
+
+
+def silent_unlink(path: Path) -> None:
+try:
+path.unlink()
+except OSError:
+pass
+
+
+def file_diff(file1: str, file2: str) -> List[str]:
+with open(file1) as f1, open(file2) as f2:
+# We want to ignore spaces at line ends. There are a lot of mess about
+# it in iotests.
+# TODO: fix all tests to not produce extra spaces, fix all .out files
+# and use strict diff here!
+seq1 = [line.rstrip() for line in f1]
+seq2 = [line.rstrip() for line in f2]
+res = [line.rstrip()
+   for line in difflib.unified_diff(seq1, seq2, file1, file2)]
+return res
+
+
+# We want to save current tty settings during test run,
+# since an aborting qemu call may leave things screwed up.
+@contextmanager
+def savetty() -> Iterator[None]:
+isterm = sys.stdin.isatty()
+if isterm:
+fd = sys.stdin.fileno()
+attr = termios.tcgetattr(fd)
+
+try:
+yield
+finally:
+if isterm:
+termios.tcsetattr(fd, termios.TCSADRAIN, attr)
+
+
+class LastElapsedTime(AbstractContextManager['LastElapsedTime']):
+""" Cache for elapsed time for tests, to show it during new test run
+
+It is safe to use get() at any time.  To use update(), you must either
+use it inside with-block or use save() after update().
+"""
+def __init__(self, cache_file: str, env: TestEnv) -> None:
+self.env = env
+self.cache_file = cache_file
+
+try:
+with open(cache_file) as f:
+self.cache = json.load(f)
+except (OSError, ValueError):
+self.cache = {}
+
+def get(self, test: str,
+default: Optional[float] = None) -> Optional[float]:
+if test not in self.cache:
+return default
+
+if self.env.imgproto not in self.cache[test]:
+return default
+
+return self.cache[test][self.env.imgproto].get(self.env.imgfmt,
+   default)
+
+def update(self, test: str, elapsed: float) -> None:
+d = self.cache.setdefault(test, {})
+d = d.setdefault(self.env.imgproto, {})
+d[self.env.imgfmt] = elapsed
+
+def save(self) -> None:
+with open(self.cache_file, 'w') as f:
+json.dump(self.cache, f)
+
+def __enter__(self) -> 'LastElapsedTime':
+return self
+
+def __exit__(self, exc_type: Any, exc_value: Any, traceback: Any) -> None:
+self.save()
+
+
+class TestResult:
+def __init__(self, status: str, description: str = '',
+ elapsed: Optional[float] = None, diff: Sequence[str] = (),
+ casenotrun: str = '', interrupted: bool = False) -> None:
+self.status = status
+self.description = description
+self.elapsed = elapsed
+self.diff = diff
+self.casenotrun = casenotrun
+self.interrupted = interrupted
+
+
+class 

[PATCH v8 5/5] iotests: rename and move 169 and 199 tests

2021-01-23 Thread Vladimir Sementsov-Ogievskiy
Rename bitmaps migration tests and move them to tests subdirectory to
demonstrate new human-friendly test naming.

Signed-off-by: Vladimir Sementsov-Ogievskiy 
---
 tests/qemu-iotests/{199 => tests/migrate-bitmaps-postcopy-test}   | 0
 .../{199.out => tests/migrate-bitmaps-postcopy-test.out}  | 0
 tests/qemu-iotests/{169 => tests/migrate-bitmaps-test}| 0
 tests/qemu-iotests/{169.out => tests/migrate-bitmaps-test.out}| 0
 4 files changed, 0 insertions(+), 0 deletions(-)
 rename tests/qemu-iotests/{199 => tests/migrate-bitmaps-postcopy-test} (100%)
 rename tests/qemu-iotests/{199.out => tests/migrate-bitmaps-postcopy-test.out} 
(100%)
 rename tests/qemu-iotests/{169 => tests/migrate-bitmaps-test} (100%)
 rename tests/qemu-iotests/{169.out => tests/migrate-bitmaps-test.out} (100%)

diff --git a/tests/qemu-iotests/199 
b/tests/qemu-iotests/tests/migrate-bitmaps-postcopy-test
similarity index 100%
rename from tests/qemu-iotests/199
rename to tests/qemu-iotests/tests/migrate-bitmaps-postcopy-test
diff --git a/tests/qemu-iotests/199.out 
b/tests/qemu-iotests/tests/migrate-bitmaps-postcopy-test.out
similarity index 100%
rename from tests/qemu-iotests/199.out
rename to tests/qemu-iotests/tests/migrate-bitmaps-postcopy-test.out
diff --git a/tests/qemu-iotests/169 
b/tests/qemu-iotests/tests/migrate-bitmaps-test
similarity index 100%
rename from tests/qemu-iotests/169
rename to tests/qemu-iotests/tests/migrate-bitmaps-test
diff --git a/tests/qemu-iotests/169.out 
b/tests/qemu-iotests/tests/migrate-bitmaps-test.out
similarity index 100%
rename from tests/qemu-iotests/169.out
rename to tests/qemu-iotests/tests/migrate-bitmaps-test.out
-- 
2.29.2




[PATCH v8 2/5] iotests: add testenv.py

2021-01-23 Thread Vladimir Sementsov-Ogievskiy
Add TestEnv class, which will handle test environment in a new python
iotests running framework.

Don't add compat=1.1 for qcow2 IMGOPTS, as v3 is default anyway.

Signed-off-by: Vladimir Sementsov-Ogievskiy 
---
 tests/qemu-iotests/testenv.py | 278 ++
 1 file changed, 278 insertions(+)
 create mode 100644 tests/qemu-iotests/testenv.py

diff --git a/tests/qemu-iotests/testenv.py b/tests/qemu-iotests/testenv.py
new file mode 100644
index 00..348af593e9
--- /dev/null
+++ b/tests/qemu-iotests/testenv.py
@@ -0,0 +1,278 @@
+# TestEnv class to manage test environment variables.
+#
+# Copyright (c) 2020-2021 Virtuozzo International GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+#
+
+import os
+import sys
+import tempfile
+from pathlib import Path
+import shutil
+import collections
+import random
+import subprocess
+import glob
+from contextlib import AbstractContextManager
+from typing import Dict, Any, Optional
+
+
+def get_default_machine(qemu_prog: str) -> str:
+outp = subprocess.run([qemu_prog, '-machine', 'help'], check=True,
+  universal_newlines=True,
+  stdout=subprocess.PIPE).stdout
+
+machines = outp.split('\n')
+default_machine = next(m for m in machines if m.endswith(' (default)'))
+default_machine = default_machine.split(' ', 1)[0]
+
+alias_suf = ' (alias of {})'.format(default_machine)
+alias = next((m for m in machines if m.endswith(alias_suf)), None)
+if alias is not None:
+default_machine = alias.split(' ', 1)[0]
+
+return default_machine
+
+
+class TestEnv(AbstractContextManager['TestEnv']):
+"""
+Manage system environment for running tests
+
+The following variables are supported/provided. They are represented by
+lower-cased TestEnv attributes.
+"""
+
+# We store environment variables as instance attributes, and there are a
+# lot of them. Silence pylint:
+# pylint: disable=too-many-instance-attributes
+
+env_variables = ['PYTHONPATH', 'TEST_DIR', 'SOCK_DIR', 'SAMPLE_IMG_DIR',
+ 'OUTPUT_DIR', 'PYTHON', 'QEMU_PROG', 'QEMU_IMG_PROG',
+ 'QEMU_IO_PROG', 'QEMU_NBD_PROG', 'QSD_PROG',
+ 'SOCKET_SCM_HELPER', 'QEMU_OPTIONS', 'QEMU_IMG_OPTIONS',
+ 'QEMU_IO_OPTIONS', 'QEMU_IO_OPTIONS_NO_FMT',
+ 'QEMU_NBD_OPTIONS', 'IMGOPTS', 'IMGFMT', 'IMGPROTO',
+ 'AIOMODE', 'CACHEMODE', 'VALGRIND_QEMU',
+ 'CACHEMODE_IS_DEFAULT', 'IMGFMT_GENERIC', 'IMGOPTSSYNTAX',
+ 'IMGKEYSECRET', 'QEMU_DEFAULT_MACHINE', 'MALLOC_PERTURB_']
+
+def get_env(self) -> Dict[str, str]:
+env = {}
+for v in self.env_variables:
+val = getattr(self, v.lower(), None)
+if val is not None:
+env[v] = val
+
+return env
+
+def init_directories(self):
+"""Init directory variables:
+ PYTHONPATH
+ TEST_DIR
+ SOCK_DIR
+ SAMPLE_IMG_DIR
+ OUTPUT_DIR
+"""
+self.pythonpath = os.getenv('PYTHONPATH')
+if self.pythonpath:
+self.pythonpath = self.source_iotests + os.pathsep + \
+self.pythonpath
+else:
+self.pythonpath = self.source_iotests
+
+self.test_dir = os.getenv('TEST_DIR',
+  os.path.join(os.getcwd(), 'scratch'))
+Path(self.test_dir).mkdir(parents=True, exist_ok=True)
+
+self.sock_dir = os.getenv('SOCK_DIR')
+self.tmp_sock_dir = False
+if self.sock_dir:
+Path(self.test_dir).mkdir(parents=True, exist_ok=True)
+else:
+self.sock_dir = tempfile.mkdtemp()
+self.tmp_sock_dir = True
+
+self.sample_img_dir = os.getenv('SAMPLE_IMG_DIR',
+os.path.join(self.source_iotests,
+ 'sample_images'))
+
+self.output_dir = os.getcwd()  # OUTPUT_DIR
+
+def init_binaries(self):
+"""Init binary path variables:
+ PYTHON (for bash tests)
+ QEMU_PROG, QEMU_IMG_PROG, QEMU_IO_PROG, QEMU_NBD_PROG, QSD_PROG
+ SOCKET_SCM_HELPER
+"""
+self.python = sys.executable
+
+def 

[PATCH v8 1/5] iotests: add findtests.py

2021-01-23 Thread Vladimir Sementsov-Ogievskiy
Add python script with new logic of searching for tests:

Current ./check behavior:
 - tests are named [0-9][0-9][0-9]
 - tests must be registered in group file (even if test doesn't belong
   to any group, like 142)

Behavior of findtests.py:
 - group file is dropped
 - tests are all files in tests/ subdirectory (except for .out files),
   so it's not needed more to "register the test", just create it with
   appropriate name in tests/ subdirectory. Old names like
   [0-9][0-9][0-9] (in root iotests directory) are supported too, but
   not recommended for new tests
 - groups are parsed from '# group: ' line inside test files
 - optional file group.local may be used to define some additional
   groups for downstreams
 - 'disabled' group is used to temporary disable tests. So instead of
   commenting tests in old 'group' file you now can add them to
   disabled group with help of 'group.local' file
 - selecting test ranges like 5-15 are not supported more
   (to support restarting failed ./check command from the middle of the
process, new argument is added: --start-from)

Benefits:
 - no rebase conflicts in group file on patch porting from branch to
   branch
 - no conflicts in upstream, when different series want to occupy same
   test number
 - meaningful names for test files
   For example, with digital number, when some person wants to add some
   test about block-stream, he most probably will just create a new
   test. But if there would be test-block-stream test already, he will
   at first look at it and may be just add a test-case into it.
   And anyway meaningful names are better.

This commit doesn't update check behavior (which will be done in
further commit), still, the documentation changed like new behavior is
already here.  Let's live with this small inconsistency for the
following few commits, until final change.

Signed-off-by: Vladimir Sementsov-Ogievskiy 
Reviewed-by: Eric Blake 
---
 docs/devel/testing.rst  |  50 +-
 tests/qemu-iotests/findtests.py | 159 
 2 files changed, 208 insertions(+), 1 deletion(-)
 create mode 100644 tests/qemu-iotests/findtests.py

diff --git a/docs/devel/testing.rst b/docs/devel/testing.rst
index 0aa7a13bba..454b706141 100644
--- a/docs/devel/testing.rst
+++ b/docs/devel/testing.rst
@@ -111,7 +111,7 @@ check-block
 ---
 
 ``make check-block`` runs a subset of the block layer iotests (the tests that
-are in the "auto" group in ``tests/qemu-iotests/group``).
+are in the "auto" group).
 See the "QEMU iotests" section below for more information.
 
 GCC gcov support
@@ -224,6 +224,54 @@ another application on the host may have locked the file, 
possibly leading to a
 test failure.  If using such devices are explicitly desired, consider adding
 ``locking=off`` option to disable image locking.
 
+Test case groups
+
+
+"Tests may belong to one or more test groups, which are defined in the form
+of a comment in the test source file. By convention, test groups are listed
+in the second line of the test file, after the "#!/..." line, like this:
+
+.. code::
+
+  #!/usr/bin/env python3
+  # group: auto quick
+  #
+  ...
+
+Another way of defining groups is creating the tests/qemu-iotests/group.local
+file. This should be used only for downstream (this file should never appear
+in upstream). This file may be used for defining some downstream test groups
+or for temporarily disabling tests, like this:
+
+.. code::
+
+  # groups for some company downstream process
+  #
+  # ci - tests to run on build
+  # down - our downstream tests, not for upstream
+  #
+  # Format of each line is:
+  # TEST_NAME TEST_GROUP [TEST_GROUP ]...
+
+  013 ci
+  210 disabled
+  215 disabled
+  our-ugly-workaround-test down ci
+
+Note that the following group names have a special meaning:
+
+- quick: Tests in this group should finish within a few seconds.
+
+- auto: Tests in this group are used during "make check" and should be
+  runnable in any case. That means they should run with every QEMU binary
+  (also non-x86), with every QEMU configuration (i.e. must not fail if
+  an optional feature is not compiled in - but reporting a "skip" is ok),
+  work at least with the qcow2 file format, work with all kind of host
+  filesystems and users (e.g. "nobody" or "root") and must not take too
+  much memory and disk space (since CI pipelines tend to fail otherwise).
+
+- disabled: Tests in this group are disabled and ignored by check.
+
 .. _docker-ref:
 
 Docker based tests
diff --git a/tests/qemu-iotests/findtests.py b/tests/qemu-iotests/findtests.py
new file mode 100644
index 00..d0c72efd6a
--- /dev/null
+++ b/tests/qemu-iotests/findtests.py
@@ -0,0 +1,159 @@
+# TestFinder class, define set of tests to run.
+#
+# Copyright (c) 2020-2021 Virtuozzo International GmbH
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the 

[PATCH v8 0/5] Rework iotests/check

2021-01-23 Thread Vladimir Sementsov-Ogievskiy
v8:

about linters:

I didn't modify 297, as Max already staged 297 modifications to test all files.

Also, now I have two complains:
+* Module testenv
+testenv.py:158:4: R0915: Too many statements (53/50) (too-many-statements)
+* Module testrunner
+testrunner.py:222:4: R0911: Too many return statements (7/6) 
(too-many-return-statements)
 Success: no issues found in 5 source files

And I feel, I'm tired to refactor it now.. Probably we can ignore them in 297. 
Probably I can
do some refactoring as a follow-up.

findtests: grammar, wording, add Eric's r-b
testenv: commit msg adjusted
 wording, grammar
 missed env_variables added
 add logic for searching qemu-system-*, if
 qemu-system-{arch} is not exist
 handle valgrind and MALLOC_PERTURB_
 fix s/vmkd/vmdk/
testrunner: commit msg adjusted
wording
fix extra new lines in diff output
s/0/fd/
use class instead of namedtuple
don't handle MALLOC_PERTURB_
declare self._stack in __init__
change thistime to be float
handle KeyboardInterrupt
casenotrun init to ''
fix "output mismatch .. {f_bad}" to be f-string
smarter terminal color handling
check: wording, grammar, sheepdoG, exClude_groups
   change valgrind to be simple boolean option and pass
  it to TestEnv
   handle group.local
   check virtio-blk in iotests.py
   add --color option

Vladimir Sementsov-Ogievskiy (5):
  iotests: add findtests.py
  iotests: add testenv.py
  iotests: add testrunner.py
  iotests: rewrite check into python
  iotests: rename and move 169 and 199 tests

 docs/devel/testing.rst|   50 +-
 Makefile  |1 -
 tests/check-block.sh  |2 +-
 tests/qemu-iotests/check  | 1095 ++---
 tests/qemu-iotests/common.env.in  |3 -
 tests/qemu-iotests/findtests.py   |  159 +++
 tests/qemu-iotests/group  |  321 -
 tests/qemu-iotests/iotests.py |8 +
 tests/qemu-iotests/meson.build|3 -
 tests/qemu-iotests/testenv.py |  278 +
 tests/qemu-iotests/testrunner.py  |  366 ++
 .../migrate-bitmaps-postcopy-test}|0
 .../migrate-bitmaps-postcopy-test.out}|0
 .../{169 => tests/migrate-bitmaps-test}   |0
 .../migrate-bitmaps-test.out} |0
 15 files changed, 990 insertions(+), 1296 deletions(-)
 delete mode 100644 tests/qemu-iotests/common.env.in
 create mode 100644 tests/qemu-iotests/findtests.py
 delete mode 100644 tests/qemu-iotests/group
 create mode 100644 tests/qemu-iotests/testenv.py
 create mode 100644 tests/qemu-iotests/testrunner.py
 rename tests/qemu-iotests/{199 => tests/migrate-bitmaps-postcopy-test} (100%)
 rename tests/qemu-iotests/{199.out => tests/migrate-bitmaps-postcopy-test.out} 
(100%)
 rename tests/qemu-iotests/{169 => tests/migrate-bitmaps-test} (100%)
 rename tests/qemu-iotests/{169.out => tests/migrate-bitmaps-test.out} (100%)

-- 
2.29.2




[PULL v2 00/30] Misc patches for 2021-01-21

2021-01-23 Thread Paolo Bonzini
The following changes since commit fef80ea073c4862bc9eaddb6ddb0ed970b8ad7c4:

  Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-01-20' into 
staging (2021-01-21 10:44:28 +)

are available in the Git repository at:

  https://gitlab.com/bonzini/qemu.git tags/for-upstream

for you to fetch changes up to ccd3b3b8112b670fdccf8a392b8419b173ffccb4:

  qemu-option: warn for short-form boolean options (2021-01-23 15:55:08 -0500)


* Make MinGW respect --bindir (Joshua)
* Switch MinGW to a "deep" installation (Joshua + NSIS fixes by myself)
* Fix compilation errors/warnings (Qixin, Philippe)
* QemuOpts cleanups (myself)
* Consistency improvements for -action (myself)
* remove deprecated "change vnc TARGET" functionality (myself)
* meson cleanups (Marc-André, Philippe, myself)
* IDE out-of-bounds access (Prasad)
* LA57 fix for -cpu max (Weijiang)


Gan Qixin (1):
  util/cacheflush: Fix error generated by clang

Joshua Watt (1):
  configure: MinGW respect --bindir argument

Marc-André Lureau (3):
  build-sys: remove unused LIBS
  build-sys: set global arguments for cflags/ldflags
  build-sys: add libvhost-user missing dependencies

Paolo Bonzini (11):
  runstate: cleanup reboot and panic actions
  build-system: clean up TCG/TCI configury
  nsis: adjust for new MinGW paths
  meson: convert wixl detection to Meson
  acceptance: switch to QMP change-vnc-password command
  hmp: remove "change vnc TARGET" command
  qmp: remove deprecated "change" command
  vnc: support "-vnc help"
  qemu-option: clean up id vs. list->merge_lists
  qemu-option: move help handling to get_opt_name_value
  qemu-option: warn for short-form boolean options

Philippe Mathieu-Daudé (12):
  softmmu/physmem: Silence GCC 10 maybe-uninitialized error
  meson: Declare have_virtfs_proxy_helper in main meson.build
  meson: Summarize information related to directories first
  meson: Display host binaries information altogether
  meson: Summarize overall features altogether
  meson: Summarize compilation-related information altogether
  meson: Display accelerators and selected targets altogether
  meson: Display block layer information altogether
  meson: Display crypto-related information altogether
  meson: Add a section header for library dependencies
  meson.build: Declare global edk2_targets / install_edk2_blobs variables
  meson.build: Detect bzip2 program

Prasad J Pandit (1):
  ide: atapi: check logical block address and read size (CVE-2020-29443)

Yang Weijiang (1):
  x86/cpu: Use max host physical address if -cpu max option is applied

 Makefile  |   2 -
 configure | 144 +++---
 disas/meson.build |   2 -
 docs/system/deprecated.rst|  11 +-
 docs/system/removed-features.rst  |  11 ++
 fsdev/meson.build |   1 -
 hmp-commands.hx   |   6 -
 hw/ide/atapi.c|  30 ++-
 include/ui/console.h  |   2 +-
 meson.build   | 346 --
 meson_options.txt |   4 +
 monitor/hmp-cmds.c|   7 +-
 monitor/qmp-cmds.c|  51 -
 pc-bios/descriptors/meson.build   |  30 +--
 pc-bios/meson.build   |   6 +-
 qapi/misc.json|  49 -
 qapi/run-state.json   |  10 +-
 qemu-options.hx   |   8 +-
 qemu.nsi  |  42 +
 qga/meson.build   |  55 +++---
 softmmu/physmem.c |   2 +-
 softmmu/runstate-action.c |   4 +-
 softmmu/runstate.c|   7 +-
 softmmu/vl.c  |   8 +-
 subprojects/libvhost-user/meson.build |   3 +
 target/i386/cpu.c |   1 +
 tests/acceptance/vnc.py   |  18 +-
 tests/test-qemu-opts.c|   2 +-
 ui/vnc-stubs.c|   7 +-
 ui/vnc.c  |   8 +-
 util/cacheflush.c |   8 +-
 util/qemu-option.c|  86 +
 32 files changed, 433 insertions(+), 538 deletions(-)
-- 
2.26.2




Re: [PATCH 24/25] arm: Remove frq properties on CMSDK timer, dualtimer, watchdog, ARMSSE

2021-01-23 Thread Luc Michel
On 19:06 Thu 21 Jan , Peter Maydell wrote:
> Now no users are setting the frq properties on the CMSDK timer,
> dualtimer, watchdog or ARMSSE SoC devices, we can remove the
> properties and the struct fields that back them.
> 
> Signed-off-by: Peter Maydell 

Reviewed-by: Luc Michel 

> ---
>  include/hw/arm/armsse.h  | 2 --
>  include/hw/timer/cmsdk-apb-dualtimer.h   | 2 --
>  include/hw/timer/cmsdk-apb-timer.h   | 2 --
>  include/hw/watchdog/cmsdk-apb-watchdog.h | 2 --
>  hw/arm/armsse.c  | 2 --
>  hw/timer/cmsdk-apb-dualtimer.c   | 6 --
>  hw/timer/cmsdk-apb-timer.c   | 6 --
>  hw/watchdog/cmsdk-apb-watchdog.c | 6 --
>  8 files changed, 28 deletions(-)
> 
> diff --git a/include/hw/arm/armsse.h b/include/hw/arm/armsse.h
> index bfa1e79c4fe..676cd4f36b0 100644
> --- a/include/hw/arm/armsse.h
> +++ b/include/hw/arm/armsse.h
> @@ -41,7 +41,6 @@
>   *  + Clock input "S32KCLK": slow 32KHz clock used for a few peripherals
>   *  + QOM property "memory" is a MemoryRegion containing the devices provided
>   *by the board model.
> - *  + QOM property "MAINCLK_FRQ" is the frequency of the main system clock
>   *  + QOM property "EXP_NUMIRQ" sets the number of expansion interrupts.
>   *(In hardware, the SSE-200 permits the number of expansion interrupts
>   *for the two CPUs to be configured separately, but we restrict it to
> @@ -218,7 +217,6 @@ struct ARMSSE {
>  /* Properties */
>  MemoryRegion *board_memory;
>  uint32_t exp_numirq;
> -uint32_t mainclk_frq;
>  uint32_t sram_addr_width;
>  uint32_t init_svtor;
>  bool cpu_fpu[SSE_MAX_CPUS];
> diff --git a/include/hw/timer/cmsdk-apb-dualtimer.h 
> b/include/hw/timer/cmsdk-apb-dualtimer.h
> index 3adbb01dd34..f3ec86c00b5 100644
> --- a/include/hw/timer/cmsdk-apb-dualtimer.h
> +++ b/include/hw/timer/cmsdk-apb-dualtimer.h
> @@ -16,7 +16,6 @@
>   * 
> https://developer.arm.com/products/system-design/system-design-kits/cortex-m-system-design-kit
>   *
>   * QEMU interface:
> - *  + QOM property "pclk-frq": frequency at which the timer is clocked
>   *  + Clock input "TIMCLK": clock (for both timers)
>   *  + sysbus MMIO region 0: the register bank
>   *  + sysbus IRQ 0: combined timer interrupt TIMINTC
> @@ -63,7 +62,6 @@ struct CMSDKAPBDualTimer {
>  /*< public >*/
>  MemoryRegion iomem;
>  qemu_irq timerintc;
> -uint32_t pclk_frq;
>  Clock *timclk;
>  
>  CMSDKAPBDualTimerModule timermod[CMSDK_APB_DUALTIMER_NUM_MODULES];
> diff --git a/include/hw/timer/cmsdk-apb-timer.h 
> b/include/hw/timer/cmsdk-apb-timer.h
> index 54f7ec8c502..c4c7eae8499 100644
> --- a/include/hw/timer/cmsdk-apb-timer.h
> +++ b/include/hw/timer/cmsdk-apb-timer.h
> @@ -23,7 +23,6 @@ OBJECT_DECLARE_SIMPLE_TYPE(CMSDKAPBTimer, CMSDK_APB_TIMER)
>  
>  /*
>   * QEMU interface:
> - *  + QOM property "pclk-frq": frequency at which the timer is clocked
>   *  + Clock input "pclk": clock for the timer
>   *  + sysbus MMIO region 0: the register bank
>   *  + sysbus IRQ 0: timer interrupt TIMERINT
> @@ -35,7 +34,6 @@ struct CMSDKAPBTimer {
>  /*< public >*/
>  MemoryRegion iomem;
>  qemu_irq timerint;
> -uint32_t pclk_frq;
>  struct ptimer_state *timer;
>  Clock *pclk;
>  
> diff --git a/include/hw/watchdog/cmsdk-apb-watchdog.h 
> b/include/hw/watchdog/cmsdk-apb-watchdog.h
> index 34069ca6969..c6b3e78731e 100644
> --- a/include/hw/watchdog/cmsdk-apb-watchdog.h
> +++ b/include/hw/watchdog/cmsdk-apb-watchdog.h
> @@ -16,7 +16,6 @@
>   * 
> https://developer.arm.com/products/system-design/system-design-kits/cortex-m-system-design-kit
>   *
>   * QEMU interface:
> - *  + QOM property "wdogclk-frq": frequency at which the watchdog is clocked
>   *  + Clock input "WDOGCLK": clock for the watchdog's timer
>   *  + sysbus MMIO region 0: the register bank
>   *  + sysbus IRQ 0: watchdog interrupt
> @@ -53,7 +52,6 @@ struct CMSDKAPBWatchdog {
>  /*< public >*/
>  MemoryRegion iomem;
>  qemu_irq wdogint;
> -uint32_t wdogclk_frq;
>  bool is_luminary;
>  struct ptimer_state *timer;
>  Clock *wdogclk;
> diff --git a/hw/arm/armsse.c b/hw/arm/armsse.c
> index 7494afc630e..513caa33a9a 100644
> --- a/hw/arm/armsse.c
> +++ b/hw/arm/armsse.c
> @@ -48,7 +48,6 @@ static Property iotkit_properties[] = {
>  DEFINE_PROP_LINK("memory", ARMSSE, board_memory, TYPE_MEMORY_REGION,
>   MemoryRegion *),
>  DEFINE_PROP_UINT32("EXP_NUMIRQ", ARMSSE, exp_numirq, 64),
> -DEFINE_PROP_UINT32("MAINCLK_FRQ", ARMSSE, mainclk_frq, 0),
>  DEFINE_PROP_UINT32("SRAM_ADDR_WIDTH", ARMSSE, sram_addr_width, 15),
>  DEFINE_PROP_UINT32("init-svtor", ARMSSE, init_svtor, 0x1000),
>  DEFINE_PROP_BOOL("CPU0_FPU", ARMSSE, cpu_fpu[0], true),
> @@ -60,7 +59,6 @@ static Property armsse_properties[] = {
>  DEFINE_PROP_LINK("memory", ARMSSE, board_memory, TYPE_MEMORY_REGION,
>   MemoryRegion *),
>  

Re: [PATCH 25/25] hw/arm/stellaris: Remove board-creation reset of STELLARIS_SYS

2021-01-23 Thread Luc Michel
On 19:06 Thu 21 Jan , Peter Maydell wrote:
> Now that the watchdog device uses its Clock input rather than being
> passed the value of system_clock_scale at creation time, we can
> remove the hack where we reset the STELLARIS_SYS at board creation
> time to force it to set system_clock_scale.  Instead it will be reset
> at the usual point in startup and will inform the watchdog of the
> clock frequency at that point.
> 
> Signed-off-by: Peter Maydell 

Reviewed-by: Luc Michel 

> ---
>  hw/arm/stellaris.c | 10 --
>  1 file changed, 10 deletions(-)
> 
> diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c
> index 5acb043a07e..ad72c0959f1 100644
> --- a/hw/arm/stellaris.c
> +++ b/hw/arm/stellaris.c
> @@ -780,16 +780,6 @@ static DeviceState *stellaris_sys_init(uint32_t base, 
> qemu_irq irq,
>  sysbus_mmio_map(sbd, 0, base);
>  sysbus_connect_irq(sbd, 0, irq);
>  
> -/*
> - * Normally we should not be resetting devices like this during
> - * board creation. For the moment we need to do so, because
> - * system_clock_scale will only get set when the STELLARIS_SYS
> - * device is reset, and we need its initial value to pass to
> - * the watchdog device. This hack can be removed once the
> - * watchdog has been converted to use a Clock input instead.
> - */
> -device_cold_reset(dev);
> -
>  return dev;
>  }
>  
> -- 
> 2.20.1
> 

-- 



Re: [PATCH 23/25] arm: Don't set freq properties on CMSDK timer, dualtimer, watchdog, ARMSSE

2021-01-23 Thread Luc Michel
On 19:06 Thu 21 Jan , Peter Maydell wrote:
> Remove all the code that sets frequency properties on the CMSDK
> timer, dualtimer and watchdog devices and on the ARMSSE SoC device:
> these properties are unused now that the devices rely on their Clock
> inputs instead.
> 
> Signed-off-by: Peter Maydell 

Reviewed-by: Luc Michel 

> ---
>  hw/arm/armsse.c| 7 ---
>  hw/arm/mps2-tz.c   | 1 -
>  hw/arm/mps2.c  | 3 ---
>  hw/arm/musca.c | 1 -
>  hw/arm/stellaris.c | 3 ---
>  5 files changed, 15 deletions(-)
> 
> diff --git a/hw/arm/armsse.c b/hw/arm/armsse.c
> index 1da0c1be4c7..7494afc630e 100644
> --- a/hw/arm/armsse.c
> +++ b/hw/arm/armsse.c
> @@ -726,7 +726,6 @@ static void armsse_realize(DeviceState *dev, Error **errp)
>   * it to the appropriate PPC port; then we can realize the PPC and
>   * map its upstream ends to the right place in the container.
>   */
> -qdev_prop_set_uint32(DEVICE(>timer0), "pclk-frq", s->mainclk_frq);
>  qdev_connect_clock_in(DEVICE(>timer0), "pclk", s->mainclk);
>  if (!sysbus_realize(SYS_BUS_DEVICE(>timer0), errp)) {
>  return;
> @@ -737,7 +736,6 @@ static void armsse_realize(DeviceState *dev, Error **errp)
>  object_property_set_link(OBJECT(>apb_ppc0), "port[0]", OBJECT(mr),
>   _abort);
>  
> -qdev_prop_set_uint32(DEVICE(>timer1), "pclk-frq", s->mainclk_frq);
>  qdev_connect_clock_in(DEVICE(>timer1), "pclk", s->mainclk);
>  if (!sysbus_realize(SYS_BUS_DEVICE(>timer1), errp)) {
>  return;
> @@ -748,7 +746,6 @@ static void armsse_realize(DeviceState *dev, Error **errp)
>  object_property_set_link(OBJECT(>apb_ppc0), "port[1]", OBJECT(mr),
>   _abort);
>  
> -qdev_prop_set_uint32(DEVICE(>dualtimer), "pclk-frq", s->mainclk_frq);
>  qdev_connect_clock_in(DEVICE(>dualtimer), "TIMCLK", s->mainclk);
>  if (!sysbus_realize(SYS_BUS_DEVICE(>dualtimer), errp)) {
>  return;
> @@ -907,7 +904,6 @@ static void armsse_realize(DeviceState *dev, Error **errp)
>  /* Devices behind APB PPC1:
>   *   0x4002f000: S32K timer
>   */
> -qdev_prop_set_uint32(DEVICE(>s32ktimer), "pclk-frq", S32KCLK);
>  qdev_connect_clock_in(DEVICE(>s32ktimer), "pclk", s->s32kclk);
>  if (!sysbus_realize(SYS_BUS_DEVICE(>s32ktimer), errp)) {
>  return;
> @@ -1001,7 +997,6 @@ static void armsse_realize(DeviceState *dev, Error 
> **errp)
>  qdev_connect_gpio_out(DEVICE(>nmi_orgate), 0,
>qdev_get_gpio_in_named(DEVICE(>armv7m), "NMI", 
> 0));
>  
> -qdev_prop_set_uint32(DEVICE(>s32kwatchdog), "wdogclk-frq", S32KCLK);
>  qdev_connect_clock_in(DEVICE(>s32kwatchdog), "WDOGCLK", s->s32kclk);
>  if (!sysbus_realize(SYS_BUS_DEVICE(>s32kwatchdog), errp)) {
>  return;
> @@ -1012,7 +1007,6 @@ static void armsse_realize(DeviceState *dev, Error 
> **errp)
>  
>  /* 0x4008 .. 0x4008 : ARMSSE second Base peripheral region */
>  
> -qdev_prop_set_uint32(DEVICE(>nswatchdog), "wdogclk-frq", 
> s->mainclk_frq);
>  qdev_connect_clock_in(DEVICE(>nswatchdog), "WDOGCLK", s->mainclk);
>  if (!sysbus_realize(SYS_BUS_DEVICE(>nswatchdog), errp)) {
>  return;
> @@ -1021,7 +1015,6 @@ static void armsse_realize(DeviceState *dev, Error 
> **errp)
> armsse_get_common_irq_in(s, 1));
>  sysbus_mmio_map(SYS_BUS_DEVICE(>nswatchdog), 0, 0x40081000);
>  
> -qdev_prop_set_uint32(DEVICE(>swatchdog), "wdogclk-frq", 
> s->mainclk_frq);
>  qdev_connect_clock_in(DEVICE(>swatchdog), "WDOGCLK", s->mainclk);
>  if (!sysbus_realize(SYS_BUS_DEVICE(>swatchdog), errp)) {
>  return;
> diff --git a/hw/arm/mps2-tz.c b/hw/arm/mps2-tz.c
> index 7acdf490f28..90caa914934 100644
> --- a/hw/arm/mps2-tz.c
> +++ b/hw/arm/mps2-tz.c
> @@ -413,7 +413,6 @@ static void mps2tz_common_init(MachineState *machine)
>  object_property_set_link(OBJECT(>iotkit), "memory",
>   OBJECT(system_memory), _abort);
>  qdev_prop_set_uint32(iotkitdev, "EXP_NUMIRQ", MPS2TZ_NUMIRQ);
> -qdev_prop_set_uint32(iotkitdev, "MAINCLK_FRQ", SYSCLK_FRQ);
>  qdev_connect_clock_in(iotkitdev, "MAINCLK", mms->sysclk);
>  qdev_connect_clock_in(iotkitdev, "S32KCLK", mms->s32kclk);
>  sysbus_realize(SYS_BUS_DEVICE(>iotkit), _fatal);
> diff --git a/hw/arm/mps2.c b/hw/arm/mps2.c
> index cd1c215f941..39add416db5 100644
> --- a/hw/arm/mps2.c
> +++ b/hw/arm/mps2.c
> @@ -346,7 +346,6 @@ static void mps2_common_init(MachineState *machine)
>  object_initialize_child(OBJECT(mms), name, >timer[i],
>  TYPE_CMSDK_APB_TIMER);
>  sbd = SYS_BUS_DEVICE(>timer[i]);
> -qdev_prop_set_uint32(DEVICE(>timer[i]), "pclk-frq", SYSCLK_FRQ);
>  qdev_connect_clock_in(DEVICE(>timer[i]), "pclk", mms->sysclk);
>  sysbus_realize_and_unref(sbd, _fatal);
>  sysbus_mmio_map(sbd, 0, base);
> @@ -355,7 +354,6 @@ static 

Re: [PATCH 22/25] hw/arm/armsse: Use Clock to set system_clock_scale

2021-01-23 Thread Luc Michel
On 19:06 Thu 21 Jan , Peter Maydell wrote:
> Use the MAINCLK Clock input to set the system_clock_scale variable
> rather than using the mainclk_frq property.
> 
> Signed-off-by: Peter Maydell 
> ---
> At some point we should make the SysTick take a Clock itself so
> that we can get rid of the system_clock_scale global entirely.
> (In fact we want two Clocks: one that is the CPU clock and one
> for the 'external reference clock' whose period is currently
> hardcoded at 1000ns in systick_scale()...)
> ---
>  hw/arm/armsse.c | 21 +
>  1 file changed, 17 insertions(+), 4 deletions(-)
> 
> diff --git a/hw/arm/armsse.c b/hw/arm/armsse.c
> index 4349ce9bfdb..1da0c1be4c7 100644
> --- a/hw/arm/armsse.c
> +++ b/hw/arm/armsse.c
> @@ -232,6 +232,16 @@ static void armsse_forward_sec_resp_cfg(ARMSSE *s)
>  qdev_connect_gpio_out(dev_splitter, 2, s->sec_resp_cfg_in);
>  }
>  
> +static void armsse_mainclk_update(void *opaque)
> +{
> +ARMSSE *s = ARM_SSE(opaque);
> +/*
> + * Set system_clock_scale from our Clock input; this is what
> + * controls the tick rate of the CPU SysTick timer.
> + */
> +system_clock_scale = clock_ticks_to_ns(s->mainclk, 1);
> +}
> +
I think you forgot to connect this callback to the clock itself (the
`qdev_init_clock_in` call in `armsse_init`).

Moreover on a clock change event, shouldn't the SysTick timer be
recomputed? I guess this will be better fixed in the SysTick itself once
it takes the two Clock inputs as you said.

-- 
Luc

>  static void armsse_init(Object *obj)
>  {
>  ARMSSE *s = ARM_SSE(obj);
> @@ -451,9 +461,11 @@ static void armsse_realize(DeviceState *dev, Error 
> **errp)
>  return;
>  }
>  
> -if (!s->mainclk_frq) {
> -error_setg(errp, "MAINCLK_FRQ property was not set");
> -return;
> +if (!clock_has_source(s->mainclk)) {
> +error_setg(errp, "MAINCLK clock was not connected");
> +}
> +if (!clock_has_source(s->s32kclk)) {
> +error_setg(errp, "S32KCLK clock was not connected");
>  }
>  
>  assert(info->num_cpus <= SSE_MAX_CPUS);
> @@ -1115,7 +1127,8 @@ static void armsse_realize(DeviceState *dev, Error 
> **errp)
>   */
>  sysbus_init_mmio(SYS_BUS_DEVICE(s), >container);
>  
> -system_clock_scale = NANOSECONDS_PER_SECOND / s->mainclk_frq;
> +/* Set initial system_clock_scale from MAINCLK */
> +armsse_mainclk_update(s);
>  }
>  
>  static void armsse_idau_check(IDAUInterface *ii, uint32_t address,
> -- 
> 2.20.1
> 

-- 



Re: [PATCH v8 09/11] block: check availablity for preadv/pwritev on mac

2021-01-23 Thread Joelle van Dyne
Sorry to rephrase this, we would like a single binary to work on both
macOS 10.15 and macOS 11 as well as on both iOS 13 and iOS 14 while
ALSO supporting preadv/pwritev when running on the newer OS.

-j

On Sat, Jan 23, 2021 at 12:00 PM Joelle van Dyne  wrote:
>
> The problem here is that we would like to compile on macOS 11 and be
> able to run the built binaries on macOS 10.15 or lower. Without the
> runtime checks, you'll have a crash when calling preadv/pwritev.
>
> -j
>
> On Sat, Jan 23, 2021 at 5:53 AM Peter Maydell  
> wrote:
> >
> > On Sat, 23 Jan 2021 at 05:03, Joelle van Dyne  wrote:
> > >
> > > macOS 11/iOS 14 added preadv/pwritev APIs. Due to weak linking, configure
> > > will succeed with CONFIG_PREADV even when targeting a lower OS version.
> > > We therefore need to check at run time if we can actually use these APIs.
> >
> > If you make the preadv check be a meson.build has_function()
> > test, I think (but have not tested) that it ought to correctly
> > fail the link in the targeting-lower-OS-version case, because
> > meson.build's has_function() implementation for clang
> > https://github.com/mesonbuild/meson/blob/bad0e95caec4cf49165572df3cf2edc4832280fa/mesonbuild/compilers/mixins/clang.py#L89
> > adds -Wl,-no-weak-imports when it's building the test-case
> > exactly to force that linker visibility obeys the minimum
> > version targets for OSX.
> >
> > If that works I think it would be neater than delaying the
> > check to runtime (and it would also mean another test moved
> > out of configure and into meson.build, which is the direction
> > we're heading anyway).
> >
> > thanks
> > -- PMM



Re: [PATCH v8 09/11] block: check availablity for preadv/pwritev on mac

2021-01-23 Thread Joelle van Dyne
The problem here is that we would like to compile on macOS 11 and be
able to run the built binaries on macOS 10.15 or lower. Without the
runtime checks, you'll have a crash when calling preadv/pwritev.

-j

On Sat, Jan 23, 2021 at 5:53 AM Peter Maydell  wrote:
>
> On Sat, 23 Jan 2021 at 05:03, Joelle van Dyne  wrote:
> >
> > macOS 11/iOS 14 added preadv/pwritev APIs. Due to weak linking, configure
> > will succeed with CONFIG_PREADV even when targeting a lower OS version.
> > We therefore need to check at run time if we can actually use these APIs.
>
> If you make the preadv check be a meson.build has_function()
> test, I think (but have not tested) that it ought to correctly
> fail the link in the targeting-lower-OS-version case, because
> meson.build's has_function() implementation for clang
> https://github.com/mesonbuild/meson/blob/bad0e95caec4cf49165572df3cf2edc4832280fa/mesonbuild/compilers/mixins/clang.py#L89
> adds -Wl,-no-weak-imports when it's building the test-case
> exactly to force that linker visibility obeys the minimum
> version targets for OSX.
>
> If that works I think it would be neater than delaying the
> check to runtime (and it would also mean another test moved
> out of configure and into meson.build, which is the direction
> we're heading anyway).
>
> thanks
> -- PMM



Re: [PATCH 19/25] hw/timer/cmsdk-apb-dualtimer: Convert to use Clock input

2021-01-23 Thread Luc Michel
On 21:41 Fri 22 Jan , Peter Maydell wrote:
> On Fri, 22 Jan 2021 at 20:48, Luc Michel  wrote:
> >
> > On 19:06 Thu 21 Jan , Peter Maydell wrote:
> > > Switch the CMSDK APB dualtimer device over to using its Clock input;
> > > the pclk-frq property is now ignored.
> > >
> > > Signed-off-by: Peter Maydell 
> > > ---
> > >  hw/timer/cmsdk-apb-dualtimer.c | 42 ++
> > >  1 file changed, 37 insertions(+), 5 deletions(-)
> > >
> > > diff --git a/hw/timer/cmsdk-apb-dualtimer.c 
> > > b/hw/timer/cmsdk-apb-dualtimer.c
> > > index 781b496037b..828127b366f 100644
> > > --- a/hw/timer/cmsdk-apb-dualtimer.c
> > > +++ b/hw/timer/cmsdk-apb-dualtimer.c
> > > @@ -106,6 +106,22 @@ static void 
> > > cmsdk_apb_dualtimer_update(CMSDKAPBDualTimer *s)
> > >  qemu_set_irq(s->timerintc, timintc);
> > >  }
> > >
> > > +static int cmsdk_dualtimermod_divisor(CMSDKAPBDualTimerModule *m)
> > > +{
> > > +/* Return the divisor set by the current CONTROL.PRESCALE value */
> > > +switch (FIELD_EX32(m->control, CONTROL, PRESCALE)) {
> > > +case 0:
> > > +return 1;
> > > +case 1:
> > > +return 16;
> > > +case 2:
> > > +case 3: /* UNDEFINED, we treat like 2 (and complained when it was 
> > > set) */
> > > +return 256;
> > > +default:
> > > +g_assert_not_reached();
> > > +}
> > > +}
> > > +
> > >  static void cmsdk_dualtimermod_write_control(CMSDKAPBDualTimerModule *m,
> > >   uint32_t newctrl)
> > >  {
> > > @@ -146,7 +162,7 @@ static void 
> > > cmsdk_dualtimermod_write_control(CMSDKAPBDualTimerModule *m,
> > >  default:
> > >  g_assert_not_reached();
> > >  }
> > > -ptimer_set_freq(m->timer, m->parent->pclk_frq / divisor);
> > > +ptimer_set_period_from_clock(m->timer, m->parent->timclk, 
> > > divisor);
> >
> > Just a small cosmetic note, maybe you can use your new
> > cmsdk_dualtimermod_divisor function to factor out the switch above?
> > Something like:
> >
> > if (changed & R_CONTROL_PRESCALE_MASK) {
> > if (FIELD_EX32(newctrl, CONTROL, PRESCALE) == 3) {
> > qemu_log_mask(LOG_GUEST_ERROR,
> >   "CMSDK APB dual-timer: CONTROL.PRESCALE==0b11"
> >   " is undefined behaviour\n");
> > }
> >
> > ptimer_set_period_from_clock(m->timer, m->parent->timclk,
> >  cmsdk_dualtimermod_divisor(m));
> > }
> 
> Nope, because cmsdk_dualtimermod_divisor() uses the current
> m->control value, and at this point in the code we need the
> divisor from the new control value which isn't in m->control yet.
> I liked the slight duplication better than either having to
> pass m->control in in all the other callsites or trying to
> refactor the control write handling so that m->control is
> updated before this point in the code.

Oops yes I missed that. Sure make sense, forget what I said.

> 
> thanks
> -- PMM

-- 



Re: [PULL 00/31] Misc patches for 2020-01-21

2021-01-23 Thread Peter Maydell
On Sat, 23 Jan 2021 at 14:36, Paolo Bonzini  wrote:
>
> The following changes since commit fef80ea073c4862bc9eaddb6ddb0ed970b8ad7c4:
>
>   Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2021-01-20' into 
> staging (2021-01-21 10:44:28 +)
>
> are available in the Git repository at:
>
>   https://gitlab.com/bonzini/qemu.git tags/for-upstream
>
> for you to fetch changes up to fc70d67e73e9cba950cf9d16281a78eb4ab6e4ce:
>
>   qemu-option: warn for short-form boolean options (2021-01-23 09:29:42 -0500)
>
> 
> * Make MinGW respect --bindir (Joshua)
> * Switch MinGW to a "deep" installation (Joshua + NSIS fixes by myself)
> * Fix compilation errors/warnings (Qixin, Philippe)
> * Switch slirp to a subproject (Marc-André)
> * QemuOpts cleanups (myself)
> * Consistency improvements for -action (myself)
> * remove deprecated "change vnc TARGET" functionality (myself)
> * meson cleanups (Philippe, myself)
> * IDE out-of-bounds access (Prasad)
> * LA57 fix for -cpu max (Weijiang)

Fails to compile, OSX. There's an oddball "unable to rmdir"
warning immediately on git checkout, which may or may not be
related:

>From git://git-us.linaro.org/people/pmaydell/qemu-arm
   e93c65a6c6..9bfe4825ae  staging-> pmaydell/staging
warning: unable to rmdir 'slirp': Directory not empty
make: Entering directory '/Users/pm215/src/qemu-for-merges/build/all'
config-host.mak is out-of-date, running configure
Disabling PIE due to missing toolchain support
Submodule 'subprojects/libslirp'
(https://git.qemu.org/git/libslirp.git) registered for path
'subprojects/libslirp'
Cloning into '/Users/pm215/src/qemu-for-merges/subprojects/libslirp'...
cross containers  no

NOTE: guest cross-compilers enabled: cc
/usr/local/bin/ninja  build.ninja && touch build.ninja.stamp
[...]
ninja: no work to do.
/usr/local/bin/python3 -B
/Users/pm215/src/qemu-for-merges/meson/meson.py introspect --targets
--tests --benchmarks | /usr/local/bin/python3 -B scripts/mtest2make.py
> Makefile.mtest
[1/5915] Compiling C object
subprojects/libslirp/libslirp.0.dylib.p/src_ip_output.c.o
[2/5915] Compiling C object subprojects/libslirp/libslirp.0.dylib.p/src_ncsi.c.o
[3/5915] Compiling C object subprojects/libslirp/libslirp.0.dylib.p/src_mbuf.c.o
[4/5915] Compiling C object subprojects/libslirp/libslirp.0.dylib.p/src_misc.c.o
[5/5915] Compiling C object
subprojects/libslirp/libslirp.0.dylib.p/src_slirp.c.o
FAILED: subprojects/libslirp/libslirp.0.dylib.p/src_slirp.c.o
cc -Isubprojects/libslirp/libslirp.0.dylib.p -Isubprojects/libslirp
-I../../subprojects/libslirp -I/usr/local/Cellar/glib/2.66.1/include
-I/usr/local/Cellar/glib/2.66.1/include/glib-2.0
-I/usr/local/Cellar/glib/2.66.1/lib/glib-2.0/include
-I/usr/local/opt/gettext/include -I/usr/local/Cellar/pcre/8.44/include
-Xclang -fcolor-diagnostics -pipe -Wall -Winvalid-pch -std=gnu99 -O2
-g -m64 -mcx16 -DOS_OBJECT_USE_OBJC=0 -arch x86_64 -D_GNU_SOURCE
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes
-Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes
-fno-strict-aliasing -fno-common -fwrapv -fdiagnostics-color=never
-Werror -Wno-error=deprecated-declarations -Wold-style-definition
-Wtype-limits -Wformat-security -Wformat-y2k -Winit-self
-Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels
-Wexpansion-to-defined -Wno-initializer-overrides
-Wno-missing-include-dirs -Wno-shift-negative-value
-Wno-string-plus-int -Wno-typedef-redefinition
-Wno-tautological-type-limit-compare -fstack-protector-strong
'-DG_LOG_DOMAIN="Slirp"' -MD -MQ
subprojects/libslirp/libslirp.0.dylib.p/src_slirp.c.o -MF
subprojects/libslirp/libslirp.0.dylib.p/src_slirp.c.o.d -o
subprojects/libslirp/libslirp.0.dylib.p/src_slirp.c.o -c
../../subprojects/libslirp/src/slirp.c
../../subprojects/libslirp/src/slirp.c:131:17: error: unused variable
'old_stat' [-Werror,-Wunused-variable]
struct stat old_stat;
^
../../subprojects/libslirp/src/slirp.c:143:10: error: unused variable
'buff' [-Werror,-Wunused-variable]
char buff[512];
 ^
2 errors generated.
[6/5915] Compiling C object subprojects/libslirp/libslirp.0.dylib.p/src_sbuf.c.o
[7/5915] Compiling C object
subprojects/libslirp/libslirp.0.dylib.p/src_ndp_table.c.o
[8/5915] Compiling C object
subprojects/libslirp/libslirp.0.dylib.p/src_socket.c.o
ninja: build stopped: subcommand failed.

thanks
-- PMM



Re: [PATCH] tcg: Increase the static number of temporaries

2021-01-23 Thread Laurent Vivier
Le 23/01/2021 à 17:19, Laurent Vivier a écrit :
> Le 21/01/2021 à 03:54, Richard Henderson a écrit :
>> This isn't a total or permanent solution to the problem of running
>> out of temporaries, but it puts off the issue for a bit.
>>
>> Make the assert in tcg_temp_alloc unconditional.  If we do run out
>> of temps, this can fail much later as a weird SIGSEGV, due to the
>> buffer overrun of the temp array.
>>
>> Remove the inlines from tcg_temp_alloc and tcg_global_alloc.
>>
>> Buglink: https://bugs.launchpad.net/bugs/1912065
>> Signed-off-by: Richard Henderson 
>> ---
>>
>> There are more bugs that need fixing in order to actually make
>> the dynamic allocation scheme work.  Rather than keep this bug
>> pending longer, hack around it and make the SEGV an ABRT.
>>
>> r~
>>
>> ---
>>  include/tcg/tcg.h | 2 +-
>>  tcg/tcg.c | 6 +++---
>>  2 files changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
>> index c5a9d65d5f..0187de1352 100644
>> --- a/include/tcg/tcg.h
>> +++ b/include/tcg/tcg.h
>> @@ -275,7 +275,7 @@ typedef struct TCGPool {
>>  
>>  #define TCG_POOL_CHUNK_SIZE 32768
>>  
>> -#define TCG_MAX_TEMPS 512
>> +#define TCG_MAX_TEMPS 1024
> 
> This seems not enough, I have:
> 
> ERROR:.../tcg/tcg.c:1210:tcg_temp_alloc: assertion failed: (n < TCG_MAX_TEMPS)
> Bail out! ERROR:.../tcg/tcg.c:1210:tcg_temp_alloc: assertion failed: (n < 
> TCG_MAX_TEMPS)
> 
> With my branch m68k-virt (68040 processor with virtio-mmio devices) booting 
> debian sid.

The cause of the overflow is this sequence:


IN:
0xc0f0520c:  movel %a5,%sp@-
0xc0f0520e:  lea %pc@(0xc1805000),%a5
0xc0f05216:  moveal %sp@(12),%a0
0xc0f0521a:  movel %a5@(61a0),%a0@
0xc0f05222:  movel %a5@(4fd4),%a0@(180)
0xc0f0522c:  movel %a5@(8af4),%a0@(184)
0xc0f05236:  movel %a5@(6328),%a0@(188)
0xc0f05240:  movel %a5@(2530),%a0@(172)
0xc0f0524a:  movel %a5@(61fc),%a0@(176)
0xc0f05254:  movel %a5@(5848),%a0@(24)
0xc0f0525e:  movel %a5@(d398),%a0@(28)
0xc0f05268:  movel %a5@(53ec),%a0@(32)
0xc0f05272:  movel %a5@(17774),%a0@(36)
0xc0f0527c:  movel %a5@(f748),%a0@(40)
0xc0f05286:  movel %a5@(551c),%a0@(44)
0xc0f05290:  movel %a5@(36ac),%a0@(4)
0xc0f0529a:  movel %a5@(68a0),%a0@(8)
0xc0f052a4:  movel %a5@(54c0),%a0@(12)
0xc0f052ae:  movel %a5@(4354),%a0@(16)
0xc0f052b8:  movel %a5@(5eb0),%a0@(48)
0xc0f052c2:  movel %a5@(5ee4),%a0@(52)
0xc0f052cc:  movel %a5@(5894),%a0@(68)
0xc0f052d6:  movel %a5@(5924),%a0@(72)
0xc0f052e0:  movel %a5@(c8fc),%a0@(76)
0xc0f052ea:  movel %a5@(3248),%a0@(80)
0xc0f052f4:  movel %a5@(bcd0),%a0@(84)
0xc0f052fe:  movel %a5@(9a38),%a0@(88)
0xc0f05308:  movel %a5@(e2e8),%a0@(92)
0xc0f05312:  movel %a5@(dd50),%a0@(96)
0xc0f0531c:  movel %a5@(62b0),%a0@(100)
0xc0f05326:  movel %a5@(20a0),%a0@(104)
0xc0f05330:  movel %a5@(527c),%a0@(108)
0xc0f0533a:  movel %a5@(41ec),%a0@(112)
0xc0f05344:  movel %a5@(33dc),%a0@(116)
0xc0f0534e:  movel %a5@(423c),%a0@(120)
0xc0f05358:  movel %a5@(9728),%a0@(124)
0xc0f05362:  movel %a5@(3fe4),%a0@(128)
0xc0f0536c:  movel %a5@(1018c),%a0@(132)
0xc0f05376:  movel %a5@(7b54),%a0@(136)
0xc0f05380:  movel %a5@(121e8),%a0@(140)
0xc0f0538a:  movel %a5@(550c),%a0@(144)
0xc0f05394:  movel %a5@(b4a8),%a0@(148)
0xc0f0539e:  movel %a5@(6a20),%a0@(152)
0xc0f053a8:  movel %a5@(56e0),%a0@(156)
0xc0f053b2:  movel %a5@(10c9c),%a0@(160)
0xc0f053bc:  movel %a5@(a4e8),%a0@(164)
0xc0f053c6:  movel %a5@(9d58),%a0@(168)
0xc0f053d0:  movel %a5@(6e2c),%a0@(224)
0xc0f053da:  movel %a5@(4e28),%a0@(228)
0xc0f053e4:  movel %a5@(152e0),%a0@(232)
0xc0f053ee:  movel %a5@(7e3c),%a0@(236)
0xc0f053f8:  movel %a5@(15b10),%a0@(240)
0xc0f05402:  movel %a5@(4578),%a0@(244)
0xc0f0540c:  movel %a5@(11e98),%a0@(248)
0xc0f05416:  movel %a5@(44b8),%a0@(252)
0xc0f05420:  movel %a5@(72a0),%a0@(504)
0xc0f0542a:  movel %a5@(308c),%a0@(508)
0xc0f05434:  movel %a5@(4f40),%a0@(512)
0xc0f0543e:  movel %a5@(8c04),%a0@(516)
0xc0f05448:  movel %a5@(b328),%a0@(520)
0xc0f05452:  movel %a5@(4e40),%a0@(524)
0xc0f0545c:  movel %a5@(4954),%a0@(528)
0xc0f05466:  movel %a5@(14f48),%a0@(532)
0xc0f05470:  movel %a5@(15c2c),%a0@(536)
0xc0f0547a:  movel %a5@(4bf0),%a0@(540)
0xc0f05484:  movel %a5@(66b4),%a0@(544)
0xc0f0548e:  movel %a5@(3768),%a0@(548)
0xc0f05498:  movel %a5@(111e4),%a0@(552)
0xc0f054a2:  movel %a5@(414c),%a0@(556)
0xc0f054ac:  movel %a5@(14eb8),%a0@(560)
0xc0f054b6:  movel %a5@(6fec),%a0@(564)
0xc0f054c0:  movel %a5@(48c0),%a0@(568)
0xc0f054ca:  movel %a5@(4494),%a0@(572)
0xc0f054d4:  movel %a5@(7534),%a0@(576)
0xc0f054de:  movel %a5@(c1ec),%a0@(580)
0xc0f054e8:  movel %a5@(636c),%a0@(584)
0xc0f054f2:  movel %a5@(a5a0),%a0@(588)
0xc0f054fc:  movel %a5@(8734),%a0@(592)
0xc0f05506:  movel %a5@(3f94),%a0@(596)
0xc0f05510:  movel %a5@(11910),%a0@(600)
0xc0f0551a:  movel %a5@(119e4),%a0@(604)
0xc0f05524:  movel %a5@(5efc),%a0@(608)
0xc0f0552e:  movel %a5@(284c),%a0@(612)
0xc0f05538:  movel %a5@(4b58),%a0@(616)
0xc0f05542:  movel %a5@(4084),%a0@(620)
0xc0f0554c:  movel %a5@(3f80),%a0@(624)

Re: [PULL 0/8] Usb 20210122 patches

2021-01-23 Thread Peter Maydell
On Fri, 22 Jan 2021 at 17:53, Gerd Hoffmann  wrote:
>
> The following changes since commit 0e32462630687a18039464511bd0447ada5709c3:
>
>   Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-=
> request' into staging (2021-01-22 10:35:55 +)
>
> are available in the Git repository at:
>
>   git://git.kraxel.org/qemu tags/usb-20210122-pull-request
>
> for you to fetch changes up to 2980a316734c420e7398aec026909dcfc8614c1d:
>
>   usb-host: map LIBUSB_SPEED_SUPER_PLUS to USB_SPEED_SUPER (2021-01-22 14:51:=
> 35 +0100)
>
> 
> usb: cleanups and fixes.
> usb: add pcap support.
>

Applied, thanks.

Please update the changelog at https://wiki.qemu.org/ChangeLog/6.0
for any user-visible changes.

-- PMM



[PULL 09/10] accel/tcg: Restrict cpu_io_recompile() from other accelerators

2021-01-23 Thread Richard Henderson
From: Philippe Mathieu-Daudé 

As cpu_io_recompile() is only called within TCG accelerator
in cputlb.c, declare it locally.

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210117164813.4101761-6-f4...@amsat.org>
[rth: Adjust vs changed tb_flush_jmp_cache patch.]
Signed-off-by: Richard Henderson 
---
 accel/tcg/internal.h| 2 ++
 include/exec/exec-all.h | 1 -
 accel/tcg/cputlb.c  | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/accel/tcg/internal.h b/accel/tcg/internal.h
index 06b341fceb..e9c145e0fb 100644
--- a/accel/tcg/internal.h
+++ b/accel/tcg/internal.h
@@ -15,4 +15,6 @@ TranslationBlock *tb_gen_code(CPUState *cpu, target_ulong pc,
   target_ulong cs_base, uint32_t flags,
   int cflags);
 
+void QEMU_NORETURN cpu_io_recompile(CPUState *cpu, uintptr_t retaddr);
+
 #endif /* ACCEL_TCG_INTERNAL_H */
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 3acc7c2943..125000bcf7 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -63,7 +63,6 @@ void restore_state_to_opc(CPUArchState *env, TranslationBlock 
*tb,
 bool cpu_restore_state(CPUState *cpu, uintptr_t searched_pc, bool will_exit);
 
 void QEMU_NORETURN cpu_loop_exit_noexc(CPUState *cpu);
-void QEMU_NORETURN cpu_io_recompile(CPUState *cpu, uintptr_t retaddr);
 void QEMU_NORETURN cpu_loop_exit(CPUState *cpu);
 void QEMU_NORETURN cpu_loop_exit_restore(CPUState *cpu, uintptr_t pc);
 void QEMU_NORETURN cpu_loop_exit_atomic(CPUState *cpu, uintptr_t pc);
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 0fa1643ed3..7a69726ba4 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -37,6 +37,7 @@
 #include "exec/translate-all.h"
 #include "trace/trace-root.h"
 #include "trace/mem.h"
+#include "internal.h"
 #ifdef CONFIG_PLUGIN
 #include "qemu/plugin-memory.h"
 #endif
-- 
2.25.1




[PULL 07/10] accel/tcg: Restrict tb_gen_code() from other accelerators

2021-01-23 Thread Richard Henderson
From: Philippe Mathieu-Daudé 

tb_gen_code() is only called within TCG accelerator, declare it locally.

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210117164813.4101761-4-f4...@amsat.org>
[rth: Adjust vs changed tb_flush_jmp_cache patch.]
Signed-off-by: Richard Henderson 
---
 accel/tcg/internal.h  | 18 ++
 include/exec/exec-all.h   |  5 -
 accel/tcg/cpu-exec.c  |  1 +
 accel/tcg/translate-all.c |  1 +
 4 files changed, 20 insertions(+), 5 deletions(-)
 create mode 100644 accel/tcg/internal.h

diff --git a/accel/tcg/internal.h b/accel/tcg/internal.h
new file mode 100644
index 00..06b341fceb
--- /dev/null
+++ b/accel/tcg/internal.h
@@ -0,0 +1,18 @@
+/*
+ * Internal execution defines for qemu
+ *
+ *  Copyright (c) 2003 Fabrice Bellard
+ *
+ * SPDX-License-Identifier: LGPL-2.1-or-later
+ */
+
+#ifndef ACCEL_TCG_INTERNAL_H
+#define ACCEL_TCG_INTERNAL_H
+
+#include "exec/exec-all.h"
+
+TranslationBlock *tb_gen_code(CPUState *cpu, target_ulong pc,
+  target_ulong cs_base, uint32_t flags,
+  int cflags);
+
+#endif /* ACCEL_TCG_INTERNAL_H */
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 1e3e7cf8e7..3acc7c2943 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -64,11 +64,6 @@ bool cpu_restore_state(CPUState *cpu, uintptr_t searched_pc, 
bool will_exit);
 
 void QEMU_NORETURN cpu_loop_exit_noexc(CPUState *cpu);
 void QEMU_NORETURN cpu_io_recompile(CPUState *cpu, uintptr_t retaddr);
-TranslationBlock *tb_gen_code(CPUState *cpu,
-  target_ulong pc, target_ulong cs_base,
-  uint32_t flags,
-  int cflags);
-
 void QEMU_NORETURN cpu_loop_exit(CPUState *cpu);
 void QEMU_NORETURN cpu_loop_exit_restore(CPUState *cpu, uintptr_t pc);
 void QEMU_NORETURN cpu_loop_exit_atomic(CPUState *cpu, uintptr_t pc);
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 8053aa3f11..37d17c8e88 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -41,6 +41,7 @@
 #include "exec/cpu-all.h"
 #include "sysemu/cpu-timers.h"
 #include "sysemu/replay.h"
+#include "internal.h"
 
 /* -icount align implementation. */
 
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 5bd0e267c8..73fef47148 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -60,6 +60,7 @@
 #include "sysemu/cpu-timers.h"
 #include "sysemu/tcg.h"
 #include "qapi/error.h"
+#include "internal.h"
 
 /* #define DEBUG_TB_INVALIDATE */
 /* #define DEBUG_TB_FLUSH */
-- 
2.25.1




[PULL 10/10] tcg: Toggle page execution for Apple Silicon

2021-01-23 Thread Richard Henderson
From: Roman Bolshakov 

Pages can't be both write and executable at the same time on Apple
Silicon. macOS provides public API to switch write protection [1] for
JIT applications, like TCG.

1. 
https://developer.apple.com/documentation/apple_silicon/porting_just-in-time_compilers_to_apple_silicon

Tested-by: Alexander Graf 
Signed-off-by: Roman Bolshakov 
Message-Id: <20210113032806.18220-1-r.bolsha...@yadro.com>
[rth: Inline the qemu_thread_jit_* functions;
 drop the MAP_JIT change for a follow-on patch.]
Signed-off-by: Richard Henderson 
---
 include/qemu/osdep.h  | 28 
 accel/tcg/cpu-exec.c  |  2 ++
 accel/tcg/translate-all.c |  3 +++
 tcg/tcg.c |  1 +
 4 files changed, 34 insertions(+)

diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index a434382c58..b6ffdc15bf 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -119,6 +119,10 @@ extern int daemon(int, int);
 #include "sysemu/os-posix.h"
 #endif
 
+#ifdef __APPLE__
+#include 
+#endif
+
 #include "glib-compat.h"
 #include "qemu/typedefs.h"
 
@@ -682,4 +686,28 @@ char *qemu_get_host_name(Error **errp);
  */
 size_t qemu_get_host_physmem(void);
 
+/*
+ * Toggle write/execute on the pages marked MAP_JIT
+ * for the current thread.
+ */
+#if defined(MAC_OS_VERSION_11_0) && \
+MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_VERSION_11_0
+static inline void qemu_thread_jit_execute(void)
+{
+if (__builtin_available(macOS 11.0, *)) {
+pthread_jit_write_protect_np(true);
+}
+}
+
+static inline void qemu_thread_jit_write(void)
+{
+if (__builtin_available(macOS 11.0, *)) {
+pthread_jit_write_protect_np(false);
+}
+}
+#else
+static inline void qemu_thread_jit_write(void) {}
+static inline void qemu_thread_jit_execute(void) {}
+#endif
+
 #endif
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 37d17c8e88..6d017e46dd 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -186,6 +186,7 @@ cpu_tb_exec(CPUState *cpu, TranslationBlock *itb, int 
*tb_exit)
 }
 #endif /* DEBUG_DISAS */
 
+qemu_thread_jit_execute();
 ret = tcg_qemu_tb_exec(env, tb_ptr);
 cpu->can_do_io = 1;
 /*
@@ -410,6 +411,7 @@ static inline void tb_add_jump(TranslationBlock *tb, int n,
 {
 uintptr_t old;
 
+qemu_thread_jit_write();
 assert(n < ARRAY_SIZE(tb->jmp_list_next));
 qemu_spin_lock(_next->jmp_lock);
 
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 73fef47148..d09c187e0f 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -1670,7 +1670,9 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, 
bool rm_from_page_list)
 
 static void tb_phys_invalidate__locked(TranslationBlock *tb)
 {
+qemu_thread_jit_write();
 do_tb_phys_invalidate(tb, true);
+qemu_thread_jit_execute();
 }
 
 /* invalidate one TB
@@ -1872,6 +1874,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
 #endif
 
 assert_memory_lock();
+qemu_thread_jit_write();
 
 phys_pc = get_page_addr_code(env, pc);
 
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 5110f6f39c..4d734130df 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -1112,6 +1112,7 @@ void tcg_prologue_init(TCGContext *s)
 s->pool_labels = NULL;
 #endif
 
+qemu_thread_jit_write();
 /* Generate the prologue.  */
 tcg_target_qemu_prologue(s);
 
-- 
2.25.1




[PULL 05/10] accel/tcg: Make cpu_gen_init() static

2021-01-23 Thread Richard Henderson
From: Philippe Mathieu-Daudé 

cpu_gen_init() is TCG specific, only used in tcg/translate-all.c.
No need to export it to other accelerators, declare it statically.

Reviewed-by: Claudio Fontana 
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210117164813.4101761-2-f4...@amsat.org>
Signed-off-by: Richard Henderson 
---
 include/exec/exec-all.h   | 2 --
 accel/tcg/translate-all.c | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 2e5b4bba48..516013e735 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -47,8 +47,6 @@ void gen_intermediate_code(CPUState *cpu, TranslationBlock 
*tb, int max_insns);
 void restore_state_to_opc(CPUArchState *env, TranslationBlock *tb,
   target_ulong *data);
 
-void cpu_gen_init(void);
-
 /**
  * cpu_restore_state:
  * @cpu: the vCPU state is to be restore to
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index e9de6ff9dd..ca7ef6aa17 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -243,7 +243,7 @@ static void page_table_config_init(void)
 assert(v_l2_levels >= 0);
 }
 
-void cpu_gen_init(void)
+static void cpu_gen_init(void)
 {
 tcg_context_init(_init_ctx);
 }
-- 
2.25.1




[PULL 02/10] qemu/compiler: Split out qemu_build_not_reached_always

2021-01-23 Thread Richard Henderson
Provide a symbol that can always be used to signal an error,
regardless of optimization.  Usage of this should be protected
by e.g. __builtin_constant_p, which guards for optimization.

Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
---
 include/qemu/compiler.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/include/qemu/compiler.h b/include/qemu/compiler.h
index d620a841e4..cf28bb2bcd 100644
--- a/include/qemu/compiler.h
+++ b/include/qemu/compiler.h
@@ -215,9 +215,10 @@
  * supports QEMU_ERROR, this will be reported at compile time; otherwise
  * this will be reported at link time due to the missing symbol.
  */
-#if defined(__OPTIMIZE__) && !defined(__NO_INLINE__)
 extern void QEMU_NORETURN QEMU_ERROR("code path is reachable")
-qemu_build_not_reached(void);
+qemu_build_not_reached_always(void);
+#if defined(__OPTIMIZE__) && !defined(__NO_INLINE__)
+#define qemu_build_not_reached()  qemu_build_not_reached_always()
 #else
 #define qemu_build_not_reached()  g_assert_not_reached()
 #endif
-- 
2.25.1




[PULL 08/10] accel/tcg: Declare missing cpu_loop_exit*() stubs

2021-01-23 Thread Richard Henderson
From: Philippe Mathieu-Daudé 

cpu_loop_exit*() functions are declared in accel/tcg/cpu-exec-common.c,
and are not available when TCG accelerator is not built. Add stubs so
linking without TCG succeed.

Problematic files:

- hw/semihosting/console.c in qemu_semihosting_console_inc()
- hw/ppc/spapr_hcall.c in h_confer()
- hw/s390x/ipl.c in s390_ipl_reset_request()
- hw/misc/mips_itu.c

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210117164813.4101761-5-f4...@amsat.org>
Signed-off-by: Richard Henderson 
---
 accel/stubs/tcg-stub.c | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/accel/stubs/tcg-stub.c b/accel/stubs/tcg-stub.c
index 8c18d3eabd..2304606f8e 100644
--- a/accel/stubs/tcg-stub.c
+++ b/accel/stubs/tcg-stub.c
@@ -28,3 +28,13 @@ void *probe_access(CPUArchState *env, target_ulong addr, int 
size,
  /* Handled by hardware accelerator. */
  g_assert_not_reached();
 }
+
+void QEMU_NORETURN cpu_loop_exit(CPUState *cpu)
+{
+g_assert_not_reached();
+}
+
+void QEMU_NORETURN cpu_loop_exit_restore(CPUState *cpu, uintptr_t pc)
+{
+g_assert_not_reached();
+}
-- 
2.25.1




[PULL 06/10] accel/tcg: Move tb_flush_jmp_cache() to cputlb.c

2021-01-23 Thread Richard Henderson
Move and make the function static, as the only users
are here in cputlb.c.

Suggested-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
---
 include/exec/exec-all.h   |  3 ---
 accel/tcg/cputlb.c| 18 ++
 accel/tcg/translate-all.c | 17 -
 3 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 516013e735..1e3e7cf8e7 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -663,9 +663,6 @@ tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, 
target_ulong addr,
 void tlb_reset_dirty(CPUState *cpu, ram_addr_t start1, ram_addr_t length);
 void tlb_set_dirty(CPUState *cpu, target_ulong vaddr);
 
-/* exec.c */
-void tb_flush_jmp_cache(CPUState *cpu, target_ulong addr);
-
 MemoryRegionSection *
 address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr,
   hwaddr *xlat, hwaddr *plen,
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index ced3dc077e..0fa1643ed3 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -25,6 +25,7 @@
 #include "exec/address-spaces.h"
 #include "exec/cpu_ldst.h"
 #include "exec/cputlb.h"
+#include "exec/tb-hash.h"
 #include "exec/memory-internal.h"
 #include "exec/ram_addr.h"
 #include "tcg/tcg.h"
@@ -97,6 +98,23 @@ static void tlb_window_reset(CPUTLBDesc *desc, int64_t ns,
 desc->window_max_entries = max_entries;
 }
 
+static void tb_jmp_cache_clear_page(CPUState *cpu, target_ulong page_addr)
+{
+unsigned int i, i0 = tb_jmp_cache_hash_page(page_addr);
+
+for (i = 0; i < TB_JMP_PAGE_SIZE; i++) {
+qatomic_set(>tb_jmp_cache[i0 + i], NULL);
+}
+}
+
+static void tb_flush_jmp_cache(CPUState *cpu, target_ulong addr)
+{
+/* Discard jump cache entries for any tb which might potentially
+   overlap the flushed page.  */
+tb_jmp_cache_clear_page(cpu, addr - TARGET_PAGE_SIZE);
+tb_jmp_cache_clear_page(cpu, addr);
+}
+
 /**
  * tlb_mmu_resize_locked() - perform TLB resize bookkeeping; resize if 
necessary
  * @desc: The CPUTLBDesc portion of the TLB
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index ca7ef6aa17..5bd0e267c8 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -2461,23 +2461,6 @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr)
 cpu_loop_exit_noexc(cpu);
 }
 
-static void tb_jmp_cache_clear_page(CPUState *cpu, target_ulong page_addr)
-{
-unsigned int i, i0 = tb_jmp_cache_hash_page(page_addr);
-
-for (i = 0; i < TB_JMP_PAGE_SIZE; i++) {
-qatomic_set(>tb_jmp_cache[i0 + i], NULL);
-}
-}
-
-void tb_flush_jmp_cache(CPUState *cpu, target_ulong addr)
-{
-/* Discard jump cache entries for any tb which might potentially
-   overlap the flushed page.  */
-tb_jmp_cache_clear_page(cpu, addr - TARGET_PAGE_SIZE);
-tb_jmp_cache_clear_page(cpu, addr);
-}
-
 static void print_qht_statistics(struct qht_stats hst)
 {
 uint32_t hgram_opts;
-- 
2.25.1




[PULL 04/10] tcg: Increase the static number of temporaries

2021-01-23 Thread Richard Henderson
This isn't a total or permanent solution to the problem of running
out of temporaries, but it puts off the issue for a bit.

Make the assert in tcg_temp_alloc unconditional.  If we do run out
of temps, this can fail much later as a weird SIGSEGV, due to the
buffer overrun of the temp array.

Remove the inlines from tcg_temp_alloc and tcg_global_alloc.

Buglink: https://bugs.launchpad.net/bugs/1912065
Reviewed-by: Alex Bennée 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Richard Henderson 
---
 include/tcg/tcg.h | 2 +-
 tcg/tcg.c | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index c5a9d65d5f..0187de1352 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -275,7 +275,7 @@ typedef struct TCGPool {
 
 #define TCG_POOL_CHUNK_SIZE 32768
 
-#define TCG_MAX_TEMPS 512
+#define TCG_MAX_TEMPS 1024
 #define TCG_MAX_INSNS 512
 
 /* when the size of the arguments of a called function is smaller than
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 8f8badb61c..5110f6f39c 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -1204,14 +1204,14 @@ void tcg_func_start(TCGContext *s)
 QSIMPLEQ_INIT(>labels);
 }
 
-static inline TCGTemp *tcg_temp_alloc(TCGContext *s)
+static TCGTemp *tcg_temp_alloc(TCGContext *s)
 {
 int n = s->nb_temps++;
-tcg_debug_assert(n < TCG_MAX_TEMPS);
+g_assert(n < TCG_MAX_TEMPS);
 return memset(>temps[n], 0, sizeof(TCGTemp));
 }
 
-static inline TCGTemp *tcg_global_alloc(TCGContext *s)
+static TCGTemp *tcg_global_alloc(TCGContext *s)
 {
 TCGTemp *ts;
 
-- 
2.25.1




[PULL 01/10] tcg: update the cpu running flag in cpu_exec_step_atomic

2021-01-23 Thread Richard Henderson
From: Douglas Crosher 

The cpu_exec_step_atomic() function is called with the cpu->running
clear and proceeds to run target code without setting this flag. If
this target code generates an exception then handle_cpu_signal() will
unnecessarily abort.  For example if atomic code generates a memory
protection fault.

This patch at least sets and clears this running flag, and adds some
assertions to help detect other cases.

Signed-off-by: Douglas Crosher 
Message-Id: 
Signed-off-by: Richard Henderson 
---
 accel/tcg/cpu-exec.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index e0df9b6a1d..8053aa3f11 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -285,6 +285,9 @@ void cpu_exec_step_atomic(CPUState *cpu)
 
 if (sigsetjmp(cpu->jmp_env, 0) == 0) {
 start_exclusive();
+g_assert(cpu == current_cpu);
+g_assert(!cpu->running);
+cpu->running = true;
 
 tb = tb_lookup__cpu_state(cpu, , _base, , cf_mask);
 if (tb == NULL) {
@@ -323,6 +326,7 @@ void cpu_exec_step_atomic(CPUState *cpu)
  */
 g_assert(cpu_in_exclusive_context(cpu));
 parallel_cpus = true;
+cpu->running = false;
 end_exclusive();
 }
 
-- 
2.25.1




[PULL 00/10] tcg patch queue

2021-01-23 Thread Richard Henderson
The following changes since commit 0e32462630687a18039464511bd0447ada5709c3:

  Merge remote-tracking branch 
'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging (2021-01-22 
10:35:55 +)

are available in the Git repository at:

  https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20210123

for you to fetch changes up to 2e34067e9959f149a904cf1255985d3b68b52566:

  tcg: Toggle page execution for Apple Silicon (2021-01-22 12:48:01 -1000)


Fix tcg constant segv.
Optimize inline dup_const for MO_64.
Update the cpu running flag in cpu_exec_step_atomic
Some tidy up of tcg vs other accelerators


Douglas Crosher (1):
  tcg: update the cpu running flag in cpu_exec_step_atomic

Philippe Mathieu-Daudé (4):
  accel/tcg: Make cpu_gen_init() static
  accel/tcg: Restrict tb_gen_code() from other accelerators
  accel/tcg: Declare missing cpu_loop_exit*() stubs
  accel/tcg: Restrict cpu_io_recompile() from other accelerators

Richard Henderson (4):
  qemu/compiler: Split out qemu_build_not_reached_always
  tcg: Optimize inline dup_const for MO_64
  tcg: Increase the static number of temporaries
  accel/tcg: Move tb_flush_jmp_cache() to cputlb.c

Roman Bolshakov (1):
  tcg: Toggle page execution for Apple Silicon

 accel/tcg/internal.h  | 20 
 include/exec/exec-all.h   | 11 ---
 include/qemu/compiler.h   |  5 +++--
 include/qemu/osdep.h  | 28 
 include/tcg/tcg.h |  5 +++--
 accel/stubs/tcg-stub.c| 10 ++
 accel/tcg/cpu-exec.c  |  7 +++
 accel/tcg/cputlb.c| 19 +++
 accel/tcg/translate-all.c | 23 +--
 tcg/tcg.c |  7 ---
 10 files changed, 99 insertions(+), 36 deletions(-)
 create mode 100644 accel/tcg/internal.h



[PULL 03/10] tcg: Optimize inline dup_const for MO_64

2021-01-23 Thread Richard Henderson
Avoid the out-of-line function call for immediate MO_64.
In addition, diagnose all invalid constants at compile-time.

Reviewed-by: David Hildenbrand 
Signed-off-by: Richard Henderson 
---
 include/tcg/tcg.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index 504c5e9bb0..c5a9d65d5f 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -1325,7 +1325,8 @@ uint64_t dup_const(unsigned vece, uint64_t c);
  ? (  (VECE) == MO_8  ? 0x0101010101010101ull * (uint8_t)(C)   \
 : (VECE) == MO_16 ? 0x0001000100010001ull * (uint16_t)(C)  \
 : (VECE) == MO_32 ? 0x00010001ull * (uint32_t)(C)  \
-: dup_const(VECE, C))  \
+: (VECE) == MO_64 ? (uint64_t)(C)  \
+: (qemu_build_not_reached_always(), 0))\
  : dup_const(VECE, C))
 
 
-- 
2.25.1




Re: [PATCH v4] tcg: Toggle page execution for Apple Silicon

2021-01-23 Thread Roman Bolshakov
On Sat, Jan 23, 2021 at 07:33:37PM +0100, BALATON Zoltan wrote:
> On Sat, 23 Jan 2021, Roman Bolshakov wrote:
> > On Sat, Jan 23, 2021 at 02:53:49PM +0300, Roman Bolshakov wrote:
> > > On Thu, Jan 21, 2021 at 08:47:52AM -1000, Richard Henderson wrote:
> > > > From: Roman Bolshakov 
> > > > 
> > > > Pages can't be both write and executable at the same time on Apple
> > > > Silicon. macOS provides public API to switch write protection [1] for
> > > > JIT applications, like TCG.
> > > > 
> > > > 1. 
> > > > https://developer.apple.com/documentation/apple_silicon/porting_just-in-time_compilers_to_apple_silicon
> > > > 
> > > > Signed-off-by: Roman Bolshakov 
> > > > Message-Id: <20210113032806.18220-1-r.bolsha...@yadro.com>
> > > > [rth: Inline the qemu_thread_jit_* functions;
> > > >  drop the MAP_JIT change for a follow-on patch.]
> > > > Signed-off-by: Richard Henderson 
> > > > ---
> > > > 
> > > > Supercedes: <20210113032806.18220-1-r.bolsha...@yadro.com>
> > > > 
> > > > This is the version of Roman's patch that I'm queuing to tcg-next.
> > > > What's missing from the full "Fix execution" patch is setting MAP_JIT
> > > > for !splitwx in alloc_code_gen_buffer().
> > > > 
> > > 
> > > Richard, thanks for updating the patch. I have no objections against
> > > moving the functions and inlining them. However I'm seeing an issue that
> > > wasn't present in v3:
> > > 
> > > Process 37109 stopped 
> > >  * 
> > > thread #6, stop reason = EXC_BAD_ACCESS (code=1, 
> > > address=0xfd4f)
> > > frame #0: 0x0001002f1c90 
> > > qemu-system-x86_64`tcg_emit_op(opc=INDEX_op_add_i64) at tcg.c:2531:5 
> > > [opt]   2528 TCGOp 
> > > *tcg_emit_op(TCGOpcode opc)
> > >2529 { 
> > > 
> > > 2530 TCGOp *op = tcg_op_alloc(opc);
> > > -> 2531 QTAILQ_INSERT_TAIL(_ctx->ops, op, link);
> > >2532 return op;
> > >2533 }
> > >2534
> > > Target 0: (qemu-system-x86_64) stopped.
> > > (lldb) bt
> > > * thread #6, stop reason = EXC_BAD_ACCESS (code=1, 
> > > address=0xfd4f)
> > >   * frame #0: 0x0001002f1c90 
> > > qemu-system-x86_64`tcg_emit_op(opc=INDEX_op_add_i64) at tcg.c:2531:5 [opt]
> > > frame #1: 0x00010026f040 qemu-system-x86_64`tcg_gen_addi_i64 
> > > [inlined] tcg_gen_op3(opc=INDEX_op_add_i64, a1=4430334952, a2=4430333440,
> > > a3=4430361496) at tcg-op.c:60:17 [opt]
> > > frame #2: 0x00010026f038 qemu-system-x86_64`tcg_gen_addi_i64 
> > > [inlined] tcg_gen_op3_i64(opc=INDEX_op_add_i64, a1=, a2= > > ailable>, a3=) at tcg-op.h:94 [opt]
> > > frame #3: 0x00010026f030 qemu-system-x86_64`tcg_gen_addi_i64 
> > > [inlined] tcg_gen_add_i64(ret=, arg1=, arg2= > > vailable>) at tcg-op.h:618 [opt]
> > > frame #4: 0x00010026f030 
> > > qemu-system-x86_64`tcg_gen_addi_i64(ret=, 
> > > arg1=, arg2=) at tcg-op.c:123
> > > 5 [opt]
> > > frame #5: 0x00010021d1e0 
> > > qemu-system-x86_64`gen_lea_modrm_1(s=, a=(def_seg = 2, base 
> > > = 5, index = -1, scale = 0, disp = -6
> > > 89)) at translate.c:2101:9 [opt]
> > > frame #6: 0x00010020eeec qemu-system-x86_64`disas_insn [inlined] 
> > > gen_lea_modrm(env=0x000118610870, s=0x0001700b6b00, modrm= > > vailable>) at translate.c:2111:15 [opt]
> > > frame #7: 0x00010020eec0 
> > > qemu-system-x86_64`disas_insn(s=0x0001700b6b00, cpu=) at 
> > > translate.c:5509 [opt]
> > > frame #8: 0x00010020bb44 
> > > qemu-system-x86_64`i386_tr_translate_insn(dcbase=0x0001700b6b00, 
> > > cpu=) at translate.c:8573:15
> > >  [opt]
> > > frame #9: 0x0001002fbcf8 
> > > qemu-system-x86_64`translator_loop(ops=0x000100b209c8, 
> > > db=0x0001700b6b00, cpu=0x000118608000, tb=0
> > > x000120017200, max_insns=512) at translator.c:0 [opt]
> > > frame #10: 0x00010020b73c 
> > > qemu-system-x86_64`gen_intermediate_code(cpu=, 
> > > tb=, max_insns=) at tra
> > > nslate.c:8635:5 [opt]
> > > frame #11: 0x000100257970 
> > > qemu-system-x86_64`tb_gen_code(cpu=0x000118608000, pc=, 
> > > cs_base=0, flags=4194483, cflags=-16
> > > 777216) at translate-all.c:1931:5 [opt]
> > > frame #12: 0x0001002deb90 qemu-system-x86_64`cpu_exec [inlined] 
> > > tb_find(cpu=0x000118608000, last_tb=0x, tb_exit= > > available>, cf_mask=0) at cpu-exec.c:456:14 [opt]
> > > frame #13: 0x0001002deb54 
> > > qemu-system-x86_64`cpu_exec(cpu=0x000118608000) at cpu-exec.c:812 
> > > [opt]
> > > frame #14: 0x0001002bc0d0 
> > > qemu-system-x86_64`tcg_cpus_exec(cpu=0x000118608000) at 
> > > tcg-cpus.c:57:11 [opt]
> > > frame #15: 0x00010024c2cc 
> > > qemu-system-x86_64`rr_cpu_thread_fn(arg=) at 
> > > tcg-cpus-rr.c:217:21 [opt]
> 

Re: [PATCH v4] tcg: Toggle page execution for Apple Silicon

2021-01-23 Thread BALATON Zoltan

On Sat, 23 Jan 2021, Roman Bolshakov wrote:

On Sat, Jan 23, 2021 at 02:53:49PM +0300, Roman Bolshakov wrote:

On Thu, Jan 21, 2021 at 08:47:52AM -1000, Richard Henderson wrote:

From: Roman Bolshakov 

Pages can't be both write and executable at the same time on Apple
Silicon. macOS provides public API to switch write protection [1] for
JIT applications, like TCG.

1. 
https://developer.apple.com/documentation/apple_silicon/porting_just-in-time_compilers_to_apple_silicon

Signed-off-by: Roman Bolshakov 
Message-Id: <20210113032806.18220-1-r.bolsha...@yadro.com>
[rth: Inline the qemu_thread_jit_* functions;
 drop the MAP_JIT change for a follow-on patch.]
Signed-off-by: Richard Henderson 
---

Supercedes: <20210113032806.18220-1-r.bolsha...@yadro.com>

This is the version of Roman's patch that I'm queuing to tcg-next.
What's missing from the full "Fix execution" patch is setting MAP_JIT
for !splitwx in alloc_code_gen_buffer().



Richard, thanks for updating the patch. I have no objections against
moving the functions and inlining them. However I'm seeing an issue that
wasn't present in v3:

Process 37109 stopped   
   * thread #6, 
stop reason = EXC_BAD_ACCESS (code=1, address=0xfd4f)
frame #0: 0x0001002f1c90 
qemu-system-x86_64`tcg_emit_op(opc=INDEX_op_add_i64) at tcg.c:2531:5 [opt]  
 2528 TCGOp *tcg_emit_op(TCGOpcode opc)
   2529 {   
  2530 
TCGOp *op = tcg_op_alloc(opc);
-> 2531 QTAILQ_INSERT_TAIL(_ctx->ops, op, link);
   2532 return op;
   2533 }
   2534
Target 0: (qemu-system-x86_64) stopped.
(lldb) bt
* thread #6, stop reason = EXC_BAD_ACCESS (code=1, address=0xfd4f)
  * frame #0: 0x0001002f1c90 
qemu-system-x86_64`tcg_emit_op(opc=INDEX_op_add_i64) at tcg.c:2531:5 [opt]
frame #1: 0x00010026f040 qemu-system-x86_64`tcg_gen_addi_i64 [inlined] 
tcg_gen_op3(opc=INDEX_op_add_i64, a1=4430334952, a2=4430333440,
a3=4430361496) at tcg-op.c:60:17 [opt]
frame #2: 0x00010026f038 qemu-system-x86_64`tcg_gen_addi_i64 [inlined] 
tcg_gen_op3_i64(opc=INDEX_op_add_i64, a1=, a2=, a3=) at tcg-op.h:94 [opt]
frame #3: 0x00010026f030 qemu-system-x86_64`tcg_gen_addi_i64 [inlined] 
tcg_gen_add_i64(ret=, arg1=, arg2=) at tcg-op.h:618 [opt]
frame #4: 0x00010026f030 qemu-system-x86_64`tcg_gen_addi_i64(ret=, 
arg1=, arg2=) at tcg-op.c:123
5 [opt]
frame #5: 0x00010021d1e0 
qemu-system-x86_64`gen_lea_modrm_1(s=, a=(def_seg = 2, base = 5, 
index = -1, scale = 0, disp = -6
89)) at translate.c:2101:9 [opt]
frame #6: 0x00010020eeec qemu-system-x86_64`disas_insn [inlined] 
gen_lea_modrm(env=0x000118610870, s=0x0001700b6b00, modrm=) at translate.c:2111:15 [opt]
frame #7: 0x00010020eec0 qemu-system-x86_64`disas_insn(s=0x0001700b6b00, 
cpu=) at translate.c:5509 [opt]
frame #8: 0x00010020bb44 
qemu-system-x86_64`i386_tr_translate_insn(dcbase=0x0001700b6b00, 
cpu=) at translate.c:8573:15
 [opt]
frame #9: 0x0001002fbcf8 
qemu-system-x86_64`translator_loop(ops=0x000100b209c8, 
db=0x0001700b6b00, cpu=0x000118608000, tb=0
x000120017200, max_insns=512) at translator.c:0 [opt]
frame #10: 0x00010020b73c 
qemu-system-x86_64`gen_intermediate_code(cpu=, tb=, 
max_insns=) at tra
nslate.c:8635:5 [opt]
frame #11: 0x000100257970 
qemu-system-x86_64`tb_gen_code(cpu=0x000118608000, pc=, 
cs_base=0, flags=4194483, cflags=-16
777216) at translate-all.c:1931:5 [opt]
frame #12: 0x0001002deb90 qemu-system-x86_64`cpu_exec [inlined] 
tb_find(cpu=0x000118608000, last_tb=0x, tb_exit=, cf_mask=0) at cpu-exec.c:456:14 [opt]
frame #13: 0x0001002deb54 
qemu-system-x86_64`cpu_exec(cpu=0x000118608000) at cpu-exec.c:812 [opt]
frame #14: 0x0001002bc0d0 
qemu-system-x86_64`tcg_cpus_exec(cpu=0x000118608000) at tcg-cpus.c:57:11 
[opt]
frame #15: 0x00010024c2cc 
qemu-system-x86_64`rr_cpu_thread_fn(arg=) at tcg-cpus-rr.c:217:21 
[opt]
frame #16: 0x0001004b00b4 
qemu-system-x86_64`qemu_thread_start(args=) at 
qemu-thread-posix.c:521:9 [opt]
frame #17: 0x000191c4d06c libsystem_pthread.dylib`_pthread_start + 320

I'm looking into the issue but perhaps we'll need v5.



Nope. The issue is not directly related to the patch and W^X. I think it
can be applied.

tcg_ctx->ops is somehow getting corrupted despite it's initialized
properly during TCG start:

(lldb) p tcg_ctx->ops
(TCGContext::(anonymous union)) $18 = {
 tqh_first = 0x00840101
 tqh_circ = {
   tql_next = 0x00840101
   tql_prev = 0xfd4f
 }
}

I've bisected it (with v3 of Apple Silicon fix for TCG) to:

commit 8fe35e0444be88de4e3ab80a2a0e210a1f6d663d
Author: Richard 

Re: [PATCH] replay: fix replay of the interrupts

2021-01-23 Thread Paolo Bonzini

On 19/01/21 13:39, Pavel Dovgalyuk wrote:

Sometimes interrupt event comes at the same time with
the virtual timers. In this case replay tries to proceed
the timers, because deadline for them is zero.
This patch allows processing interrupts and exceptions
by entering the vCPU execution loop, when deadline is zero,
but checkpoint associated with virtual timers is not ready
to be replayed.

Signed-off-by: Pavel Dovgalyuk 
---
  accel/tcg/tcg-cpus-icount.c |8 +++-
  1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/accel/tcg/tcg-cpus-icount.c b/accel/tcg/tcg-cpus-icount.c
index 9f45432275..a6d2bb8a88 100644
--- a/accel/tcg/tcg-cpus-icount.c
+++ b/accel/tcg/tcg-cpus-icount.c
@@ -81,7 +81,13 @@ void icount_handle_deadline(void)
  int64_t deadline = qemu_clock_deadline_ns_all(QEMU_CLOCK_VIRTUAL,
QEMU_TIMER_ATTR_ALL);
  
-if (deadline == 0) {

+/*
+ * Instructions, interrupts, and exceptions are processed in cpu-exec.
+ * Don't interrupt cpu thread, when these events are waiting
+ * (i.e., there is no checkpoint)
+ */
+if (deadline == 0
+&& (replay_mode == REPLAY_MODE_RECORD || replay_has_checkpoint())) {


Should this be replay_mode != REPLAY_MODE_PLAY || replay_has_checkpoint()?

Paolo


  icount_notify_aio_contexts();
  }
  }






Re: [PATCH v3 0/4] meson: Try to clarify TCG / TCI options for new users

2021-01-23 Thread Paolo Bonzini

On 22/01/21 14:30, Philippe Mathieu-Daudé wrote:

Since v2:
- Included Thomas suggestions

Some new users get confused between 'TCG' and 'TCI' and enable
TCI when TCG is better for they needs. Try to clarify it is
better to not use TCI when native backend is available.

Note, before Meson, warnings were summarized at the end of
./configure. Now they are displayed earlier, and likely
missed IMHO. No clue how to improve that :/

Based-on: <20210121095616.1471869-1-phi...@redhat.com>

Philippe Mathieu-Daudé (4):
   meson: Explicit TCG backend used
   meson: Warn when TCI is selected but TCG backend is available
   configure: Improve TCI feature description
   configure: Reword --enable-tcg-interpreter as --disable-native-tcg

  configure   |  5 +++--
  meson.build | 11 +--
  2 files changed, 12 insertions(+), 4 deletions(-)



This will have to be reworked because the TCI option is moved to Meson 
in the pull request I have just sent, but patches 1-3 are good in concept.


Paolo




Re: [PATCH v2 00/12] buildsys: Do not build various objects if not necessary

2021-01-23 Thread Paolo Bonzini

On 22/01/21 21:44, Philippe Mathieu-Daudé wrote:

In this series we deselect a bunch of features when they
not required, so less objects are built.

While this reduce pressure on CI and slow systems, this is
particularly helpful for developers regularly testing multiple
build configurations.

All CI tests pass:
https://gitlab.com/philmd/qemu/-/pipelines/245654160

Supersedes: <20210120151916.1167448-1-phi...@redhat.com>

Philippe Mathieu-Daudé (12):
   configure: Only check for audio drivers if system-mode is selected
   tests/meson: Only build softfloat objects if TCG is selected
   pc-bios/meson: Only install EDK2 blob firmwares with system emulation
   meson: Do not build optional libraries by default
   meson: Restrict block subsystem processing
   meson: Merge trace_events_subdirs array
   meson: Restrict some trace event directories to user/system emulation
   meson: Restrict emulation code
   qapi/meson: Restrict qdev code to system-mode emulation
   qapi/meson: Remove QMP from user-mode emulation
   qapi/meson: Restrict system-mode specific modules
   qapi/meson: Restrict UI module to system emulation and tools

  configure   |  6 +
  meson.build | 55 ++---
  stubs/qdev.c| 23 +++
  MAINTAINERS |  1 +
  pc-bios/meson.build |  1 +
  qapi/meson.build| 34 +++-
  stubs/meson.build   |  2 ++
  tests/meson.build   | 11 +++--
  8 files changed, 97 insertions(+), 36 deletions(-)
  create mode 100644 stubs/qdev.c



Except for patch 8,

Acked-by: Paolo Bonzini 




Re: [PATCH v3 4/4] configure: Reword --enable-tcg-interpreter as --disable-native-tcg

2021-01-23 Thread Paolo Bonzini

On 22/01/21 14:30, Philippe Mathieu-Daudé wrote:

Users might want to enable all features, without realizing some
features have negative effect. Rename '--enable-tcg-interpreter'
as '--disable-native-tcg' to avoid user selecting this feature
without understanding it. '--enable-tcg-interpreter' is kept in
for backward compability with scripts.

Suggested-by: Thomas Huth 
Reviewed-by: Thomas Huth 
Signed-off-by: Philippe Mathieu-Daudé 
---
  configure | 5 +++--
  1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index 48bd6f48d7a..5e5ff779a69 100755
--- a/configure
+++ b/configure
@@ -1121,7 +1121,8 @@ for opt do
;;
--disable-tcg-interpreter) tcg_interpreter="no"
;;
-  --enable-tcg-interpreter) tcg_interpreter="yes"
+  --enable-tcg-interpreter) # backward compatibility


Do you really want to break the old option?


+  --disable-native-tcg) tcg_interpreter="yes"
;;
--disable-cap-ng)  cap_ng="disabled"
;;
@@ -1753,7 +1754,7 @@ Advanced options (experts only):
--with-trace-file=NAME   Full PATH,NAME of file to store traces
 Default:trace-
--disable-slirp  disable SLIRP userspace network connectivity
-  --enable-tcg-interpreter enable TCI (TCG with bytecode interpreter, 
experimental and slow)
+  --disable-native-tcg enable TCI (TCG with bytecode interpreter, 
experimental and slow)
--enable-malloc-trim enable libc malloc_trim() for memory optimization
--oss-libpath to OSS library
--cpu=CPUBuild for host CPU [$cpu]



The problem here is that for some CPUs there is no native TCG...  I 
mean, what's unclear in "exprimental and slow"?


Paolo




Re: [PATCH v2 09/12] qapi/meson: Restrict qdev code to system-mode emulation

2021-01-23 Thread Paolo Bonzini

On 22/01/21 21:44, Philippe Mathieu-Daudé wrote:

Beside a CPU device, user-mode emulation doesn't access
anything else from qdev subsystem.

Tools don't need anything from qdev.


I prefer to avoid stubs.  So if this patch can simply be dropped with no 
effects on 10-12, that's nicer for me.


Paolo


Signed-off-by: Philippe Mathieu-Daudé 
---
Cc: Laurent Vivier 
Cc: Eduardo Habkost 
---
  stubs/qdev.c  | 23 +++
  MAINTAINERS   |  1 +
  qapi/meson.build  |  6 +-
  stubs/meson.build |  2 ++
  4 files changed, 31 insertions(+), 1 deletion(-)
  create mode 100644 stubs/qdev.c

diff --git a/stubs/qdev.c b/stubs/qdev.c
new file mode 100644
index 000..92e61431344
--- /dev/null
+++ b/stubs/qdev.c
@@ -0,0 +1,23 @@
+/*
+ * QOM stubs
+ *
+ * Copyright (c) 2021 Red Hat, Inc.
+ *
+ * Author:
+ *   Philippe Mathieu-Daudé 
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/qapi-events-qdev.h"
+
+void qapi_event_send_device_deleted(bool has_device,
+const char *device,
+const char *path)
+{
+/* Nothing to do. */
+}
diff --git a/MAINTAINERS b/MAINTAINERS
index 34359a99b8e..d2dd7c24228 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2523,6 +2523,7 @@ F: qapi/qom.json
  F: qapi/qdev.json
  F: scripts/coccinelle/qom-parent-type.cocci
  F: softmmu/qdev-monitor.c
+F: stubs/qdev.c
  F: qom/
  F: tests/check-qom-interface.c
  F: tests/check-qom-proplist.c
diff --git a/qapi/meson.build b/qapi/meson.build
index ab68e7900e4..2839871b478 100644
--- a/qapi/meson.build
+++ b/qapi/meson.build
@@ -35,7 +35,6 @@
'misc-target',
'net',
'pragma',
-  'qdev',
'pci',
'qom',
'rdma',
@@ -49,6 +48,11 @@
'ui',
'yank',
  ]
+if have_system
+  qapi_all_modules += [
+'qdev',
+  ]
+endif
  
  qapi_storage_daemon_modules = [

'block-core',
diff --git a/stubs/meson.build b/stubs/meson.build
index 1a656cd0704..a054d5877fb 100644
--- a/stubs/meson.build
+++ b/stubs/meson.build
@@ -53,4 +53,6 @@
  if have_system
stub_ss.add(files('semihost.c'))
stub_ss.add(files('xen-hw-stub.c'))
+else
+  stub_ss.add(files('qdev.c'))
  endif






Re: [PATCH 1/1] os_find_datadir: search as in version 4.2

2021-01-23 Thread Paolo Bonzini

On 23/01/21 03:05, Brian Norris wrote:

It turns out that Paolo inadvertently (?) fixed this issue by
refactoring, in v5.2.0:
ea1edcd7da1a vl: relocate paths to data directories
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=ea1edcd7da1a375ef7ccf8aa93b72827b518ad8e;hp=63c4db4c2e6d221cecb5aafa365934bb05724cb4


That wasn't entirely inadvertent.  It had been on my todo list to fix 
relocatability for good, I just didn't remember how it got on the list. :)


So on one hand I didn't remember it to be a regression, and I only 
really set out to make QEMU relocatable in order to enable the change of 
commit d17f305a26 ("configure: use a platform-neutral prefix", 
2020-09-30).  On the other hand, your report was what had made me aware 
that relocatable installs were buggy and inconsistent.


Paolo




Re: [PATCH v4] tcg: Toggle page execution for Apple Silicon

2021-01-23 Thread Roman Bolshakov
On Sat, Jan 23, 2021 at 02:53:49PM +0300, Roman Bolshakov wrote:
> On Thu, Jan 21, 2021 at 08:47:52AM -1000, Richard Henderson wrote:
> > From: Roman Bolshakov 
> > 
> > Pages can't be both write and executable at the same time on Apple
> > Silicon. macOS provides public API to switch write protection [1] for
> > JIT applications, like TCG.
> > 
> > 1. 
> > https://developer.apple.com/documentation/apple_silicon/porting_just-in-time_compilers_to_apple_silicon
> > 
> > Signed-off-by: Roman Bolshakov 
> > Message-Id: <20210113032806.18220-1-r.bolsha...@yadro.com>
> > [rth: Inline the qemu_thread_jit_* functions;
> >  drop the MAP_JIT change for a follow-on patch.]
> > Signed-off-by: Richard Henderson 
> > ---
> > 
> > Supercedes: <20210113032806.18220-1-r.bolsha...@yadro.com>
> > 
> > This is the version of Roman's patch that I'm queuing to tcg-next.
> > What's missing from the full "Fix execution" patch is setting MAP_JIT
> > for !splitwx in alloc_code_gen_buffer().
> > 
> 
> Richard, thanks for updating the patch. I have no objections against
> moving the functions and inlining them. However I'm seeing an issue that
> wasn't present in v3:
> 
> Process 37109 stopped 
>  * thread #6, 
> stop reason = EXC_BAD_ACCESS (code=1, address=0xfd4f)
> frame #0: 0x0001002f1c90 
> qemu-system-x86_64`tcg_emit_op(opc=INDEX_op_add_i64) at tcg.c:2531:5 [opt]
>2528 TCGOp *tcg_emit_op(TCGOpcode opc)
>2529 { 
> 2530 
> TCGOp *op = tcg_op_alloc(opc);
> -> 2531 QTAILQ_INSERT_TAIL(_ctx->ops, op, link);
>2532 return op;
>2533 }
>2534
> Target 0: (qemu-system-x86_64) stopped.
> (lldb) bt
> * thread #6, stop reason = EXC_BAD_ACCESS (code=1, address=0xfd4f)
>   * frame #0: 0x0001002f1c90 
> qemu-system-x86_64`tcg_emit_op(opc=INDEX_op_add_i64) at tcg.c:2531:5 [opt]
> frame #1: 0x00010026f040 qemu-system-x86_64`tcg_gen_addi_i64 
> [inlined] tcg_gen_op3(opc=INDEX_op_add_i64, a1=4430334952, a2=4430333440,
> a3=4430361496) at tcg-op.c:60:17 [opt]
> frame #2: 0x00010026f038 qemu-system-x86_64`tcg_gen_addi_i64 
> [inlined] tcg_gen_op3_i64(opc=INDEX_op_add_i64, a1=, a2= ailable>, a3=) at tcg-op.h:94 [opt]
> frame #3: 0x00010026f030 qemu-system-x86_64`tcg_gen_addi_i64 
> [inlined] tcg_gen_add_i64(ret=, arg1=, arg2= vailable>) at tcg-op.h:618 [opt]
> frame #4: 0x00010026f030 
> qemu-system-x86_64`tcg_gen_addi_i64(ret=, arg1=, 
> arg2=) at tcg-op.c:123
> 5 [opt]
> frame #5: 0x00010021d1e0 
> qemu-system-x86_64`gen_lea_modrm_1(s=, a=(def_seg = 2, base = 5, 
> index = -1, scale = 0, disp = -6
> 89)) at translate.c:2101:9 [opt]
> frame #6: 0x00010020eeec qemu-system-x86_64`disas_insn [inlined] 
> gen_lea_modrm(env=0x000118610870, s=0x0001700b6b00, modrm= vailable>) at translate.c:2111:15 [opt]
> frame #7: 0x00010020eec0 
> qemu-system-x86_64`disas_insn(s=0x0001700b6b00, cpu=) at 
> translate.c:5509 [opt]
> frame #8: 0x00010020bb44 
> qemu-system-x86_64`i386_tr_translate_insn(dcbase=0x0001700b6b00, 
> cpu=) at translate.c:8573:15
>  [opt]
> frame #9: 0x0001002fbcf8 
> qemu-system-x86_64`translator_loop(ops=0x000100b209c8, 
> db=0x0001700b6b00, cpu=0x000118608000, tb=0
> x000120017200, max_insns=512) at translator.c:0 [opt]
> frame #10: 0x00010020b73c 
> qemu-system-x86_64`gen_intermediate_code(cpu=, tb=, 
> max_insns=) at tra
> nslate.c:8635:5 [opt]
> frame #11: 0x000100257970 
> qemu-system-x86_64`tb_gen_code(cpu=0x000118608000, pc=, 
> cs_base=0, flags=4194483, cflags=-16
> 777216) at translate-all.c:1931:5 [opt]
> frame #12: 0x0001002deb90 qemu-system-x86_64`cpu_exec [inlined] 
> tb_find(cpu=0x000118608000, last_tb=0x, tb_exit= available>, cf_mask=0) at cpu-exec.c:456:14 [opt]
> frame #13: 0x0001002deb54 
> qemu-system-x86_64`cpu_exec(cpu=0x000118608000) at cpu-exec.c:812 [opt]
> frame #14: 0x0001002bc0d0 
> qemu-system-x86_64`tcg_cpus_exec(cpu=0x000118608000) at tcg-cpus.c:57:11 
> [opt]
> frame #15: 0x00010024c2cc 
> qemu-system-x86_64`rr_cpu_thread_fn(arg=) at 
> tcg-cpus-rr.c:217:21 [opt]
> frame #16: 0x0001004b00b4 
> qemu-system-x86_64`qemu_thread_start(args=) at 
> qemu-thread-posix.c:521:9 [opt]
> frame #17: 0x000191c4d06c libsystem_pthread.dylib`_pthread_start + 320
> 
> I'm looking into the issue but perhaps we'll need v5.
> 

Nope. The issue is not directly related to the patch and W^X. I think it
can be applied.

tcg_ctx->ops is somehow getting corrupted despite it's initialized
properly during TCG start:

(lldb) p tcg_ctx->ops
(TCGContext::(anonymous union)) $18 = {
  tqh_first = 

Re: [PATCH 8/8] configure: automatically parse command line for meson -D options

2021-01-23 Thread Paolo Bonzini

On 23/01/21 04:30, 罗勇刚(Yonggang Luo) wrote:
 > We could and I did it in the first version. However it's ugly that 
the user has to use --python on some setups in order to get a full help 
message.


   Yeap, but finally configure should gone, so I think --python are 
acceptable by user, just need make sure to be noticed when the default 
python

are not python3


When configure will be gone, these 200 lines of Perl will disappear with 
it, so we don't have to think for future users and developers, but for 
the present.


I don't expect configure or Makefile to go away completely, because for 
example things such as "git submodule" handling are easier to do in the 
shell.  However, we also need to evaluate what's the road to a minimal 
configure (just like our Makefile is pretty minimal, only tests/tcg 
still has lots of build logic).  In that respect, automatic parsing 
command line simplifies moving things from configure to meson, and that 
is true no matter what language the parser is written in.


(BTW, I'm not such a Perl fan.  I have only ever written like 3 or 4 
programs in Perl).


Paolo




Re: [PATCH] fdc: check drive block device before usage (CVE-2021-20196)

2021-01-23 Thread Alexander Bulekov
On 210123 1247, Alexander Bulekov wrote:
> Hello,
> Here is a reproducer for this bug found by the OSS-Fuzz fuzzer:
> 
> cat << EOF | qemu-system-i386 -display none -machine accel=qtest \
> -m 512M -machine pc -device floppy,unit=1,id=floppy0,drive=disk0 \
> -drive id=disk0,file=null-co://,file.read-zeroes=on,if=none,format=raw \
> -qtest stdio
> outw 0x3f4 0x2500
> outb 0x3f5 0x81
> outb 0x3f5 0x0
> outb 0x3f5 0x0
> outb 0x3f5 0x0
> outw 0x3f4 0x0
> outw 0x3f4 0x4000
> outw 0x3f4 0x13
> outb 0x3f5 0x1
> outw 0x3f2 0x1405
> outw 0x3f4 0x0
> EOF
> 
Oops there's a mistake there. Fixed:

cat << EOF | ./qemu-system-i386 -display none -machine accel=qtest \
-m 512M -machine pc -device floppy,unit=1,id=floppy0,drive=disk0 \
-drive id=disk0,file=null-co://,file.read-zeroes=on,if=none,format=raw \
-qtest stdio
outw 0x3f4 0x2500
outb 0x3f5 0x81
outb 0x3f5 0x0
outb 0x3f5 0x0
outb 0x3f5 0x0
outw 0x3f2 0x14
outw 0x3f4 0x0
outw 0x3f4 0x4000
outw 0x3f4 0x13
outb 0x3f5 0x1
outw 0x3f2 0x1405
outw 0x3f4 0x0
EOF

> -Alex
> 
> On 210123 1533, P J P wrote:
> > From: Prasad J Pandit 
> > 
> > While processing ioport command in 'fdctrl_write_dor', device
> > controller may select a drive which is not initialised with a
> > block device. This may result in a NULL pointer dereference.
> > Add checks to avoid it.
> > 
> > Fixes: CVE-2021-20196
> > Reported-by: Gaoning Pan 
> > Buglink: https://bugs.launchpad.net/qemu/+bug/1912780
> > Signed-off-by: Prasad J Pandit 
> > ---
> >  hw/block/fdc.c | 11 +--
> >  1 file changed, 9 insertions(+), 2 deletions(-)
> > 
> > diff --git a/hw/block/fdc.c b/hw/block/fdc.c
> > index 3636874432..13a9470d19 100644
> > --- a/hw/block/fdc.c
> > +++ b/hw/block/fdc.c
> > @@ -1429,7 +1429,9 @@ static void fdctrl_write_dor(FDCtrl *fdctrl, uint32_t 
> > value)
> >  }
> >  }
> >  /* Selected drive */
> > -fdctrl->cur_drv = value & FD_DOR_SELMASK;
> > +if (fdctrl->drives[value & FD_DOR_SELMASK].blk) {
> > +fdctrl->cur_drv = value & FD_DOR_SELMASK;
> > +}
> >  
> >  fdctrl->dor = value;
> >  }
> > @@ -1894,6 +1896,10 @@ static uint32_t fdctrl_read_data(FDCtrl *fdctrl)
> >  uint32_t pos;
> >  
> >  cur_drv = get_cur_drv(fdctrl);
> > +if (!cur_drv->blk) {
> > +FLOPPY_DPRINTF("No drive connected\n");
> > +return 0;
> > +}
> >  fdctrl->dsr &= ~FD_DSR_PWRDOWN;
> >  if (!(fdctrl->msr & FD_MSR_RQM) || !(fdctrl->msr & FD_MSR_DIO)) {
> >  FLOPPY_DPRINTF("error: controller not ready for reading\n");
> > @@ -2420,7 +2426,8 @@ static void fdctrl_write_data(FDCtrl *fdctrl, 
> > uint32_t value)
> >  if (pos == FD_SECTOR_LEN - 1 ||
> >  fdctrl->data_pos == fdctrl->data_len) {
> >  cur_drv = get_cur_drv(fdctrl);
> > -if (blk_pwrite(cur_drv->blk, fd_offset(cur_drv), fdctrl->fifo,
> > +if (cur_drv->blk == NULL
> > +|| blk_pwrite(cur_drv->blk, fd_offset(cur_drv), 
> > fdctrl->fifo,
> > BDRV_SECTOR_SIZE, 0) < 0) {
> >  FLOPPY_DPRINTF("error writing sector %d\n",
> > fd_sector(cur_drv));
> > -- 
> > 2.29.2
> > 
> > 



Re: [PATCH] fdc: check drive block device before usage (CVE-2021-20196)

2021-01-23 Thread Alexander Bulekov
Hello,
Here is a reproducer for this bug found by the OSS-Fuzz fuzzer:

cat << EOF | qemu-system-i386 -display none -machine accel=qtest \
-m 512M -machine pc -device floppy,unit=1,id=floppy0,drive=disk0 \
-drive id=disk0,file=null-co://,file.read-zeroes=on,if=none,format=raw \
-qtest stdio
outw 0x3f4 0x2500
outb 0x3f5 0x81
outb 0x3f5 0x0
outb 0x3f5 0x0
outb 0x3f5 0x0
outw 0x3f4 0x0
outw 0x3f4 0x4000
outw 0x3f4 0x13
outb 0x3f5 0x1
outw 0x3f2 0x1405
outw 0x3f4 0x0
EOF

-Alex

On 210123 1533, P J P wrote:
> From: Prasad J Pandit 
> 
> While processing ioport command in 'fdctrl_write_dor', device
> controller may select a drive which is not initialised with a
> block device. This may result in a NULL pointer dereference.
> Add checks to avoid it.
> 
> Fixes: CVE-2021-20196
> Reported-by: Gaoning Pan 
> Buglink: https://bugs.launchpad.net/qemu/+bug/1912780
> Signed-off-by: Prasad J Pandit 
> ---
>  hw/block/fdc.c | 11 +--
>  1 file changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/block/fdc.c b/hw/block/fdc.c
> index 3636874432..13a9470d19 100644
> --- a/hw/block/fdc.c
> +++ b/hw/block/fdc.c
> @@ -1429,7 +1429,9 @@ static void fdctrl_write_dor(FDCtrl *fdctrl, uint32_t 
> value)
>  }
>  }
>  /* Selected drive */
> -fdctrl->cur_drv = value & FD_DOR_SELMASK;
> +if (fdctrl->drives[value & FD_DOR_SELMASK].blk) {
> +fdctrl->cur_drv = value & FD_DOR_SELMASK;
> +}
>  
>  fdctrl->dor = value;
>  }
> @@ -1894,6 +1896,10 @@ static uint32_t fdctrl_read_data(FDCtrl *fdctrl)
>  uint32_t pos;
>  
>  cur_drv = get_cur_drv(fdctrl);
> +if (!cur_drv->blk) {
> +FLOPPY_DPRINTF("No drive connected\n");
> +return 0;
> +}
>  fdctrl->dsr &= ~FD_DSR_PWRDOWN;
>  if (!(fdctrl->msr & FD_MSR_RQM) || !(fdctrl->msr & FD_MSR_DIO)) {
>  FLOPPY_DPRINTF("error: controller not ready for reading\n");
> @@ -2420,7 +2426,8 @@ static void fdctrl_write_data(FDCtrl *fdctrl, uint32_t 
> value)
>  if (pos == FD_SECTOR_LEN - 1 ||
>  fdctrl->data_pos == fdctrl->data_len) {
>  cur_drv = get_cur_drv(fdctrl);
> -if (blk_pwrite(cur_drv->blk, fd_offset(cur_drv), fdctrl->fifo,
> +if (cur_drv->blk == NULL
> +|| blk_pwrite(cur_drv->blk, fd_offset(cur_drv), fdctrl->fifo,
> BDRV_SECTOR_SIZE, 0) < 0) {
>  FLOPPY_DPRINTF("error writing sector %d\n",
> fd_sector(cur_drv));
> -- 
> 2.29.2
> 
> 



Re: [PATCH] tcg: Increase the static number of temporaries

2021-01-23 Thread Laurent Vivier
Le 21/01/2021 à 03:54, Richard Henderson a écrit :
> This isn't a total or permanent solution to the problem of running
> out of temporaries, but it puts off the issue for a bit.
> 
> Make the assert in tcg_temp_alloc unconditional.  If we do run out
> of temps, this can fail much later as a weird SIGSEGV, due to the
> buffer overrun of the temp array.
> 
> Remove the inlines from tcg_temp_alloc and tcg_global_alloc.
> 
> Buglink: https://bugs.launchpad.net/bugs/1912065
> Signed-off-by: Richard Henderson 
> ---
> 
> There are more bugs that need fixing in order to actually make
> the dynamic allocation scheme work.  Rather than keep this bug
> pending longer, hack around it and make the SEGV an ABRT.
> 
> r~
> 
> ---
>  include/tcg/tcg.h | 2 +-
>  tcg/tcg.c | 6 +++---
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
> index c5a9d65d5f..0187de1352 100644
> --- a/include/tcg/tcg.h
> +++ b/include/tcg/tcg.h
> @@ -275,7 +275,7 @@ typedef struct TCGPool {
>  
>  #define TCG_POOL_CHUNK_SIZE 32768
>  
> -#define TCG_MAX_TEMPS 512
> +#define TCG_MAX_TEMPS 1024

This seems not enough, I have:

ERROR:.../tcg/tcg.c:1210:tcg_temp_alloc: assertion failed: (n < TCG_MAX_TEMPS)
Bail out! ERROR:.../tcg/tcg.c:1210:tcg_temp_alloc: assertion failed: (n < 
TCG_MAX_TEMPS)

With my branch m68k-virt (68040 processor with virtio-mmio devices) booting 
debian sid.

Thanks,
Laurent



Re: [PATCH v7 00/11] Rework iotests/check

2021-01-23 Thread Vladimir Sementsov-Ogievskiy

22.01.2021 19:16, Kevin Wolf wrote:

Am 16.01.2021 um 14:44 hat Vladimir Sementsov-Ogievskiy geschrieben:

Hi all!

These series has 3 goals:

  - get rid of group file (to forget about rebase and in-list conflicts)
  - introduce human-readable names for tests
  - rewrite check into python

v7:
   - fix wording and grammar
   - satisfy python linters
   - move argv interfaces all into one in new check script
   - support '-n' == '--dry-run' option
   - update check-block to run check with correct PYTHON


Okay, I think I'm finished with the review for this version.

I also tried pylint/mypy again and it's mostly clean now (pylint
complains about the TODO comments, I think we should just disable that
warning).

Feel free to include the following as patch 12 in v8.

Kevin


I remember Max already queued good changes for 297 in his block branch




diff --git a/tests/qemu-iotests/297 b/tests/qemu-iotests/297
index 85bc1c0c85..8aaa3e455c 100755
--- a/tests/qemu-iotests/297
+++ b/tests/qemu-iotests/297
@@ -31,13 +31,15 @@ if ! type -p "mypy" > /dev/null; then
  _notrun "mypy not found"
  fi

-pylint-3 --score=n iotests.py
+FILES="findtests.py iotests.py testenv.py testrunner.py check"
+
+pylint-3 --score=n $FILES

  MYPYPATH=../../python/ mypy --warn-unused-configs --disallow-subclassing-any \
  --disallow-any-generics --disallow-incomplete-defs \
  --disallow-untyped-decorators --no-implicit-optional \
  --warn-redundant-casts --warn-unused-ignores \
---no-implicit-reexport iotests.py
+--no-implicit-reexport $FILES

  # success, all done
  echo "*** done"
diff --git a/tests/qemu-iotests/297.out b/tests/qemu-iotests/297.out
index 6acc843649..85213ef96e 100644
--- a/tests/qemu-iotests/297.out
+++ b/tests/qemu-iotests/297.out
@@ -1,3 +1,3 @@
  QA output created by 297
-Success: no issues found in 1 source file
+Success: no issues found in 5 source files
  *** done
diff --git a/tests/qemu-iotests/pylintrc b/tests/qemu-iotests/pylintrc
index cd3702e23c..980bfa7b20 100644
--- a/tests/qemu-iotests/pylintrc
+++ b/tests/qemu-iotests/pylintrc
@@ -9,7 +9,8 @@
  # --enable=similarities". If you want to run only the classes checker, but 
have
  # no Warning level messages displayed, use "--disable=all --enable=classes
  # --disable=W".
-disable=invalid-name,
+disable=fixme,
+invalid-name,


Max just disable it in 297. I think we should not disable it globally, as 
additional hint doesn't hurt (except for test output).


  no-else-return,
  too-few-public-methods,
  too-many-arguments,




--
Best regards,
Vladimir



Re: [PATCH v7 10/11] iotests: rewrite check into python

2021-01-23 Thread Vladimir Sementsov-Ogievskiy

22.01.2021 19:08, Kevin Wolf wrote:

Am 16.01.2021 um 14:44 hat Vladimir Sementsov-Ogievskiy geschrieben:

Just use classes introduced in previous three commits. Behavior
difference is described in these three commits.

Drop group file, as it becomes unused.

Drop common.env: now check is in python, and for tests we use same
python interpreter that runs the check itself. Use build environment
PYTHON in check-block instead, to keep "make check" use the same
python.

Signed-off-by: Vladimir Sementsov-Ogievskiy 



diff --git a/tests/check-block.sh b/tests/check-block.sh
index fb4c1baae9..26eb1c0a9b 100755
--- a/tests/check-block.sh
+++ b/tests/check-block.sh
@@ -69,7 +69,7 @@ export QEMU_CHECK_BLOCK_AUTO=1
  
  ret=0

  for fmt in $format_list ; do
-./check -makecheck -$fmt $group || ret=1
+${PYTHON} ./check -makecheck -$fmt $group || ret=1
  done


When I add an echo to print that command line, it seems that ${PYTHON}
is empty for me. Is this expected?


It seems to be defined defined when called from make check. Did you just call 
check-block directly?

It's not intentional, but I think it's OK: if PYTHON is not defined let's just 
execute check as self-executable. And for make-check PYTHON is defined and 
correct python is used.




  exit $ret
diff --git a/tests/qemu-iotests/check b/tests/qemu-iotests/check
index 952762d5ed..914321806a 100755
--- a/tests/qemu-iotests/check
+++ b/tests/qemu-iotests/check


[..]


-if [ -x "$binary" ]
-then
-export QEMU_PROG="$build_root/$binary"
-break
-fi
-done
-popd > /dev/null
-[ "$QEMU_PROG" = "" ] && _init_error "qemu not found"
-fi


I think this else branch is kind of important (if there is no system
emulator binary for the host architecture, find _any_ system emulator
binary that was built). I can't find its equivalent in the new code.


Hmm, I decided testing "first found" emulator is strange.. It seems like we 
have several emulators and user don't care which would be tested?

Probably we should instead used qemu-system-* binary only if there is only one 
matching binary. And fail if there are many.



--
Best regards,
Vladimir



Re: [PATCH v2 6/7] goldfish_rtc: re-arm the alarm after migration

2021-01-23 Thread Laurent Vivier
Is there someone to merge this?

Thanks,
Laurent

Le 20/12/2020 à 12:26, Laurent Vivier a écrit :
> After a migration the clock offset is updated, but we also
> need to re-arm the alarm if needed.
> 
> Signed-off-by: Laurent Vivier 
> Reviewed-by: Alistair Francis 
> ---
>  hw/rtc/goldfish_rtc.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/hw/rtc/goldfish_rtc.c b/hw/rtc/goldfish_rtc.c
> index 0f4e8185a796..e07ff0164e0c 100644
> --- a/hw/rtc/goldfish_rtc.c
> +++ b/hw/rtc/goldfish_rtc.c
> @@ -211,6 +211,8 @@ static int goldfish_rtc_post_load(void *opaque, int 
> version_id)
>  qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
>  s->tick_offset = s->tick_offset_vmstate - delta;
>  
> +goldfish_rtc_set_alarm(s);
> +
>  return 0;
>  }
>  
> 




Re: [PATCH] virtio-mmio: fix guest kernel crash with SHM regions

2021-01-23 Thread Laurent Vivier
Anyone to merge this?

Thanks,
Laurent

Le 20/12/2020 à 17:35, Laurent Vivier a écrit :
> In the kernel, virtio_gpu_init() uses virtio_get_shm_region()
> since
> commit 6076a9711dc5 ("drm/virtio: implement blob resources: probe for host 
> visible region")
> but vm_get_shm_region() unconditionally uses VIRTIO_MMIO_SHM_SEL to
> get the address and the length of the region.
> 
> commit 38e895487afc ("virtio: Implement get_shm_region for MMIO transport"
> 
> As this is not implemented in QEMU, address and length are 0 and passed
> as is to devm_request_mem_region() that triggers a crash:
> 
>   [drm:virtio_gpu_init] *ERROR* Could not reserve host visible region
>   Unable to handle kernel NULL pointer dereference at virtual address (ptrval)
> 
> According to the comments in the kernel, a non existent shared region
> has a length of (u64)-1.
> 
> This is what we return now with this patch to disable the region.
> 
> Signed-off-by: Laurent Vivier 
> ---
>  hw/virtio/virtio-mmio.c | 8 
>  1 file changed, 8 insertions(+)
> 
> diff --git a/hw/virtio/virtio-mmio.c b/hw/virtio/virtio-mmio.c
> index e1b5c3b81e37..610661d6a526 100644
> --- a/hw/virtio/virtio-mmio.c
> +++ b/hw/virtio/virtio-mmio.c
> @@ -191,6 +191,14 @@ static uint64_t virtio_mmio_read(void *opaque, hwaddr 
> offset, unsigned size)
>  return 0;
>  }
>  return vdev->generation;
> +   case VIRTIO_MMIO_SHM_LEN_LOW:
> +   case VIRTIO_MMIO_SHM_LEN_HIGH:
> +/*
> + * VIRTIO_MMIO_SHM_SEL is unimplemented
> + * according to the linux driver, if region length is -1
> + * the shared memory doesn't exist
> + */
> +return -1;
>  case VIRTIO_MMIO_DEVICE_FEATURES_SEL:
>  case VIRTIO_MMIO_DRIVER_FEATURES:
>  case VIRTIO_MMIO_DRIVER_FEATURES_SEL:
> 




Re: [PULL 00/31] Misc patches for 2020-01-21

2021-01-23 Thread no-reply
Patchew URL: 
https://patchew.org/QEMU/20210123143128.1167797-1-pbonz...@redhat.com/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 20210123143128.1167797-1-pbonz...@redhat.com
Subject: [PULL 00/31] Misc patches for 2020-01-21

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
 * [new tag] patchew/20210123143128.1167797-1-pbonz...@redhat.com -> 
patchew/20210123143128.1167797-1-pbonz...@redhat.com
Switched to a new branch 'test'
4a3ceb3 qemu-option: warn for short-form boolean options
601145b qemu-option: move help handling to get_opt_name_value
d44f2ed qemu-option: clean up id vs. list->merge_lists
d70fb5f vnc: support "-vnc help"
fe666fb qmp: remove deprecated "change" command
8581d24 hmp: remove "change vnc TARGET" command
e784bbe acceptance: switch to QMP change-vnc-password command
82574e9 meson.build: Detect bzip2 program
cc91009 meson.build: Declare global edk2_targets / install_edk2_blobs variables
a8e31f6 meson: Add a section header for library dependencies
88a07a2 meson: Display crypto-related information altogether
0e8b853 meson: Display block layer information altogether
6336d44 meson: Display accelerators and selected targets altogether
b332b01 meson: Summarize compilation-related information altogether
b807fd5 meson: Summarize overall features altogether
bfb3d06 meson: Display host binaries information altogether
86dcc24 meson: Summarize information related to directories first
f678a10 meson: convert wixl detection to Meson
f464b38 nsis: adjust for new MinGW paths
e7b75e0 meson: Declare have_virtfs_proxy_helper in main meson.build
a1e89ed slirp: update to git master
13a0c33 build-sys: add libvhost-user missing dependencies
51e6567 build-sys: set global arguments for cflags/ldflags
8922c06 build-sys: remove unused LIBS
08be6c9 ide: atapi: check logical block address and read size (CVE-2020-29443)
6f15f3c softmmu/physmem: Silence GCC 10 maybe-uninitialized error
201c7af util/cacheflush: Fix error generated by clang
c6ae035 build-system: clean up TCG/TCI configury
b981bdd x86/cpu: Use max host physical address if -cpu max option is applied
8c3b2ab configure: MinGW respect --bindir argument
35af975 runstate: cleanup reboot and panic actions

=== OUTPUT BEGIN ===
1/31 Checking commit 35af975eb80f (runstate: cleanup reboot and panic actions)
ERROR: line over 90 characters
#118: FILE: softmmu/runstate.c:478:
+|| (panic_action == PANIC_ACTION_SHUTDOWN && shutdown_action == 
SHUTDOWN_ACTION_PAUSE)) {

total: 1 errors, 0 warnings, 83 lines checked

Patch 1/31 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

2/31 Checking commit 8c3b2ab803a2 (configure: MinGW respect --bindir argument)
3/31 Checking commit b981bddaf3b1 (x86/cpu: Use max host physical address if 
-cpu max option is applied)
WARNING: line over 80 characters
#27: FILE: target/i386/cpu.c:4322:
+object_property_set_bool(OBJECT(cpu), "host-phys-bits", true, 
_abort);

total: 0 errors, 1 warnings, 7 lines checked

Patch 3/31 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
4/31 Checking commit c6ae035743a2 (build-system: clean up TCG/TCI configury)
5/31 Checking commit 201c7afcfdda (util/cacheflush: Fix error generated by 
clang)
6/31 Checking commit 6f15f3c12f74 (softmmu/physmem: Silence GCC 10 
maybe-uninitialized error)
7/31 Checking commit 08be6c9b3812 (ide: atapi: check logical block address and 
read size (CVE-2020-29443))
8/31 Checking commit 8922c06bbfeb (build-sys: remove unused LIBS)
9/31 Checking commit 51e6567ee41a (build-sys: set global arguments for 
cflags/ldflags)
10/31 Checking commit 13a0c33ae299 (build-sys: add libvhost-user missing 
dependencies)
11/31 Checking commit a1e89edfc8f7 (slirp: update to git master)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#162: 
deleted file mode 16

total: 0 errors, 1 warnings, 98 lines checked

Patch 11/31 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
12/31 Checking commit e7b75e08c98c (meson: Declare have_virtfs_proxy_helper in 
main meson.build)
13/31 Checking commit f464b383c7da (nsis: adjust for new MinGW paths)
14/31 Checking commit f678a100a38d (meson: convert wixl detection to Meson)
15/31 Checking commit 86dcc24dd9dc (meson: Summarize information related to 
directories first)
16/31 Checking commit bfb3d06eba81 (meson: Display host binaries information 
altogether)

[PULL 29/31] qemu-option: clean up id vs. list->merge_lists

2021-01-23 Thread Paolo Bonzini
Looking at all merge-lists QemuOptsList, here is how they access their
QemuOpts:

reopen_opts in qemu-io-cmds.c ("qemu-img reopen -o")
qemu_opts_find(_opts, NULL)

empty_opts in qemu-io.c ("qemu-io open -o")
qemu_opts_find(_opts, NULL)

qemu_rtc_opts ("-rtc")
qemu_find_opts_singleton("rtc")

qemu_machine_opts ("-M")
qemu_find_opts_singleton("machine")

qemu_action_opts ("-name")
qemu_opts_foreach->process_runstate_actions

qemu_boot_opts ("-boot")
in hw/nvram/fw_cfg.c and hw/s390x/ipl.c:
  QTAILQ_FIRST(_find_opts("bootopts")->head)
in softmmu/vl.c:
  qemu_opts_find(qemu_find_opts("boot-opts"), NULL)

qemu_name_opts ("-name")
qemu_opts_foreach->parse_name
parse_name does not use id

qemu_mem_opts ("-m")
qemu_find_opts_singleton("memory")

qemu_icount_opts ("-icount")
qemu_opts_foreach->do_configure_icount
do_configure_icount->icount_configure
icount_configure does not use id

qemu_smp_opts ("-smp")
qemu_opts_find(qemu_find_opts("smp-opts"), NULL)

qemu_spice_opts ("-spice")
QTAILQ_FIRST(_spice_opts.head)

i.e. they don't need an id.  Sometimes its presence is ignored
(e.g. when using qemu_opts_foreach), sometimes all the options
with the id are skipped, sometimes only the first option on the
command line is considered.  -boot does two different things
depending on who's looking at the options.

With this patch we just forbid id on merge-lists QemuOptsLists; if the
command line still works, it has the same semantics as before.

qemu_opts_create's fail_if_exists parameter is now unnecessary:

- it is unused if id is NULL

- opts_parse only passes false if reached from qemu_opts_set_defaults,
in which case this patch enforces that id must be NULL

- other callers that can pass a non-NULL id always set it to true

Assert that it is true in the only case where "fail_if_exists" matters,
i.e. "id && !lists->merge_lists".  This means that if an id is present,
duplicates are always forbidden, which was already the status quo.

Discounting the case that aborts as it's not user-controlled (it's
"just" a matter of inspecting qemu_opts_create callers), the paths
through qemu_opts_create can be summarized as:

- merge_lists = true: singleton opts with NULL id; non-NULL id fails

- merge_lists = false: always return new opts; non-NULL id fails if dup

Reviewed-by: Kevin Wolf 
Signed-off-by: Paolo Bonzini 
---
 util/qemu-option.c | 27 ++-
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/util/qemu-option.c b/util/qemu-option.c
index c88e159f18..91f4120ce1 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -619,7 +619,17 @@ QemuOpts *qemu_opts_create(QemuOptsList *list, const char 
*id,
 {
 QemuOpts *opts = NULL;
 
-if (id) {
+if (list->merge_lists) {
+if (id) {
+error_setg(errp, QERR_INVALID_PARAMETER, "id");
+return NULL;
+}
+opts = qemu_opts_find(list, NULL);
+if (opts) {
+return opts;
+}
+} else if (id) {
+assert(fail_if_exists);
 if (!id_wellformed(id)) {
 error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id",
"an identifier");
@@ -629,17 +639,8 @@ QemuOpts *qemu_opts_create(QemuOptsList *list, const char 
*id,
 }
 opts = qemu_opts_find(list, id);
 if (opts != NULL) {
-if (fail_if_exists && !list->merge_lists) {
-error_setg(errp, "Duplicate ID '%s' for %s", id, list->name);
-return NULL;
-} else {
-return opts;
-}
-}
-} else if (list->merge_lists) {
-opts = qemu_opts_find(list, NULL);
-if (opts) {
-return opts;
+error_setg(errp, "Duplicate ID '%s' for %s", id, list->name);
+return NULL;
 }
 }
 opts = g_malloc0(sizeof(*opts));
@@ -893,7 +894,7 @@ static QemuOpts *opts_parse(QemuOptsList *list, const char 
*params,
  * (if unlikely) future misuse:
  */
 assert(!defaults || list->merge_lists);
-opts = qemu_opts_create(list, id, !defaults, errp);
+opts = qemu_opts_create(list, id, !list->merge_lists, errp);
 g_free(id);
 if (opts == NULL) {
 return NULL;
-- 
2.26.2





[PULL 30/31] qemu-option: move help handling to get_opt_name_value

2021-01-23 Thread Paolo Bonzini
Right now, help options are parsed normally and then checked
specially in opt_validate, but only if coming from
qemu_opts_parse_noisily.  has_help_option does the check on its own.

opt_validate() has two callers: qemu_opt_set(), which passes null and is
therefore unaffected, and opts_do_parse(), which is affected.

opts_do_parse() is called by qemu_opts_do_parse(), which passes null and
is therefore unaffected, and opts_parse().

opts_parse() is called by qemu_opts_parse() and qemu_opts_set_defaults(),
which pass null and are therefore unaffected, and
qemu_opts_parse_noisily().

Move the check from opt_validate to the parsing workhorse of QemuOpts,
get_opt_name_value.  This will come in handy in the next patch, which
will raise a warning for "-object memory-backend-ram,share" ("flag" option
with no =on/=off part) but not for "-object memory-backend-ram,help".

As a result:

- opts_parse and opts_do_parse do not return an error anymore
  when help is requested; qemu_opts_parse_noisily does not have
  to work around that anymore.

- various crazy ways to request help are not recognized anymore:
  - "help=..."
  - "nohelp" (sugar for "help=off")
  - "?=..."
  - "no?" (sugar for "?=off")

- "help" would be recognized as help request even if there is a (foolishly
  named) parameter "help".  No such parameters exist, though.

Reviewed-by: Markus Armbruster 
Signed-off-by: Paolo Bonzini 
---
 util/qemu-option.c | 38 +++---
 1 file changed, 23 insertions(+), 15 deletions(-)

diff --git a/util/qemu-option.c b/util/qemu-option.c
index 91f4120ce1..5f27d4369d 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -496,8 +496,7 @@ static QemuOpt *opt_create(QemuOpts *opts, const char 
*name, char *value,
 return opt;
 }
 
-static bool opt_validate(QemuOpt *opt, bool *help_wanted,
- Error **errp)
+static bool opt_validate(QemuOpt *opt, Error **errp)
 {
 const QemuOptDesc *desc;
 const QemuOptsList *list = opt->opts->list;
@@ -505,9 +504,6 @@ static bool opt_validate(QemuOpt *opt, bool *help_wanted,
 desc = find_desc_by_name(list->desc, opt->name);
 if (!desc && !opts_accepts_any(list)) {
 error_setg(errp, QERR_INVALID_PARAMETER, opt->name);
-if (help_wanted && is_help_option(opt->name)) {
-*help_wanted = true;
-}
 return false;
 }
 
@@ -524,7 +520,7 @@ bool qemu_opt_set(QemuOpts *opts, const char *name, const 
char *value,
 {
 QemuOpt *opt = opt_create(opts, name, g_strdup(value), false);
 
-if (!opt_validate(opt, NULL, errp)) {
+if (!opt_validate(opt, errp)) {
 qemu_opt_del(opt);
 return false;
 }
@@ -760,10 +756,12 @@ void qemu_opts_print(QemuOpts *opts, const char 
*separator)
 
 static const char *get_opt_name_value(const char *params,
   const char *firstname,
+  bool *help_wanted,
   char **name, char **value)
 {
 const char *p;
 size_t len;
+bool is_help = false;
 
 len = strcspn(params, "=,");
 if (params[len] != '=') {
@@ -780,6 +778,7 @@ static const char *get_opt_name_value(const char *params,
 *value = g_strdup("off");
 } else {
 *value = g_strdup("on");
+is_help = is_help_option(*name);
 }
 }
 } else {
@@ -791,6 +790,9 @@ static const char *get_opt_name_value(const char *params,
 }
 
 assert(!*p || *p == ',');
+if (help_wanted && is_help) {
+*help_wanted = true;
+}
 if (*p == ',') {
 p++;
 }
@@ -806,7 +808,12 @@ static bool opts_do_parse(QemuOpts *opts, const char 
*params,
 QemuOpt *opt;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, firstname, , );
+p = get_opt_name_value(p, firstname, help_wanted, , );
+if (help_wanted && *help_wanted) {
+g_free(option);
+g_free(value);
+return false;
+}
 firstname = NULL;
 
 if (!strcmp(option, "id")) {
@@ -817,7 +824,7 @@ static bool opts_do_parse(QemuOpts *opts, const char 
*params,
 
 opt = opt_create(opts, option, value, prepend);
 g_free(option);
-if (!opt_validate(opt, help_wanted, errp)) {
+if (!opt_validate(opt, errp)) {
 qemu_opt_del(opt);
 return false;
 }
@@ -832,7 +839,7 @@ static char *opts_parse_id(const char *params)
 char *name, *value;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, NULL, , );
+p = get_opt_name_value(p, NULL, NULL, , );
 if (!strcmp(name, "id")) {
 g_free(name);
 return value;
@@ -848,11 +855,10 @@ bool has_help_option(const char *params)
 {
 const char *p;
 char *name, *value;
-bool ret;
+bool ret = false;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, NULL, , );
-

[PULL 26/31] hmp: remove "change vnc TARGET" command

2021-01-23 Thread Paolo Bonzini
The HMP command \"change vnc TARGET\" is messy:

- it takes an ugly shortcut to determine if the option has an "id",
with incorrect results if "id=" is not preceded by an unescaped
comma.

- it deletes the existing QemuOpts and does not try to rollback
if the parsing fails (which is not causing problems, but only due to
how VNC options are parsed)

- because it uses the same parsing function as "-vnc", it forces
the latter to not support "-vnc help".

On top of this, it uses a deprecated QMP command, thus getting in
the way of removing the QMP command.  Since the usecase for the
command is not clear, just remove it and send "change vnc password"
directly to the QMP "change-vnc-password" command.

Signed-off-by: Paolo Bonzini 
Reviewed-by: Eric Blake 
Reviewed-by: Gerd Hoffmann 
Message-Id: <20210120144235.345983-2-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 docs/system/removed-features.rst | 6 ++
 hmp-commands.hx  | 6 --
 monitor/hmp-cmds.c   | 7 +--
 3 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/docs/system/removed-features.rst b/docs/system/removed-features.rst
index 430fc33ca1..5b0ff6ab1f 100644
--- a/docs/system/removed-features.rst
+++ b/docs/system/removed-features.rst
@@ -68,6 +68,12 @@ The ``[hub_id name]`` parameter tuple of the 'hostfwd_add' 
and
 Use ``device_add`` for hotplugging vCPUs instead of ``cpu-add``.  See
 documentation of ``query-hotpluggable-cpus`` for additional details.
 
+``change vnc TARGET`` (removed in 6.0)
+''
+
+No replacement.  The ``change vnc password`` and ``change DEVICE MEDIUM``
+commands are not affected.
+
 Guest Emulator ISAs
 ---
 
diff --git a/hmp-commands.hx b/hmp-commands.hx
index 73e0832ea1..d4001f9c5d 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -231,12 +231,6 @@ SRST
 read-write
   Makes the device writable.
 
-  ``change vnc`` *display*,\ *options*
-Change the configuration of the VNC server. The valid syntax for *display*
-and *options* are described at :ref:`sec_005finvocation`. eg::
-
-  (qemu) change vnc localhost:1
-
   ``change vnc password`` [*password*]
 
 Change the password associated with the VNC server. If the new password
diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c
index fd4d77e246..499647a578 100644
--- a/monitor/hmp-cmds.c
+++ b/monitor/hmp-cmds.c
@@ -1521,13 +1521,16 @@ void hmp_change(Monitor *mon, const QDict *qdict)
 }
 if (strcmp(target, "passwd") == 0 ||
 strcmp(target, "password") == 0) {
-if (!arg) {
+if (arg) {
 MonitorHMP *hmp_mon = container_of(mon, MonitorHMP, common);
 monitor_read_password(hmp_mon, hmp_change_read_arg, NULL);
 return;
+} else {
+qmp_change_vnc_password(arg, );
 }
+} else {
+monitor_printf(mon, "Expected 'password' after 'vnc'\n");
 }
-qmp_change("vnc", target, !!arg, arg, );
 } else
 #endif
 {
-- 
2.26.2





Re: [PATCH v4 13/16] block/io: support int64_t bytes in bdrv_aligned_preadv()

2021-01-23 Thread Vladimir Sementsov-Ogievskiy

22.01.2021 19:54, Eric Blake wrote:

On 12/11/20 12:39 PM, Vladimir Sementsov-Ogievskiy wrote:

We are generally moving to int64_t for both offset and bytes parameters
on all io paths.

Main motivation is realization of 64-bit write_zeroes operation for
fast zeroing large disk chunks, up to the whole disk.

We chose signed type, to be consistent with off_t (which is signed) and
with possibility for signed return type (where negative value means
error).

So, prepare bdrv_aligned_preadv() now.

Make byte variable in bdrv_padding_rmw_read() int64_t, as it defined
only to be passed to bdrv_aligned_preadv().


Reads awkwardly, how about:

Make the byte variable in bdrv_padding_rmw_read() int64_t, as it is only
used for pass-through to bdrv_aligned_preadv().


and also s/byte/bytes/





All bdrv_aligned_preadv() callers are safe as type is widening. Let's
look inside:

  - add a new-style assertion that request is good.
  - callees bdrv_is_allocated(), bdrv_co_do_copy_on_readv() supports
int64_t bytes
  - conversion of bytes_remaining is OK, as we never has requests


have


overflowing BDRV_MAX_LENGTH
  - looping through bytes_remaining is ok, num is updated to int64_t
- for bdrv_driver_preadv we have same limit of max_transfer
- qemu_iovec_memset is OK, as bytes+qiov_offset should not overflow
  qiov->size anyway (thanks to bdrv_check_qiov_request())

Signed-off-by: Vladimir Sementsov-Ogievskiy 
---
  block/io.c | 9 +
  1 file changed, 5 insertions(+), 4 deletions(-)



Reviewed-by: Eric Blake 




--
Best regards,
Vladimir



[PULL 22/31] meson: Add a section header for library dependencies

2021-01-23 Thread Paolo Bonzini
From: Philippe Mathieu-Daudé 

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210121095616.1471869-9-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 meson.build | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meson.build b/meson.build
index abd2c05a82..bd6ad06d58 100644
--- a/meson.build
+++ b/meson.build
@@ -2436,6 +2436,7 @@ summary_info += {'rng-none':  
config_host.has_key('CONFIG_RNG_NONE')}
 summary_info += {'Linux keyring': 
config_host.has_key('CONFIG_SECRET_KEYRING')}
 summary(summary_info, bool_yn: true, section: 'Crypto')
 
+# Libraries
 summary_info = {}
 if targetos == 'darwin'
   summary_info += {'Cocoa support':   cocoa.found()}
@@ -2508,7 +2509,7 @@ summary_info += {'libpmem support':   
config_host.has_key('CONFIG_LIBPMEM')}
 summary_info += {'libdaxctl support': config_host.has_key('CONFIG_LIBDAXCTL')}
 summary_info += {'libudev':   libudev.found()}
 summary_info += {'FUSE lseek':fuse_lseek.found()}
-summary(summary_info, bool_yn: true)
+summary(summary_info, bool_yn: true, section: 'Dependencies')
 
 if not supported_cpus.contains(cpu)
   message()
-- 
2.26.2





[PULL 31/31] qemu-option: warn for short-form boolean options

2021-01-23 Thread Paolo Bonzini
Options such as "server" or "nowait", that are commonly found in -chardev,
are sugar for "server=on" and "wait=off".  This is quite surprising and
also does not have any notion of typing attached.  It is even possible to
do "-device e1000,noid" and get a device with "id=off".

Deprecate it and print a warning when it is encountered.  In general,
this short form for boolean options only seems to be in wide use for
-chardev and -spice.

Signed-off-by: Paolo Bonzini 
---
 docs/system/deprecated.rst |  6 ++
 tests/test-qemu-opts.c |  2 +-
 util/qemu-option.c | 29 ++---
 3 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
index 651182b2df..9de663526a 100644
--- a/docs/system/deprecated.rst
+++ b/docs/system/deprecated.rst
@@ -127,6 +127,12 @@ Drives with interface types other than ``if=none`` are for 
onboard
 devices.  It is possible to use drives the board doesn't pick up with
 -device.  This usage is now deprecated.  Use ``if=none`` instead.
 
+Short-form boolean options (since 6.0)
+''
+
+Boolean options such as ``share=on``/``share=off`` could be written
+in short form as ``share`` and ``noshare``.  This is now deprecated
+and will cause a warning.
 
 QEMU Machine Protocol (QMP) commands
 
diff --git a/tests/test-qemu-opts.c b/tests/test-qemu-opts.c
index 2aab831d10..8bbb17b1c7 100644
--- a/tests/test-qemu-opts.c
+++ b/tests/test-qemu-opts.c
@@ -515,7 +515,7 @@ static void test_opts_parse(void)
 error_free_or_abort();
 g_assert(!opts);
 
-/* Implied value */
+/* Implied value (qemu_opts_parse warns but accepts it) */
 opts = qemu_opts_parse(_list_03, "an,noaus,noaus=",
false, _abort);
 g_assert_cmpuint(opts_count(opts), ==, 3);
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 5f27d4369d..40564a12eb 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -756,10 +756,12 @@ void qemu_opts_print(QemuOpts *opts, const char 
*separator)
 
 static const char *get_opt_name_value(const char *params,
   const char *firstname,
+  bool warn_on_flag,
   bool *help_wanted,
   char **name, char **value)
 {
 const char *p;
+const char *prefix = "";
 size_t len;
 bool is_help = false;
 
@@ -776,10 +778,15 @@ static const char *get_opt_name_value(const char *params,
 if (strncmp(*name, "no", 2) == 0) {
 memmove(*name, *name + 2, strlen(*name + 2) + 1);
 *value = g_strdup("off");
+prefix = "no";
 } else {
 *value = g_strdup("on");
 is_help = is_help_option(*name);
 }
+if (!is_help && warn_on_flag) {
+warn_report("short-form boolean option '%s%s' deprecated", 
prefix, *name);
+error_printf("Please use %s=%s instead\n", *name, *value);
+}
 }
 } else {
 /* found "foo=bar,more" */
@@ -801,14 +808,14 @@ static const char *get_opt_name_value(const char *params,
 
 static bool opts_do_parse(QemuOpts *opts, const char *params,
   const char *firstname, bool prepend,
-  bool *help_wanted, Error **errp)
+  bool warn_on_flag, bool *help_wanted, Error **errp)
 {
 char *option, *value;
 const char *p;
 QemuOpt *opt;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, firstname, help_wanted, , );
+p = get_opt_name_value(p, firstname, warn_on_flag, help_wanted, 
, );
 if (help_wanted && *help_wanted) {
 g_free(option);
 g_free(value);
@@ -839,7 +846,7 @@ static char *opts_parse_id(const char *params)
 char *name, *value;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, NULL, NULL, , );
+p = get_opt_name_value(p, NULL, false, NULL, , );
 if (!strcmp(name, "id")) {
 g_free(name);
 return value;
@@ -858,7 +865,7 @@ bool has_help_option(const char *params)
 bool ret = false;
 
 for (p = params; *p;) {
-p = get_opt_name_value(p, NULL, , , );
+p = get_opt_name_value(p, NULL, false, , , );
 g_free(name);
 g_free(value);
 if (ret) {
@@ -878,12 +885,12 @@ bool has_help_option(const char *params)
 bool qemu_opts_do_parse(QemuOpts *opts, const char *params,
const char *firstname, Error **errp)
 {
-return opts_do_parse(opts, params, firstname, false, NULL, errp);
+return opts_do_parse(opts, params, firstname, false, false, NULL, errp);
 }
 
 static QemuOpts *opts_parse(QemuOptsList *list, const char *params,
 bool permit_abbrev, bool defaults,
- 

[PULL 25/31] acceptance: switch to QMP change-vnc-password command

2021-01-23 Thread Paolo Bonzini
Signed-off-by: Paolo Bonzini 
---
 tests/acceptance/vnc.py | 18 ++
 1 file changed, 6 insertions(+), 12 deletions(-)

diff --git a/tests/acceptance/vnc.py b/tests/acceptance/vnc.py
index 3f40bc2be1..22656bbcc2 100644
--- a/tests/acceptance/vnc.py
+++ b/tests/acceptance/vnc.py
@@ -24,10 +24,8 @@ class Vnc(Test):
 self.vm.add_args('-nodefaults', '-S')
 self.vm.launch()
 self.assertFalse(self.vm.qmp('query-vnc')['return']['enabled'])
-set_password_response = self.vm.qmp('change',
-device='vnc',
-target='password',
-arg='new_password')
+set_password_response = self.vm.qmp('change-vnc-password',
+password='new_password')
 self.assertIn('error', set_password_response)
 self.assertEqual(set_password_response['error']['class'],
  'GenericError')
@@ -38,10 +36,8 @@ class Vnc(Test):
 self.vm.add_args('-nodefaults', '-S', '-vnc', ':0')
 self.vm.launch()
 self.assertTrue(self.vm.qmp('query-vnc')['return']['enabled'])
-set_password_response = self.vm.qmp('change',
-device='vnc',
-target='password',
-arg='new_password')
+set_password_response = self.vm.qmp('change-vnc-password',
+password='new_password')
 self.assertIn('error', set_password_response)
 self.assertEqual(set_password_response['error']['class'],
  'GenericError')
@@ -52,8 +48,6 @@ class Vnc(Test):
 self.vm.add_args('-nodefaults', '-S', '-vnc', ':0,password')
 self.vm.launch()
 self.assertTrue(self.vm.qmp('query-vnc')['return']['enabled'])
-set_password_response = self.vm.qmp('change',
-device='vnc',
-target='password',
-arg='new_password')
+set_password_response = self.vm.qmp('change-vnc-password',
+password='new_password')
 self.assertEqual(set_password_response['return'], {})
-- 
2.26.2





[PULL 20/31] meson: Display block layer information altogether

2021-01-23 Thread Paolo Bonzini
From: Philippe Mathieu-Daudé 

Display block layer information altogether,
when it is relevant.

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210121095616.1471869-7-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 meson.build | 43 +--
 1 file changed, 25 insertions(+), 18 deletions(-)

diff --git a/meson.build b/meson.build
index 7bd96f8a8a..dbac95890d 100644
--- a/meson.build
+++ b/meson.build
@@ -2279,6 +2279,7 @@ summary_info = {}
 summary_info += {'Documentation': build_docs}
 summary_info += {'system-mode emulation': have_system}
 summary_info += {'user-mode emulation': have_user}
+summary_info += {'block layer':   have_block}
 summary_info += {'Install blobs': get_option('install_blobs')}
 summary_info += {'module support':config_host.has_key('CONFIG_MODULES')}
 if config_host.has_key('CONFIG_MODULES')
@@ -2391,6 +2392,30 @@ if have_system
 endif
 summary(summary_info, bool_yn: true, section: 'Targets and accelerators')
 
+# Block layer
+summary_info = {}
+summary_info += {'coroutine backend': config_host['CONFIG_COROUTINE_BACKEND']}
+summary_info += {'coroutine pool':config_host['CONFIG_COROUTINE_POOL'] == 
'1'}
+if have_block
+  summary_info += {'Block whitelist (rw)': 
config_host['CONFIG_BDRV_RW_WHITELIST']}
+  summary_info += {'Block whitelist (ro)': 
config_host['CONFIG_BDRV_RO_WHITELIST']}
+  summary_info += {'VirtFS support':have_virtfs}
+  summary_info += {'build virtiofs daemon': have_virtiofsd}
+  summary_info += {'Live block migration': 
config_host.has_key('CONFIG_LIVE_BLOCK_MIGRATION')}
+  summary_info += {'replication support': 
config_host.has_key('CONFIG_REPLICATION')}
+  summary_info += {'bochs support': config_host.has_key('CONFIG_BOCHS')}
+  summary_info += {'cloop support': config_host.has_key('CONFIG_CLOOP')}
+  summary_info += {'dmg support':   config_host.has_key('CONFIG_DMG')}
+  summary_info += {'qcow v1 support':   config_host.has_key('CONFIG_QCOW1')}
+  summary_info += {'vdi support':   config_host.has_key('CONFIG_VDI')}
+  summary_info += {'vvfat support': config_host.has_key('CONFIG_VVFAT')}
+  summary_info += {'qed support':   config_host.has_key('CONFIG_QED')}
+  summary_info += {'parallels support': 
config_host.has_key('CONFIG_PARALLELS')}
+  summary_info += {'sheepdog support':  config_host.has_key('CONFIG_SHEEPDOG')}
+  summary_info += {'FUSE exports':  fuse.found()}
+endif
+summary(summary_info, bool_yn: true, section: 'Block layer support')
+
 summary_info = {}
 if targetos == 'darwin'
   summary_info += {'Cocoa support':   cocoa.found()}
@@ -2425,10 +2450,6 @@ summary_info += {'curses support':curses.found()}
 # TODO: add back version
 summary_info += {'virgl support': config_host.has_key('CONFIG_VIRGL')}
 summary_info += {'curl support':  curl.found()}
-summary_info += {'Block whitelist (rw)': 
config_host['CONFIG_BDRV_RW_WHITELIST']}
-summary_info += {'Block whitelist (ro)': 
config_host['CONFIG_BDRV_RO_WHITELIST']}
-summary_info += {'VirtFS support':have_virtfs}
-summary_info += {'build virtiofs daemon': have_virtiofsd}
 summary_info += {'Multipath support': mpathpersist.found()}
 summary_info += {'VNC support':   vnc.found()}
 if vnc.found()
@@ -2465,13 +2486,10 @@ if targetos == 'windows'
   endif
 endif
 summary_info += {'seccomp support':   seccomp.found()}
-summary_info += {'coroutine backend': config_host['CONFIG_COROUTINE_BACKEND']}
-summary_info += {'coroutine pool':config_host['CONFIG_COROUTINE_POOL'] == 
'1'}
 summary_info += {'crypto afalg':  config_host.has_key('CONFIG_AF_ALG')}
 summary_info += {'GlusterFS support': glusterfs.found()}
 summary_info += {'TPM support':   config_host.has_key('CONFIG_TPM')}
 summary_info += {'libssh support':config_host.has_key('CONFIG_LIBSSH')}
-summary_info += {'Live block migration': 
config_host.has_key('CONFIG_LIVE_BLOCK_MIGRATION')}
 summary_info += {'lzo support':   lzo.found()}
 summary_info += {'snappy support':snappy.found()}
 summary_info += {'bzip2 support': libbzip2.found()}
@@ -2479,23 +2497,12 @@ summary_info += {'lzfse support': liblzfse.found()}
 summary_info += {'zstd support':  zstd.found()}
 summary_info += {'NUMA host support': config_host.has_key('CONFIG_NUMA')}
 summary_info += {'libxml2':   config_host.has_key('CONFIG_LIBXML2')}
-summary_info += {'replication support': 
config_host.has_key('CONFIG_REPLICATION')}
-summary_info += {'bochs support': config_host.has_key('CONFIG_BOCHS')}
-summary_info += {'cloop support': config_host.has_key('CONFIG_CLOOP')}
-summary_info += {'dmg support':   config_host.has_key('CONFIG_DMG')}
-summary_info += {'qcow v1 support':   config_host.has_key('CONFIG_QCOW1')}
-summary_info += {'vdi support':   config_host.has_key('CONFIG_VDI')}
-summary_info += {'vvfat support': config_host.has_key('CONFIG_VVFAT')}
-summary_info += {'qed support':   

[PULL 27/31] qmp: remove deprecated "change" command

2021-01-23 Thread Paolo Bonzini
Signed-off-by: Paolo Bonzini 
Reviewed-by: Gerd Hoffmann 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20210120144235.345983-3-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 docs/system/deprecated.rst   |  5 
 docs/system/removed-features.rst |  5 
 monitor/qmp-cmds.c   | 51 
 qapi/misc.json   | 49 --
 4 files changed, 5 insertions(+), 105 deletions(-)

diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
index e20bfcb17a..651182b2df 100644
--- a/docs/system/deprecated.rst
+++ b/docs/system/deprecated.rst
@@ -131,11 +131,6 @@ devices.  It is possible to use drives the board doesn't 
pick up with
 QEMU Machine Protocol (QMP) commands
 
 
-``change`` (since 2.5.0)
-
-
-Use ``blockdev-change-medium`` or ``change-vnc-password`` instead.
-
 ``blockdev-open-tray``, ``blockdev-close-tray`` argument ``device`` (since 
2.8.0)
 
'
 
diff --git a/docs/system/removed-features.rst b/docs/system/removed-features.rst
index 5b0ff6ab1f..88b81a6156 100644
--- a/docs/system/removed-features.rst
+++ b/docs/system/removed-features.rst
@@ -53,6 +53,11 @@ are automatically loaded from qcow2 images.
 Use ``device_add`` for hotplugging vCPUs instead of ``cpu-add``.  See
 documentation of ``query-hotpluggable-cpus`` for additional details.
 
+``change`` (removed in 6.0)
+'''
+
+Use ``blockdev-change-medium`` or ``change-vnc-password`` instead.
+
 Human Monitor Protocol (HMP) commands
 -
 
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
index 34f7e75b7b..990936136c 100644
--- a/monitor/qmp-cmds.c
+++ b/monitor/qmp-cmds.c
@@ -251,58 +251,7 @@ void qmp_change_vnc_password(const char *password, Error 
**errp)
 error_setg(errp, "Could not set password");
 }
 }
-
-static void qmp_change_vnc_listen(const char *target, Error **errp)
-{
-QemuOptsList *olist = qemu_find_opts("vnc");
-QemuOpts *opts;
-
-if (strstr(target, "id=")) {
-error_setg(errp, "id not supported");
-return;
-}
-
-opts = qemu_opts_find(olist, "default");
-if (opts) {
-qemu_opts_del(opts);
-}
-opts = vnc_parse(target, errp);
-if (!opts) {
-return;
-}
-
-vnc_display_open("default", errp);
-}
-
-static void qmp_change_vnc(const char *target, bool has_arg, const char *arg,
-   Error **errp)
-{
-if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) {
-if (!has_arg) {
-error_setg(errp, QERR_MISSING_PARAMETER, "password");
-} else {
-qmp_change_vnc_password(arg, errp);
-}
-} else {
-qmp_change_vnc_listen(target, errp);
-}
-}
-#endif /* !CONFIG_VNC */
-
-void qmp_change(const char *device, const char *target,
-bool has_arg, const char *arg, Error **errp)
-{
-if (strcmp(device, "vnc") == 0) {
-#ifdef CONFIG_VNC
-qmp_change_vnc(target, has_arg, arg, errp);
-#else
-error_setg(errp, QERR_FEATURE_DISABLED, "vnc");
 #endif
-} else {
-qmp_blockdev_change_medium(true, device, false, NULL, target,
-   has_arg, arg, false, 0, errp);
-}
-}
 
 void qmp_add_client(const char *protocol, const char *fdname,
 bool has_skipauth, bool skipauth, bool has_tls, bool tls,
diff --git a/qapi/misc.json b/qapi/misc.json
index 27ccd7385f..156f98203e 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -238,55 +238,6 @@
   'returns': 'str',
   'features': [ 'savevm-monitor-nodes' ] }
 
-##
-# @change:
-#
-# This command is multiple commands multiplexed together.
-#
-# @device: This is normally the name of a block device but it may also be 
'vnc'.
-#  when it's 'vnc', then sub command depends on @target
-#
-# @target: If @device is a block device, then this is the new filename.
-#  If @device is 'vnc', then if the value 'password' selects the vnc
-#  change password command.   Otherwise, this specifies a new server 
URI
-#  address to listen to for VNC connections.
-#
-# @arg: If @device is a block device, then this is an optional format to open
-#   the device with.
-#   If @device is 'vnc' and @target is 'password', this is the new VNC
-#   password to set.  See change-vnc-password for additional notes.
-#
-# Features:
-# @deprecated: This command is deprecated.  For changing block
-#  devices, use 'blockdev-change-medium' instead; for changing VNC
-#  parameters, use 'change-vnc-password' instead.
-#
-# Returns: - Nothing on success.
-#  - If @device is not a valid block device, DeviceNotFound
-#
-# Since: 0.14
-#
-# Example:
-#
-# 1. Change a removable medium
-#
-# -> { "execute": "change",
-#  

[PULL 19/31] meson: Display accelerators and selected targets altogether

2021-01-23 Thread Paolo Bonzini
From: Philippe Mathieu-Daudé 

Display accelerators and selected targets altogether,
avoid to display unuseful information when not relevant.

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210121095616.1471869-6-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 meson.build | 38 --
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/meson.build b/meson.build
index 3b2332b94d..7bd96f8a8a 100644
--- a/meson.build
+++ b/meson.build
@@ -2277,6 +2277,8 @@ summary(summary_info, bool_yn: true, section: 'Host 
binaries')
 # Configurable features
 summary_info = {}
 summary_info += {'Documentation': build_docs}
+summary_info += {'system-mode emulation': have_system}
+summary_info += {'user-mode emulation': have_user}
 summary_info += {'Install blobs': get_option('install_blobs')}
 summary_info += {'module support':config_host.has_key('CONFIG_MODULES')}
 if config_host.has_key('CONFIG_MODULES')
@@ -2366,8 +2368,30 @@ summary_info += {'sparse':sparse.found() ? 
sparse.full_path() : fals
 summary_info += {'mingw32 support':   targetos == 'windows'}
 summary(summary_info, bool_yn: true, section: 'Compilation')
 
+# Targets and accelerators
 summary_info = {}
+if have_system
+  summary_info += {'KVM support':   config_all.has_key('CONFIG_KVM')}
+  summary_info += {'HAX support':   config_all.has_key('CONFIG_HAX')}
+  summary_info += {'HVF support':   config_all.has_key('CONFIG_HVF')}
+  summary_info += {'WHPX support':  config_all.has_key('CONFIG_WHPX')}
+  summary_info += {'Xen support':   
config_host.has_key('CONFIG_XEN_BACKEND')}
+  if config_host.has_key('CONFIG_XEN_BACKEND')
+summary_info += {'xen ctrl version':  
config_host['CONFIG_XEN_CTRL_INTERFACE_VERSION']}
+  endif
+endif
+summary_info += {'TCG support':   config_all.has_key('CONFIG_TCG')}
+if config_all.has_key('CONFIG_TCG')
+  summary_info += {'TCG debug enabled': 
config_host.has_key('CONFIG_DEBUG_TCG')}
+  summary_info += {'TCG interpreter':   tcg_arch == 'tci'}
+endif
 summary_info += {'target list':   ' '.join(target_dirs)}
+if have_system
+  summary_info += {'default devices':   get_option('default_devices')}
+endif
+summary(summary_info, bool_yn: true, section: 'Targets and accelerators')
+
+summary_info = {}
 if targetos == 'darwin'
   summary_info += {'Cocoa support':   cocoa.found()}
 endif
@@ -2412,25 +2436,12 @@ if vnc.found()
   summary_info += {'VNC JPEG support':  jpeg.found()}
   summary_info += {'VNC PNG support':   png.found()}
 endif
-summary_info += {'xen support':   
config_host.has_key('CONFIG_XEN_BACKEND')}
-if config_host.has_key('CONFIG_XEN_BACKEND')
-  summary_info += {'xen ctrl version':  
config_host['CONFIG_XEN_CTRL_INTERFACE_VERSION']}
-endif
 summary_info += {'brlapi support':brlapi.found()}
 summary_info += {'vde support':   config_host.has_key('CONFIG_VDE')}
 summary_info += {'netmap support':config_host.has_key('CONFIG_NETMAP')}
 summary_info += {'Linux AIO support': config_host.has_key('CONFIG_LINUX_AIO')}
 summary_info += {'Linux io_uring support': 
config_host.has_key('CONFIG_LINUX_IO_URING')}
 summary_info += {'ATTR/XATTR support': libattr.found()}
-summary_info += {'KVM support':   config_all.has_key('CONFIG_KVM')}
-summary_info += {'HAX support':   config_all.has_key('CONFIG_HAX')}
-summary_info += {'HVF support':   config_all.has_key('CONFIG_HVF')}
-summary_info += {'WHPX support':  config_all.has_key('CONFIG_WHPX')}
-summary_info += {'TCG support':   config_all.has_key('CONFIG_TCG')}
-if config_all.has_key('CONFIG_TCG')
-  summary_info += {'TCG debug enabled': 
config_host.has_key('CONFIG_DEBUG_TCG')}
-  summary_info += {'TCG interpreter':   tcg_arch == 'tci'}
-endif
 summary_info += {'RDMA support':  config_host.has_key('CONFIG_RDMA')}
 summary_info += {'PVRDMA support':config_host.has_key('CONFIG_PVRDMA')}
 summary_info += {'fdt support':   fdt_opt == 'disabled' ? false : fdt_opt}
@@ -2482,7 +2493,6 @@ summary_info += {'capstone':  capstone_opt == 
'disabled' ? false : capst
 summary_info += {'libpmem support':   config_host.has_key('CONFIG_LIBPMEM')}
 summary_info += {'libdaxctl support': config_host.has_key('CONFIG_LIBDAXCTL')}
 summary_info += {'libudev':   libudev.found()}
-summary_info += {'default devices':   get_option('default_devices')}
 summary_info += {'rng-none':  config_host.has_key('CONFIG_RNG_NONE')}
 summary_info += {'Linux keyring': 
config_host.has_key('CONFIG_SECRET_KEYRING')}
 summary_info += {'FUSE exports':  fuse.found()}
-- 
2.26.2





[PULL 28/31] vnc: support "-vnc help"

2021-01-23 Thread Paolo Bonzini
Use qemu_opts_parse_noisily now that HMP does not call
vnc_parse anymore.

Signed-off-by: Paolo Bonzini 
Reviewed-by: Eric Blake 
Reviewed-by: Gerd Hoffmann 
Message-Id: <20210120144235.345983-4-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 include/ui/console.h | 2 +-
 softmmu/vl.c | 6 +++---
 ui/vnc-stubs.c   | 7 +++
 ui/vnc.c | 8 
 4 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/include/ui/console.h b/include/ui/console.h
index 5dd21976a3..7a3fc11abf 100644
--- a/include/ui/console.h
+++ b/include/ui/console.h
@@ -439,7 +439,7 @@ void vnc_display_open(const char *id, Error **errp);
 void vnc_display_add_client(const char *id, int csock, bool skipauth);
 int vnc_display_password(const char *id, const char *password);
 int vnc_display_pw_expire(const char *id, time_t expires);
-QemuOpts *vnc_parse(const char *str, Error **errp);
+void vnc_parse(const char *str);
 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp);
 
 /* input.c */
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 59304261cf..a8876b8965 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -1113,7 +1113,7 @@ static void parse_display(const char *p)
  * display access.
  */
 if (*opts == '=') {
-vnc_parse(opts + 1, _fatal);
+vnc_parse(opts + 1);
 } else {
 error_report("VNC requires a display argument vnc=");
 exit(1);
@@ -1402,7 +1402,7 @@ static void qemu_create_default_devices(void)
 if (!qemu_display_find_default()) {
 dpy.type = DISPLAY_TYPE_NONE;
 #if defined(CONFIG_VNC)
-vnc_parse("localhost:0,to=99,id=default", _abort);
+vnc_parse("localhost:0,to=99,id=default");
 #endif
 }
 }
@@ -3186,7 +3186,7 @@ void qemu_init(int argc, char **argv, char **envp)
 }
 break;
 case QEMU_OPTION_vnc:
-vnc_parse(optarg, _fatal);
+vnc_parse(optarg);
 break;
 case QEMU_OPTION_no_acpi:
 olist = qemu_find_opts("machine");
diff --git a/ui/vnc-stubs.c b/ui/vnc-stubs.c
index c6b737dcec..b4eb3ce718 100644
--- a/ui/vnc-stubs.c
+++ b/ui/vnc-stubs.c
@@ -10,13 +10,12 @@ int vnc_display_pw_expire(const char *id, time_t expires)
 {
 return -ENODEV;
 };
-QemuOpts *vnc_parse(const char *str, Error **errp)
+void vnc_parse(const char *str)
 {
 if (strcmp(str, "none") == 0) {
-return NULL;
+return;
 }
-error_setg(errp, "VNC support is disabled");
-return NULL;
+error_setg(_fatal, "VNC support is disabled");
 }
 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp)
 {
diff --git a/ui/vnc.c b/ui/vnc.c
index d429bfee5a..66f7c1b936 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -50,6 +50,7 @@
 #include "crypto/random.h"
 #include "qom/object_interfaces.h"
 #include "qemu/cutils.h"
+#include "qemu/help_option.h"
 #include "io/dns-resolver.h"
 
 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT
@@ -4211,14 +4212,14 @@ static void vnc_auto_assign_id(QemuOptsList *olist, 
QemuOpts *opts)
 qemu_opts_set_id(opts, id);
 }
 
-QemuOpts *vnc_parse(const char *str, Error **errp)
+void vnc_parse(const char *str)
 {
 QemuOptsList *olist = qemu_find_opts("vnc");
-QemuOpts *opts = qemu_opts_parse(olist, str, true, errp);
+QemuOpts *opts = qemu_opts_parse_noisily(olist, str, !is_help_option(str));
 const char *id;
 
 if (!opts) {
-return NULL;
+exit(1);
 }
 
 id = qemu_opts_id(opts);
@@ -4226,7 +4227,6 @@ QemuOpts *vnc_parse(const char *str, Error **errp)
 /* auto-assign id if not present */
 vnc_auto_assign_id(olist, opts);
 }
-return opts;
 }
 
 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp)
-- 
2.26.2





[PULL 24/31] meson.build: Detect bzip2 program

2021-01-23 Thread Paolo Bonzini
From: Philippe Mathieu-Daudé 

The --enable-bzip2/--disable-bzip2 configure arguments are
somehow misleading, they check for the bzip2 library, not
the bzip2 program.

We need the bzip2 program to install the EDK2 firmware blobs
(see commit 623ef637a2e "configure: Check bzip2 is available").

Check if the bzip2 program in the global meson.build to avoid
the configuration to succeed, but a later when trying to install
the firmware blobs:

../pc-bios/meson.build:5:2: ERROR: Program 'bzip2' not found

Reported-by: John Snow 
Suggested-by: Paolo Bonzini 
Fixes: c8d5450bba3 ("configure: move install_blobs from configure to meson")
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210114174509.2944817-3-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 meson.build | 2 ++
 pc-bios/meson.build | 1 -
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/meson.build b/meson.build
index ed4eb70cb5..95ef1c8adf 100644
--- a/meson.build
+++ b/meson.build
@@ -96,6 +96,8 @@ if get_option('install_blobs')
   endforeach
 endif
 
+bzip2 = find_program('bzip2', required: install_edk2_blobs)
+
 ##
 # Compiler flags #
 ##
diff --git a/pc-bios/meson.build b/pc-bios/meson.build
index 6a341b6cea..af95c5d1f1 100644
--- a/pc-bios/meson.build
+++ b/pc-bios/meson.build
@@ -1,5 +1,4 @@
 if install_edk2_blobs
-  bzip2 = find_program('bzip2', required: true)
   fds = [
 'edk2-aarch64-code.fd',
 'edk2-arm-code.fd',
-- 
2.26.2





[PULL 15/31] meson: Summarize information related to directories first

2021-01-23 Thread Paolo Bonzini
From: Philippe Mathieu-Daudé 

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210121095616.1471869-2-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 meson.build | 6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/meson.build b/meson.build
index 49dd0c185f..f50a85e728 100644
--- a/meson.build
+++ b/meson.build
@@ -2233,6 +2233,7 @@ endif
 # Configuration summary #
 #
 
+# Directories
 summary_info = {}
 summary_info += {'Install prefix':get_option('prefix')}
 summary_info += {'BIOS directory':qemu_datadir}
@@ -2252,8 +2253,11 @@ endif
 summary_info += {'Doc directory': get_option('docdir')}
 summary_info += {'Build directory':   meson.current_build_dir()}
 summary_info += {'Source path':   meson.current_source_dir()}
-summary_info += {'GIT binary':config_host['GIT']}
 summary_info += {'GIT submodules':config_host['GIT_SUBMODULES']}
+summary(summary_info, bool_yn: true, section: 'Directories')
+
+summary_info = {}
+summary_info += {'GIT binary':config_host['GIT']}
 summary_info += {'C compiler':meson.get_compiler('c').cmd_array()[0]}
 summary_info += {'Host C compiler':   meson.get_compiler('c', native: 
true).cmd_array()[0]}
 if link_language == 'cpp'
-- 
2.26.2





[PULL 23/31] meson.build: Declare global edk2_targets / install_edk2_blobs variables

2021-01-23 Thread Paolo Bonzini
From: Philippe Mathieu-Daudé 

Globally declare in the main meson.build:
- the list of EDK2 targets,
- whether the EDK2 blobs have to be installed.

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210114174509.2944817-2-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 meson.build |  8 
 pc-bios/descriptors/meson.build | 30 --
 pc-bios/meson.build |  5 +
 3 files changed, 25 insertions(+), 18 deletions(-)

diff --git a/meson.build b/meson.build
index bd6ad06d58..ed4eb70cb5 100644
--- a/meson.build
+++ b/meson.build
@@ -88,6 +88,14 @@ if cpu in ['x86', 'x86_64']
   }
 endif
 
+edk2_targets = [ 'arm-softmmu', 'aarch64-softmmu', 'i386-softmmu', 
'x86_64-softmmu' ]
+install_edk2_blobs = false
+if get_option('install_blobs')
+  foreach target : target_dirs
+install_edk2_blobs = install_edk2_blobs or target in edk2_targets
+  endforeach
+endif
+
 ##
 # Compiler flags #
 ##
diff --git a/pc-bios/descriptors/meson.build b/pc-bios/descriptors/meson.build
index 7040834573..ac6ec66b00 100644
--- a/pc-bios/descriptors/meson.build
+++ b/pc-bios/descriptors/meson.build
@@ -1,14 +1,16 @@
-foreach f: [
-  '50-edk2-i386-secure.json',
-  '50-edk2-x86_64-secure.json',
-  '60-edk2-aarch64.json',
-  '60-edk2-arm.json',
-  '60-edk2-i386.json',
-  '60-edk2-x86_64.json'
-]
-  configure_file(input: files(f),
- output: f,
- configuration: {'DATADIR': qemu_datadir},
- install: get_option('install_blobs'),
- install_dir: qemu_datadir / 'firmware')
-endforeach
+if install_edk2_blobs
+  foreach f: [
+'50-edk2-i386-secure.json',
+'50-edk2-x86_64-secure.json',
+'60-edk2-aarch64.json',
+'60-edk2-arm.json',
+'60-edk2-i386.json',
+'60-edk2-x86_64.json'
+  ]
+configure_file(input: files(f),
+   output: f,
+   configuration: {'DATADIR': qemu_datadir},
+   install: get_option('install_blobs'),
+   install_dir: qemu_datadir / 'firmware')
+  endforeach
+endif
diff --git a/pc-bios/meson.build b/pc-bios/meson.build
index fab323af84..6a341b6cea 100644
--- a/pc-bios/meson.build
+++ b/pc-bios/meson.build
@@ -1,7 +1,4 @@
-if 'arm-softmmu' in target_dirs or \
-'aarch64-softmmu' in target_dirs or \
-'i386-softmmu' in target_dirs or \
-'x86_64-softmmu' in target_dirs
+if install_edk2_blobs
   bzip2 = find_program('bzip2', required: true)
   fds = [
 'edk2-aarch64-code.fd',
-- 
2.26.2





[PULL 21/31] meson: Display crypto-related information altogether

2021-01-23 Thread Paolo Bonzini
From: Philippe Mathieu-Daudé 

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20210121095616.1471869-8-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 meson.build | 32 ++--
 1 file changed, 18 insertions(+), 14 deletions(-)

diff --git a/meson.build b/meson.build
index dbac95890d..abd2c05a82 100644
--- a/meson.build
+++ b/meson.build
@@ -2416,18 +2416,8 @@ if have_block
 endif
 summary(summary_info, bool_yn: true, section: 'Block layer support')
 
+# Crypto
 summary_info = {}
-if targetos == 'darwin'
-  summary_info += {'Cocoa support':   cocoa.found()}
-endif
-# TODO: add back version
-summary_info += {'SDL support':   sdl.found()}
-summary_info += {'SDL image support': sdl_image.found()}
-# TODO: add back version
-summary_info += {'GTK support':   gtk.found()}
-summary_info += {'pixman':pixman.found()}
-# TODO: add back version
-summary_info += {'VTE support':   config_host.has_key('CONFIG_VTE')}
 summary_info += {'TLS priority':  config_host['CONFIG_TLS_PRIORITY']}
 summary_info += {'GNUTLS support':config_host.has_key('CONFIG_GNUTLS')}
 # TODO: add back version
@@ -2441,6 +2431,23 @@ summary_info += {'nettle':
config_host.has_key('CONFIG_NETTLE')}
 if config_host.has_key('CONFIG_NETTLE')
summary_info += {'  XTS': not 
config_host.has_key('CONFIG_QEMU_PRIVATE_XTS')}
 endif
+summary_info += {'crypto afalg':  config_host.has_key('CONFIG_AF_ALG')}
+summary_info += {'rng-none':  config_host.has_key('CONFIG_RNG_NONE')}
+summary_info += {'Linux keyring': 
config_host.has_key('CONFIG_SECRET_KEYRING')}
+summary(summary_info, bool_yn: true, section: 'Crypto')
+
+summary_info = {}
+if targetos == 'darwin'
+  summary_info += {'Cocoa support':   cocoa.found()}
+endif
+# TODO: add back version
+summary_info += {'SDL support':   sdl.found()}
+summary_info += {'SDL image support': sdl_image.found()}
+# TODO: add back version
+summary_info += {'GTK support':   gtk.found()}
+summary_info += {'pixman':pixman.found()}
+# TODO: add back version
+summary_info += {'VTE support':   config_host.has_key('CONFIG_VTE')}
 # TODO: add back version
 summary_info += {'slirp support': slirp_opt == 'disabled' ? false : 
slirp_opt}
 summary_info += {'libtasn1':  config_host.has_key('CONFIG_TASN1')}
@@ -2486,7 +2493,6 @@ if targetos == 'windows'
   endif
 endif
 summary_info += {'seccomp support':   seccomp.found()}
-summary_info += {'crypto afalg':  config_host.has_key('CONFIG_AF_ALG')}
 summary_info += {'GlusterFS support': glusterfs.found()}
 summary_info += {'TPM support':   config_host.has_key('CONFIG_TPM')}
 summary_info += {'libssh support':config_host.has_key('CONFIG_LIBSSH')}
@@ -2501,8 +2507,6 @@ summary_info += {'capstone':  capstone_opt == 
'disabled' ? false : capst
 summary_info += {'libpmem support':   config_host.has_key('CONFIG_LIBPMEM')}
 summary_info += {'libdaxctl support': config_host.has_key('CONFIG_LIBDAXCTL')}
 summary_info += {'libudev':   libudev.found()}
-summary_info += {'rng-none':  config_host.has_key('CONFIG_RNG_NONE')}
-summary_info += {'Linux keyring': 
config_host.has_key('CONFIG_SECRET_KEYRING')}
 summary_info += {'FUSE lseek':fuse_lseek.found()}
 summary(summary_info, bool_yn: true)
 
-- 
2.26.2





[PULL 11/31] slirp: update to git master

2021-01-23 Thread Paolo Bonzini
From: Marc-André Lureau 

git cherry-diff:

Commits on bacb71f1c3ed5f40e393afd8be81bedfba13a401 branch that is not on 
8f43a99191afb47ca3f3c6972f6306209f367ece branch
+ 1021b0dc38d39f1dc95a296fe3e05a24a087cdc6 disable_dns option
+ 0f94ceec752592e4ac632a24e3c64a97dd09bf4c limit vnameserver_addr to port 53
+ b57bafa852ef16b133907a13678ec69e9531f177 libslirp.h: fix SlirpConfig v3 
documentation
+ 1abf18b2b5edb462797629ed47ad4515a195686e Update CHANGELOG
+ ff4ecf9b6c6542b24b4ac6ea178be9d44e159f79 Release v4.3.0
+ 21f1d933050a40d62612c6274c32de60b811d9ea changelog: post-release
+ 376187c4b14c795763d472214812826eebe7e9c2 Release v4.3.1
+ 73336e08902a7e826f7d960453df037380266186 changelog: post-release
+ 5c1c9d43be61571608e9b14615045b67b830daf5 udp, udp6, icmp: handle TTL value
+ 73ed49ab71998d4288e71e954ef6214b70f23d79 icmp, icmp6: Add icmp_forward_error 
and icmp6_forward_error
+ 7a4840a57ec7dbc37cca1ab96f058a9610b26950 udp, udp6, icmp, icmp6: Enable 
forwarding errors on Linux
+ e9b2bc19ae652a2907f247e621b2e4773bdd2aab TCPIPHDR_DELTA: Fix potential 
negative value
+ 39f9a363eec082f04513413046321abd04163148 .gitlab-ci: add a Coverity stage
+ 1b0093b973cfa0dc041522e5d4e6f576b2df642e sosendoob: better document what urgc 
is used for
+ 5b9ad89ebbb8afa50162c9156fabd5fc56291088 Add G_GNUC_PRINTF to local function 
slirp_vsnprintf
+ 8a808aa493980e212b4d5f5465330905c8294e59 meson: remove meson-dist script
+ 0b669b5fbe4d3c25a682a67f1059d8633c963b3d meson: support compiling as 
subproject
+ 9f82a47b81f2864422b82c1e40e51a2ed9c6ac32 Add DNS resolving for iOS
+ c0eac03e8ce1b9a743231f2fe21e7cb579fc9339 Remove the QEMU-special make 
build-system
+ 1bfd4d9368f9fa2e4f0731e1266bec05bbc83a80 socket: consume empty packets
+ 92413be68914f8cae2f5bad4bf3ab8491dcbc5d7 Release v4.4.0
+ 07e8cfac69766081871ab620d9f16a630543d302 changelog: post-release
+ 4c4e035813313d02b63fdeb920d56fb2fdc0a5b1 Remove some needless (void)casts

Signed-off-by: Marc-André Lureau 
Acked-by: Paolo Bonzini 
Message-Id: <20210114125605.1227742-5-marcandre.lur...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 .gitmodules  |  6 ++---
 configure|  2 +-
 meson.build  | 62 +++-
 slirp|  1 -
 subprojects/libslirp |  1 +
 5 files changed, 9 insertions(+), 63 deletions(-)
 delete mode 16 slirp
 create mode 16 subprojects/libslirp

diff --git a/.gitmodules b/.gitmodules
index 2bdeeacef8..80fd9c7199 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -49,9 +49,6 @@
 [submodule "roms/edk2"]
path = roms/edk2
url = https://git.qemu.org/git/edk2.git
-[submodule "slirp"]
-   path = slirp
-   url = https://git.qemu.org/git/libslirp.git
 [submodule "roms/opensbi"]
path = roms/opensbi
url =   https://git.qemu.org/git/opensbi.git
@@ -64,3 +61,6 @@
 [submodule "roms/vbootrom"]
path = roms/vbootrom
url = https://git.qemu.org/git/vbootrom.git
+[submodule "subprojects/libslirp"]
+   path = subprojects/libslirp
+   url = https://git.qemu.org/git/libslirp.git
diff --git a/configure b/configure
index ff099cb8ca..753d0dd18e 100755
--- a/configure
+++ b/configure
@@ -5206,7 +5206,7 @@ case "$slirp" in
   auto | enabled | internal)
 # Simpler to always update submodule, even if not needed.
 if test -e "${source_path}/.git" && test $git_update = 'yes' ; then
-  git_submodules="${git_submodules} slirp"
+  git_submodules="${git_submodules} subprojects/libslirp"
 fi
 ;;
 esac
diff --git a/meson.build b/meson.build
index e813814fb0..deda061c86 100644
--- a/meson.build
+++ b/meson.build
@@ -1460,7 +1460,7 @@ slirp_opt = 'disabled'
 if have_system
   slirp_opt = get_option('slirp')
   if slirp_opt in ['enabled', 'auto', 'system']
-have_internal = fs.exists(meson.current_source_dir() / 'slirp/meson.build')
+have_internal = fs.exists(meson.current_source_dir() / 
'subprojects/libslirp/meson.build')
 slirp = dependency('slirp', static: enable_static,
method: 'pkg-config',
required: slirp_opt == 'system' or
@@ -1474,63 +1474,9 @@ if have_system
 endif
   endif
   if slirp_opt == 'internal'
-slirp_deps = []
-if targetos == 'windows'
-  slirp_deps = cc.find_library('iphlpapi')
-endif
-slirp_conf = configuration_data()
-slirp_conf.set('SLIRP_MAJOR_VERSION', 
meson.project_version().split('.')[0])
-slirp_conf.set('SLIRP_MINOR_VERSION', 
meson.project_version().split('.')[1])
-slirp_conf.set('SLIRP_MICRO_VERSION', 
meson.project_version().split('.')[2])
-slirp_conf.set_quoted('SLIRP_VERSION_STRING', meson.project_version())
-slirp_cargs = ['-DG_LOG_DOMAIN="Slirp"']
-slirp_files = [
-  'slirp/src/arp_table.c',
-  'slirp/src/bootp.c',
-  'slirp/src/cksum.c',
-  'slirp/src/dhcpv6.c',
-  'slirp/src/dnssearch.c',
-  'slirp/src/if.c',
-  'slirp/src/ip6_icmp.c',
-  'slirp/src/ip6_input.c',
-  

  1   2   >