vhost-user: questions regarding migration

2020-09-19 Thread Anton Kuchin 
Hi,

I'm implementing migration support in vhost-user backend and have a
couple of questions:

1. How master can be sure that logging was started?

We expect that right after set_fatures command with VHOST_F_LOG_ALL flag
all memory modifications will be tracked in log, but slave can need a
little time to process this command so there is a chance that some
requests can be untracked. Is there a way to ensure all requests are
logged or determine the moment since when tracking starts and master can
start migrating memory?

2. Why do we need separate log_addr for vring and how can it be not
covered by mem table?

As far as I understand slave receives used address in set_vring_addr
command and to map it correctly we do need valid entry in memory table.
So this field looks redundant to me. Am I missing something?

BTW the word "log_guest_addr" is mentioned only once in the document and
in "vring address description" payload it is just called "log",
shouldn't we should change this names to match?



pEpkey.asc
Description: application/pgp-keys

[PATCH] usb: hcd-dwc2: change assert()s to qemu_log_mask(LOG_GUEST_ERROR...)

2020-09-19 Thread Paul Zimmerman 
Change several assert()s to qemu_log_mask(LOG_GUEST_ERROR...),
to prevent the guest from causing Qemu to assert. Also fix up
several existing qemu_log_mask()s to include the function name in
the message.

Suggested-by: Peter Maydell 
Signed-off-by: Paul Zimmerman 
---
Hi Gerd,

This was prompted by
"[Bug 1892604] qemu-system-arm: ../hw/usb/hcd-dwc2.c:666:
 dwc2_glbreg_read: Assertion `addr <= GINTSTS2' failed"

Although this doesn't really fix the reported bug, since the
guest image still doesn't operate correctly, it does prevent
the guest from causing Qemu to assert, as requested by Peter.
I guess this is not too urgent.

Thanks,
Paul

 hw/usb/hcd-dwc2.c | 100 +-
 1 file changed, 81 insertions(+), 19 deletions(-)

diff --git a/hw/usb/hcd-dwc2.c b/hw/usb/hcd-dwc2.c
index 97688d21bf..64c23c1ed0 100644
--- a/hw/usb/hcd-dwc2.c
+++ b/hw/usb/hcd-dwc2.c
@@ -238,7 +238,12 @@ static void dwc2_handle_packet(DWC2State *s, uint32_t 
devadr, USBDevice *dev,
 pid = get_field(hctsiz, TSIZ_SC_MC_PID);
 pcnt = get_field(hctsiz, TSIZ_PKTCNT);
 len = get_field(hctsiz, TSIZ_XFERSIZE);
-assert(len <= DWC2_MAX_XFER_SIZE);
+if (len > DWC2_MAX_XFER_SIZE) {
+qemu_log_mask(LOG_GUEST_ERROR,
+  "%s: HCTSIZ transfer size too large\n", __func__);
+return;
+}
+
 chan = index >> 3;
 p = >packet[chan];
 
@@ -663,7 +668,12 @@ static uint64_t dwc2_glbreg_read(void *ptr, hwaddr addr, 
int index,
 DWC2State *s = ptr;
 uint32_t val;
 
-assert(addr <= GINTSTS2);
+if (addr > GINTSTS2) {
+qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n",
+  __func__, addr);
+return 0;
+}
+
 val = s->glbreg[index];
 
 switch (addr) {
@@ -690,7 +700,12 @@ static void dwc2_glbreg_write(void *ptr, hwaddr addr, int 
index, uint64_t val,
 uint32_t old;
 int iflg = 0;
 
-assert(addr <= GINTSTS2);
+if (addr > GINTSTS2) {
+qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n",
+  __func__, addr);
+return;
+}
+
 mmio = >glbreg[index];
 old = *mmio;
 
@@ -715,27 +730,34 @@ static void dwc2_glbreg_write(void *ptr, hwaddr addr, int 
index, uint64_t val,
 val &= ~GRSTCTL_DMAREQ;
 if (!(old & GRSTCTL_TXFFLSH) && (val & GRSTCTL_TXFFLSH)) {
 /* TODO - TX fifo flush */
-qemu_log_mask(LOG_UNIMP, "Tx FIFO flush not implemented\n");
+qemu_log_mask(LOG_UNIMP, "%s: Tx FIFO flush not implemented\n",
+  __func__);
 }
 if (!(old & GRSTCTL_RXFFLSH) && (val & GRSTCTL_RXFFLSH)) {
 /* TODO - RX fifo flush */
-qemu_log_mask(LOG_UNIMP, "Rx FIFO flush not implemented\n");
+qemu_log_mask(LOG_UNIMP, "%s: Rx FIFO flush not implemented\n",
+  __func__);
 }
 if (!(old & GRSTCTL_IN_TKNQ_FLSH) && (val & GRSTCTL_IN_TKNQ_FLSH)) {
 /* TODO - device IN token queue flush */
-qemu_log_mask(LOG_UNIMP, "Token queue flush not implemented\n");
+qemu_log_mask(LOG_UNIMP, "%s: Token queue flush not implemented\n",
+  __func__);
 }
 if (!(old & GRSTCTL_FRMCNTRRST) && (val & GRSTCTL_FRMCNTRRST)) {
 /* TODO - host frame counter reset */
-qemu_log_mask(LOG_UNIMP, "Frame counter reset not implemented\n");
+qemu_log_mask(LOG_UNIMP,
+  "%s: Frame counter reset not implemented\n",
+  __func__);
 }
 if (!(old & GRSTCTL_HSFTRST) && (val & GRSTCTL_HSFTRST)) {
 /* TODO - host soft reset */
-qemu_log_mask(LOG_UNIMP, "Host soft reset not implemented\n");
+qemu_log_mask(LOG_UNIMP, "%s: Host soft reset not implemented\n",
+  __func__);
 }
 if (!(old & GRSTCTL_CSFTRST) && (val & GRSTCTL_CSFTRST)) {
 /* TODO - core soft reset */
-qemu_log_mask(LOG_UNIMP, "Core soft reset not implemented\n");
+qemu_log_mask(LOG_UNIMP, "%s: Core soft reset not implemented\n",
+  __func__);
 }
 /* don't allow clearing of self-clearing bits */
 val |= old & (GRSTCTL_TXFFLSH | GRSTCTL_RXFFLSH |
@@ -774,7 +796,12 @@ static uint64_t dwc2_fszreg_read(void *ptr, hwaddr addr, 
int index,
 DWC2State *s = ptr;
 uint32_t val;
 
-assert(addr == HPTXFSIZ);
+if (addr != HPTXFSIZ) {
+qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n",
+  __func__, addr);
+return 0;
+}
+
 val = s->fszreg[index];
 
 trace_usb_dwc2_fszreg_read(addr, val);
@@ -789,7 +816,12 @@ static void dwc2_fszreg_write(void *ptr, hwaddr addr, int 
index, uint64_t val,
 uint32_t *mmio;
 uint32_t old;
 
-assert(addr ==

[Bug 1896096] Re: Git version: Build process is broken in block_curl.c.o

2020-09-19 Thread Toolybird 
Looking deeper into this... I believe there are indeed qemu bugs here.

It's actually the qemu configure script which is adding `-pie'

$ echo $LDFLAGS
-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now

Yet meson-logs/meson-log.txt tells me that:

Using 'LDFLAGS' from environment with value: '-g -pie -Wl,-O1,--sort-
common,--as-needed,-z,relro,-z,now'

Where did the `-pie' come from? Answer: the qemu configure script!

https://git.qemu.org/?p=qemu.git;a=blob;f=configure;h=756447900855e0b886ec6eb4e6b6aecf48c20a97;hb=HEAD#l2250

Simply unsetting LDFLAGS allows the build to complete successfully.

Not only that, qemu is now ignoring my user supplied CFLAGS from the
environment. I haven't analysed this one yet but I'm starting to realise
this hybrid meson/configure script approach is quite complicated.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1896096

Title:
  Git version: Build process is broken in block_curl.c.o

Status in QEMU:
  Invalid

Bug description:
  Gcc version: 10.2.0
  Glusterfs: 8.1
  Libguestfs: 1.42

  Configure options used:

  configure \
  --prefix=/usr \
  --sysconfdir=/etc \
  --localstatedir=/var \
  --libexecdir=/usr/lib/qemu \
  --extra-ldflags="$LDFLAGS" \
  --smbd=/usr/bin/smbd \
  --enable-modules \
  --enable-sdl \
  --disable-werror \
  --enable-slirp=system \
  --enable-xfsctl \
  --audio-drv-list="pa alsa sdl"
  
  Error log attached. Here is the beginning:

  /usr/bin/ld: /usr/lib/gcc/x86_64-pc-linux-gnu/10.2.0/../../../../lib/Scrt1.o: 
in function `_start':
  (.text+0x24): undefined reference to `main'
  /usr/bin/ld: libblock-curl.a(block_curl.c.o): in function `curl_block_init':

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1896096/+subscriptions

Ping2: [PATCH v2] Emulate dip switch language layout settings on SUN keyboard

2020-09-19 Thread Henrik Carlqvist 
Just wanted to check that my patch hasn't been forgotten... I was hoping that
it would make it into some branch in git.

Do you want me to do any more changes to the patch or the description?

Best regards Henrik

On Mon, 3 Aug 2020 22:20:49 +0200
Henrik Carlqvist  wrote:

> This is my second attempt to contribute a patch which makes the -k switch
> useful for sparc emulation as its value is used to emulate the dip switch
> in a SUN keyboard for language layout setting.
> 
> Unfortunately my glib version is too old to compile later versions of qemu
> so even though this patch is made from latest git I have only been able to
> test it myself with qemu version 4.1.1. I think and hope that this patch
> will compile and work also with the latest version of git as it only affects
> one file and there hasn't been much changes to that file since tested
> version 4.1.1.
> 
> Best regards Henrik
> 
> From e302b02dec32c28297ed20d852c5fba2c1682f5a Mon Sep 17 00:00:00 2001
> From: Henrik Carlqvist 
> Date: Mon, 3 Aug 2020 22:11:55 +0200
> Subject: [PATCH] Emulating sun keyboard language layout dip switches, taking
>  the value for the dip switches from the "-k" option to qemu.
> 
> SUN Type 4, 5 and 5c keyboards have dip switches to choose the language
> layout of the keyboard. Solaris makes an ioctl to query the value of the
> dipswitches and uses that value to select keyboard layout. Also the SUN
> bios like the one in the file ss5.bin uses this value to support at least
> some keyboard layouts. However, the OpenBIOS provided with qemu is
> hardcoded to always use an US keyboard layout.
> 
> Before this patch, qemu allways gave dip switch value 0x21 (US keyboard),
> this patch uses the command line switch "-k" (keyboard layout) to select
> dip switch value. A table is used to lookup values from arguments like:
> 
> -k fr
> -k es
> 
> But the patch also accepts numeric dip switch values directly to the -k
> switch:
> 
> -k 0x2b
> -k 43
> 
> Both values above are the same and select swedish keyboard as explained in
> table 3-15 at
> https://docs.oracle.com/cd/E19683-01/806-6642/new-43/index.html
> 
> Unless you want to do a full Solaris installation but happen to have
> access to a bios file, the easiest way to test that the patch works is to:
> 
> qemu-system-sparc -k sv -bios /path/to/ss5.bin
> 
> If you already happen to have a Solaris installation in a qemu disk image
> file you can easily try different keyboard layouts after this patch is
> applied.
> 
> Signed-off-by: Henrik Carlqvist 
> ---
>  hw/char/escc.c | 74
> +- 1 file changed,
> 73 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/char/escc.c b/hw/char/escc.c
> index 7d16ee8688..7287056b5f 100644
> --- a/hw/char/escc.c
> +++ b/hw/char/escc.c
> @@ -30,6 +30,8 @@
>  #include "qemu/module.h"
>  #include "hw/char/escc.h"
>  #include "ui/console.h"
> +#include "sysemu/sysemu.h"
> +#include "qemu/cutils.h"
>  #include "trace.h"
>  
>  /*
> @@ -175,6 +177,7 @@
>  #define R_MISC1I 14
>  #define R_EXTINT 15
>  
> +static unsigned char sun_keyboard_layout_dip_switch(void);
>  static void handle_kbd_command(ESCCChannelState *s, int val);
>  static int serial_can_receive(void *opaque);
>  static void serial_receive_byte(ESCCChannelState *s, int ch);
> @@ -730,6 +733,75 @@ static QemuInputHandler sunkbd_handler = {
>  .event = sunkbd_handle_event,
>  };
>  
> +static unsigned char sun_keyboard_layout_dip_switch(void)
> +{
> +/* Return the value of the dip-switches in a SUN Type 5 keyboard */
> +static unsigned char ret = 0xff;
> +
> +if ((ret == 0xff) && keyboard_layout) {
> +int i;
> +struct layout_values {
> +const char *lang;
> +unsigned char dip;
> +} languages[] =
> +/* Dip values from table 3-16 Layouts for Type 4, 5, and 5c Keyboards
> */+{
> +{"en-us", 0x21}, /* U.S.A. (US5.kt) */
> + /* 0x22 is some other US (US_UNIX5.kt)*/
> +{"fr",0x23}, /* France (France5.kt) */
> +{"da",0x24}, /* Denmark (Denmark5.kt) */
> +{"de",0x25}, /* Germany (Germany5.kt) */
> +{"it",0x26}, /* Italy (Italy5.kt) */
> +{"nl",0x27}, /* The Netherlands (Netherland5.kt) */
> +{"no",0x28}, /* Norway (Norway.kt) */
> +{"pt",0x29}, /* Portugal (Portugal5.kt) */
> +{"es",0x2a}, /* Spain (Spain5.kt) */
> +{"sv",0x2b}, /* Sweden (Sweden5.kt) */
> +{"fr-ch", 0x2c}, /* Switzerland/French (Switzer_Fr5.kt) */
> +{"de-ch", 0x2d}, /* Switzerland/German (Switzer_Ge5.kt) */
> +{"en-gb", 0x2e}, /* Great Britain (UK5.kt) */
> +{"ko",0x2f}, /* Korea (Korea5.kt) */
> +{"tw",0x30}, /* Taiwan (Taiwan5.kt) */
> +{"ja",0x31}, /* Japan

[Bug 1892604] Re: qemu-system-arm: ../hw/usb/hcd-dwc2.c:666: dwc2_glbreg_read: Assertion `addr <= GINTSTS2' failed.

2020-09-19 Thread Paul Zimmerman 
I also tried
http://downloads.raspberrypi.org/raspbian/images/raspbian-2016-09-28/2016-09-23
-raspbian-jessie.zip, which is the next Raspbian release after the
cursed one, and it works OK too. So I assume any release after that will
also work OK. Just in case anyone wants to use the older releases
because they are smaller than the later ones.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1892604

Title:
  qemu-system-arm: ../hw/usb/hcd-dwc2.c:666: dwc2_glbreg_read: Assertion
  `addr <= GINTSTS2' failed.

Status in QEMU:
  New

Bug description:
  When trying to run the 2016-05-27 Raspbian image on the emulated
  raspi2 platform, the system boots but shortly after the login prompt
  QEMU (master; commit ID ca489cd037e4d50dc6c40570a167504ad7e5a521) dies
  with:

  qemu-system-arm: ../hw/usb/hcd-dwc2.c:666: dwc2_glbreg_read: Assertion
  `addr <= GINTSTS2' failed.

  Steps to reproduce:

  1. Get the image: wget
  
http://downloads.raspberrypi.org/raspbian/images/raspbian-2016-05-31/2016-05-27
  -raspbian-jessie.zip

  2. Extract the kernel image and DTB:

  sudo losetup -f --show -P 2016-05-27-raspbian-jessie.img
  sudo mkdir /mnt/rpi
  sudo mount /dev/loop11p1 /mnt/rpi/
  cp /mnt/rpi/kernel7.img . 



  cp /mnt/rpi/bcm2709-rpi-2-b.dtb . 



  sudo umount /mnt/rpi 
  sudo losetup -d /dev/loop11 

  3. Run QEMU:
  qemu-system-arm -M raspi2 -m 1G -dtb bcm2709-rpi-2-b.dtb -kernel kernel7.img 
-append "rw earlyprintk loglevel=8 console=ttyAMA0,115200 dwc_otg.lpm_enable=0 
root=/dev/mmcblk0p2" -sd 2016-05-27-raspbian-jessie.img -smp 4 -serial stdio 
-display none

  A few seconds after the login prompt is displayed, QEMU will exit with
  the assertion failure.

  I also tried changing all of the asserts to if statements that (for
  MMIO reads) returned 0 and (for writes) just returned, but this
  resulted in a non-responsive system.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1892604/+subscriptions

[Bug 1896342] Re: IDE ATA IDENTIFY WORD 106

2020-09-19 Thread Benjamin David Lunt 
For more information, Annex-E of the ACS-2 explains this as well.

http://www.t13.org/Documents/UploadedDocuments/docs2009/d2015r2
-ATAATAPI_Command_set_-_2_ACS-2.pdf

See the statement on the top of page 165 as well.  "If bit 13 is set,
then bits 3:0 are valid".

Page 119 of that same document states:
  "13  1 = Device has multiple logical sectors per physical sector."

In my opinion, if bit 13 is set and bits 3:0 are valid, then bits 3:0
should be non-zero.

Therefore, I gather that in QEMU (assuming that get_physical_block_exp()
returns the same value shown in the example listing above):

1) if get_physical_block_exp() return a non-zero value, bit 13 must be set and 
bits 3:0 will be non-zero.
2) if get_physical_block_exp() return a zero value, bit 13 must be clear and 
bits 3:0 must be ignored.

Please correct me if I am wrong in these assumptions.

Thanks,
Ben

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1896342

Title:
  IDE ATA IDENTIFY WORD 106

Status in QEMU:
  New

Bug description:
  The code at line 202 in hw/ide/core.c
   (https://git.qemu.org/?p=qemu.git;a=blob;f=hw/ide/core.c;#l201)
  hard codes bit 13 set.  However, get_physical_block_exp() can and may return 
0, which is a valid response. If get_physical_block_exp() does return zero, bit 
13 should not be set.

  ATAPI8 states (Section 7.17.7.73):
   "Bit 13 of word 106 shall be set to one to indicate that the device has more 
than one logical sector per physical sector"

  and gives the examples:
Bits (3:0): 0 = 2^0 = 1 logical sector per physical sector
Bits (3:0): 1 = 2^1 = 2 logical sector per physical sector
Bits (3:0): 2 = 2^2 = 4 logical sector per physical sector
Bits (3:0): 3 = 2^3 = 8 logical sector per physical sector

  Therefore, if bit 13 is set, bits 3:0 must be greater than zero.

  If get_physical_block_exp() returns zero then there is a 1:1 ratio and
  bit 13 must be 0.

  Just my opinion.

  Thanks,
  Ben

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1896342/+subscriptions

[Bug 1896342] [NEW] IDE ATA IDENTIFY WORD 106

2020-09-19 Thread Benjamin David Lunt 
Public bug reported:

The code at line 202 in hw/ide/core.c
 (https://git.qemu.org/?p=qemu.git;a=blob;f=hw/ide/core.c;#l201)
hard codes bit 13 set.  However, get_physical_block_exp() can and may return 0, 
which is a valid response. If get_physical_block_exp() does return zero, bit 13 
should not be set.

ATAPI8 states (Section 7.17.7.73):
 "Bit 13 of word 106 shall be set to one to indicate that the device has more 
than one logical sector per physical sector"

and gives the examples:
  Bits (3:0): 0 = 2^0 = 1 logical sector per physical sector
  Bits (3:0): 1 = 2^1 = 2 logical sector per physical sector
  Bits (3:0): 2 = 2^2 = 4 logical sector per physical sector
  Bits (3:0): 3 = 2^3 = 8 logical sector per physical sector

Therefore, if bit 13 is set, bits 3:0 must be greater than zero.

If get_physical_block_exp() returns zero then there is a 1:1 ratio and
bit 13 must be 0.

Just my opinion.

Thanks,
Ben

** Affects: qemu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1896342

Title:
  IDE ATA IDENTIFY WORD 106

Status in QEMU:
  New

Bug description:
  The code at line 202 in hw/ide/core.c
   (https://git.qemu.org/?p=qemu.git;a=blob;f=hw/ide/core.c;#l201)
  hard codes bit 13 set.  However, get_physical_block_exp() can and may return 
0, which is a valid response. If get_physical_block_exp() does return zero, bit 
13 should not be set.

  ATAPI8 states (Section 7.17.7.73):
   "Bit 13 of word 106 shall be set to one to indicate that the device has more 
than one logical sector per physical sector"

  and gives the examples:
Bits (3:0): 0 = 2^0 = 1 logical sector per physical sector
Bits (3:0): 1 = 2^1 = 2 logical sector per physical sector
Bits (3:0): 2 = 2^2 = 4 logical sector per physical sector
Bits (3:0): 3 = 2^3 = 8 logical sector per physical sector

  Therefore, if bit 13 is set, bits 3:0 must be greater than zero.

  If get_physical_block_exp() returns zero then there is a 1:1 ratio and
  bit 13 must be 0.

  Just my opinion.

  Thanks,
  Ben

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1896342/+subscriptions

Re: [PULL 00/17] Trivial branch for 5.2 patches

2020-09-19 Thread no-reply 
Patchew URL: 
https://patchew.org/QEMU/20200919184451.2129349-1-laur...@vivier.eu/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 20200919184451.2129349-1-laur...@vivier.eu
Subject: [PULL 00/17] Trivial branch for 5.2 patches

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

From https://github.com/patchew-project/qemu
 * [new tag] patchew/20200919184451.2129349-1-laur...@vivier.eu -> 
patchew/20200919184451.2129349-1-laur...@vivier.eu
Switched to a new branch 'test'
6f9951a contrib/: fix some comment spelling errors
5d3d5a1 qapi/: fix some comment spelling errors
1ad31f2 disas/: fix some comment spelling errors
c5980ac linux-user/: fix some comment spelling errors
5779f24 util/: fix some comment spelling errors
418cb9d scripts/: fix some comment spelling errors
1ab9555 docs/: fix some comment spelling errors
cf7f2f5 migration/: fix some comment spelling errors
0b8aa37 qemu/: fix some comment spelling errors
94f4908 scripts/git.orderfile: Display meson files along with buildsys ones
84659a7 hw/timer/hpet: Fix debug format strings
f591d41 hw/timer/hpet: Remove unused functions hpet_ram_readb, hpet_ram_readw
0ec7442 manual: escape backslashes in "parsed-literal" blocks
c0be395 ui/spice-input: Remove superfluous forward declaration
4066166 hw/ppc/ppc4xx_pci: Replace magic value by the PCI_NUM_PINS definition
a5f3515 hw/gpio/max7310: Remove impossible check

=== OUTPUT BEGIN ===
1/16 Checking commit a5f3515e9187 (hw/gpio/max7310: Remove impossible check)
2/16 Checking commit 40661664b027 (hw/ppc/ppc4xx_pci: Replace magic value by 
the PCI_NUM_PINS definition)
3/16 Checking commit c0be3951e528 (ui/spice-input: Remove superfluous forward 
declaration)
4/16 Checking commit 0ec7442ca655 (manual: escape backslashes in 
"parsed-literal" blocks)
5/16 Checking commit f591d4145830 (hw/timer/hpet: Remove unused functions 
hpet_ram_readb, hpet_ram_readw)
6/16 Checking commit 84659a741320 (hw/timer/hpet: Fix debug format strings)
7/16 Checking commit 94f49083a57c (scripts/git.orderfile: Display meson files 
along with buildsys ones)
8/16 Checking commit 0b8aa371b9fd (qemu/: fix some comment spelling errors)
WARNING: line over 80 characters
#52: FILE: audio/audio.c:1677:
+ * the same configuration (except the driver), so it doesn't matter 
which

WARNING: Block comments use a leading /* on a separate line
#156: FILE: scsi/pr-manager-helper.c:130:
+/* A simple feature negotiation protocol, even though there is

total: 0 errors, 2 warnings, 88 lines checked

Patch 8/16 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
9/16 Checking commit cf7f2f519156 (migration/: fix some comment spelling errors)
WARNING: Block comments use a leading /* on a separate line
#96: FILE: migration/postcopy-ram.h:164:
+/* Call each of the shared 'waker's registered telling them of

WARNING: Block comments use a trailing */ on a separate line
#198: FILE: migration/savevm.c:2798:
+ * successful live migration */

total: 0 errors, 2 warnings, 144 lines checked

Patch 9/16 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
10/16 Checking commit 1ab9555a0bad (docs/: fix some comment spelling errors)
11/16 Checking commit 418cb9d78050 (scripts/: fix some comment spelling errors)
12/16 Checking commit 5779f24a9c25 (util/: fix some comment spelling errors)
13/16 Checking commit c5980acaeb8b (linux-user/: fix some comment spelling 
errors)
WARNING: Block comments use a leading /* on a separate line
#26: FILE: linux-user/aarch64/signal.c:81:
+/* The actual SVE data immediately follows.  It is laid out

WARNING: Block comments use a leading /* on a separate line
#39: FILE: linux-user/cris/target_syscall.h:7:
+/* pt_regs not only specifies the format in the user-struct during

ERROR: code indent should never use tabs
#61: FILE: linux-user/flat.h:46:
+^Iabi_ulong filler[5];/* Reserved, set to zero */$

total: 1 errors, 2 warnings, 72 lines checked

Patch 13/16 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

14/16 Checking commit 1ad31f2af26f (disas/: fix some comment spelling errors)
ERROR: code indent should never use tabs
#26: FILE: disas/hppa.c:2024:
+^I^I  /* 'fA' will not generate a space before the register$

WARNING: Block comments use a leading /* on a separate line
#26: FILE: disas/hppa.c:2024:
+ /* 'fA' will not generate a space before the register

ERROR: code indent should never use tabs
#79: FILE: disas/ppc.c:5229:
+^I

[PULL 15/17] disas/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the disas folder.

Signed-off-by: zhaolichang 
Reviewed-by: Alex Bennée 
Message-Id: <20200917075029.313-9-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 disas/hppa.c | 2 +-
 disas/m68k.c | 8 
 disas/ppc.c  | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/disas/hppa.c b/disas/hppa.c
index 2dbd1fc4454e..dcf9a47f3489 100644
--- a/disas/hppa.c
+++ b/disas/hppa.c
@@ -2021,7 +2021,7 @@ print_insn_hppa (bfd_vma memaddr, disassemble_info *info)
fput_fp_reg (GET_FIELD (insn, 6, 10), info);
  break;
 
- /* 'fA' will not generate a space before the regsiter
+ /* 'fA' will not generate a space before the register
 name.  Normally that is fine.  Except that it
 causes problems with xmpyu which has no FP format
 completer.  */
diff --git a/disas/m68k.c b/disas/m68k.c
index 863409c67ccb..aefaecfbd6cb 100644
--- a/disas/m68k.c
+++ b/disas/m68k.c
@@ -70,7 +70,7 @@ struct floatformat
   unsigned int exp_start;
   unsigned int exp_len;
   /* Bias added to a "true" exponent to form the biased exponent.  It
- is intentionally signed as, otherwize, -exp_bias can turn into a
+ is intentionally signed as, otherwise, -exp_bias can turn into a
  very large number (e.g., given the exp_bias of 0x3fff and a 64
  bit long, the equation (long)(1 - exp_bias) evaluates to
  4294950914) instead of -16382).  */
@@ -479,7 +479,7 @@ struct m68k_opcode_alias
   and remaining 3 bits of register shifted 9 bits in first word.
   Indicate upper/lower in 1 bit shifted 7 bits in second word.
   Use with `R' or `u' format.
-   n  `m' withouth upper/lower indication. (For M[S]ACx; 4 bits split
+   n  `m' without upper/lower indication. (For M[S]ACx; 4 bits split
   with MSB shifted 6 bits in first word and remaining 3 bits of
   register shifted 9 bits in first word.  No upper/lower
   indication is done.)  Use with `R' or `u' format.
@@ -854,7 +854,7 @@ fetch_arg (unsigned char *buffer,
 
 /* Check if an EA is valid for a particular code.  This is required
for the EMAC instructions since the type of source address determines
-   if it is a EMAC-load instruciton if the EA is mode 2-5, otherwise it
+   if it is a EMAC-load instruction if the EA is mode 2-5, otherwise it
is a non-load EMAC instruction and the bits mean register Ry.
A similar case exists for the movem instructions where the register
mask is interpreted differently for different EAs.  */
@@ -1080,7 +1080,7 @@ print_indexed (int basereg,
 
 /* Returns number of bytes "eaten" by the operand, or
return -1 if an invalid operand was found, or -2 if
-   an opcode tabe error was found.
+   an opcode table error was found.
ADDR is the pc for this arg to be relative to.  */
 
 static int
diff --git a/disas/ppc.c b/disas/ppc.c
index 63e97cfe1da2..02be87819832 100644
--- a/disas/ppc.c
+++ b/disas/ppc.c
@@ -5226,7 +5226,7 @@ operand_value_powerpc (const struct powerpc_operand 
*operand,
   if ((operand->flags & PPC_OPERAND_SIGNED) != 0)
{
  /* BITM is always some number of zeros followed by some
-number of ones, followed by some numer of zeros.  */
+number of ones, followed by some number of zeros.  */
  unsigned long top = operand->bitm;
  /* top & -top gives the rightmost 1 bit, so this
 fills in any trailing zeros.  */
-- 
2.26.2

[PULL 11/17] docs/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the docs folder.

Signed-off-by: zhaolichang 
Reviewed-by: Peter Maydell 
Message-Id: <20200917075029.313-4-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 docs/COLO-FT.txt | 6 +++---
 docs/devel/blkdebug.txt  | 2 +-
 docs/devel/migration.rst | 2 +-
 docs/devel/testing.rst   | 2 +-
 docs/devel/tracing.txt   | 2 +-
 docs/interop/bitmaps.rst | 2 +-
 docs/interop/dbus.rst| 4 ++--
 docs/interop/nbd.txt | 2 +-
 docs/interop/vhost-user-gpu.rst  | 2 +-
 docs/interop/vhost-user.rst  | 4 ++--
 docs/rdma.txt| 2 +-
 docs/specs/ppc-spapr-hotplug.txt | 4 ++--
 docs/specs/ppc-spapr-xive.rst| 4 ++--
 docs/system/arm/aspeed.rst   | 2 +-
 docs/system/deprecated.rst   | 8 
 docs/system/target-avr.rst   | 4 ++--
 docs/tools/virtiofsd.rst | 2 +-
 17 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/docs/COLO-FT.txt b/docs/COLO-FT.txt
index c8e174093566..bc5fb2a1bb5f 100644
--- a/docs/COLO-FT.txt
+++ b/docs/COLO-FT.txt
@@ -91,7 +91,7 @@ the heartbeat stops responding, the secondary node will 
trigger a failover
 as soon as it determines the absence.
 
 COLO disk Manager:
-When primary VM writes data into image, the colo disk manger captures this data
+When primary VM writes data into image, the colo disk manager captures this 
data
 and sends it to secondary VM's which makes sure the context of secondary VM's
 image is consistent with the context of primary VM 's image.
 For more details, please refer to docs/block-replication.txt.
@@ -146,12 +146,12 @@ in test procedure.
 
 == Test procedure ==
 Note: Here we are running both instances on the same host for testing,
-change the IP Addresses if you want to run it on two hosts. Initally
+change the IP Addresses if you want to run it on two hosts. Initially
 127.0.0.1 is the Primary Host and 127.0.0.2 is the Secondary Host.
 
 == Startup qemu ==
 1. Primary:
-Note: Initally, $imagefolder/primary.qcow2 needs to be copied to all hosts.
+Note: Initially, $imagefolder/primary.qcow2 needs to be copied to all hosts.
 You don't need to change any IP's here, because 0.0.0.0 listens on any
 interface. The chardev's with 127.0.0.1 IP's loopback to the local qemu
 instance.
diff --git a/docs/devel/blkdebug.txt b/docs/devel/blkdebug.txt
index 43d8e8f9c63b..0b0c128d356b 100644
--- a/docs/devel/blkdebug.txt
+++ b/docs/devel/blkdebug.txt
@@ -62,7 +62,7 @@ Rules support the following attributes:
 
   errno - the numeric errno value to return when a request matches this rule.
   The errno values depend on the host since the numeric values are not
-  standarized in the POSIX specification.
+  standardized in the POSIX specification.
 
   sector - (optional) a sector number that the request must overlap in order to
match this rule
diff --git a/docs/devel/migration.rst b/docs/devel/migration.rst
index 2eb08624fc36..49112bb27aab 100644
--- a/docs/devel/migration.rst
+++ b/docs/devel/migration.rst
@@ -625,7 +625,7 @@ It can be issued immediately after migration is started or 
any
 time later on.  Issuing it after the end of a migration is harmless.
 
 Blocktime is a postcopy live migration metric, intended to show how
-long the vCPU was in state of interruptable sleep due to pagefault.
+long the vCPU was in state of interruptible sleep due to pagefault.
 That metric is calculated both for all vCPUs as overlapped value, and
 separately for each vCPU. These values are calculated on destination
 side.  To enable postcopy blocktime calculation, enter following
diff --git a/docs/devel/testing.rst b/docs/devel/testing.rst
index 196e3bc35eb6..bd64c1bdcdd4 100644
--- a/docs/devel/testing.rst
+++ b/docs/devel/testing.rst
@@ -471,7 +471,7 @@ the warning.
 A few important files for suppressing warnings are:
 
 tests/tsan/suppressions.tsan - Has TSan warnings we wish to suppress at 
runtime.
-The comment on each supression will typically indicate why we are
+The comment on each suppression will typically indicate why we are
 suppressing it.  More information on the file format can be found here:
 
 https://github.com/google/sanitizers/wiki/ThreadSanitizerSuppressions
diff --git a/docs/devel/tracing.txt b/docs/devel/tracing.txt
index 6144d9921bfd..d2160655b4e3 100644
--- a/docs/devel/tracing.txt
+++ b/docs/devel/tracing.txt
@@ -55,7 +55,7 @@ without any sub-directory path prefix. eg io/channel-buffer.c 
would do
   #include "trace.h"
 
 To access the 'io/trace.h' file. While it is possible to include a trace.h
-file from outside a source files' own sub-directory, this is discouraged in
+file from outside a source file's own sub-directory, this is discouraged in
 general. It is strongly preferred that all events be declared directly

[PULL 07/17] hw/timer/hpet: Fix debug format strings

2020-09-19 Thread Laurent Vivier 
From: Dov Murik 

Fix compiler errors when compiling with -DHPET_DEBUG due to mismatch
between format string token "%x" and the argument type uint64_t.

Also "%#x" is replaced by "0x%" PRIx64 according to the coding style.

Signed-off-by: Dov Murik 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20200909083650.46771-3-dovmu...@linux.vnet.ibm.com>
Signed-off-by: Laurent Vivier 
---
 hw/timer/hpet.c | 13 +++--
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c
index 07ff82b33358..edaa5a0adfb5 100644
--- a/hw/timer/hpet.c
+++ b/hw/timer/hpet.c
@@ -498,7 +498,8 @@ static void hpet_ram_write(void *opaque, hwaddr addr,
 HPETState *s = opaque;
 uint64_t old_val, new_val, val, index;
 
-DPRINTF("qemu: Enter hpet_ram_writel at %" PRIx64 " = %#x\n", addr, value);
+DPRINTF("qemu: Enter hpet_ram_writel at %" PRIx64 " = 0x%" PRIx64 "\n",
+addr, value);
 index = addr;
 old_val = hpet_ram_read(opaque, addr, 4);
 new_val = value;
@@ -508,7 +509,7 @@ static void hpet_ram_write(void *opaque, hwaddr addr,
 uint8_t timer_id = (addr - 0x100) / 0x20;
 HPETTimer *timer = >timer[timer_id];
 
-DPRINTF("qemu: hpet_ram_writel timer_id = %#x\n", timer_id);
+DPRINTF("qemu: hpet_ram_writel timer_id = 0x%x\n", timer_id);
 if (timer_id > s->num_timers) {
 DPRINTF("qemu: timer id out of range\n");
 return;
@@ -640,8 +641,8 @@ static void hpet_ram_write(void *opaque, hwaddr addr,
 }
 s->hpet_counter =
 (s->hpet_counter & 0xULL) | value;
-DPRINTF("qemu: HPET counter written. ctr = %#x -> %" PRIx64 "\n",
-value, s->hpet_counter);
+DPRINTF("qemu: HPET counter written. ctr = 0x%" PRIx64 " -> "
+"%" PRIx64 "\n", value, s->hpet_counter);
 break;
 case HPET_COUNTER + 4:
 if (hpet_enabled(s)) {
@@ -649,8 +650,8 @@ static void hpet_ram_write(void *opaque, hwaddr addr,
 }
 s->hpet_counter =
 (s->hpet_counter & 0xULL) | (((uint64_t)value) << 32);
-DPRINTF("qemu: HPET counter + 4 written. ctr = %#x -> %" PRIx64 
"\n",
-value, s->hpet_counter);
+DPRINTF("qemu: HPET counter + 4 written. ctr = 0x%" PRIx64 " -> "
+"%" PRIx64 "\n", value, s->hpet_counter);
 break;
 default:
 DPRINTF("qemu: invalid hpet_ram_writel\n");
-- 
2.26.2

[PULL 14/17] linux-user/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the linux-user folder.

Signed-off-by: zhaolichang 
Reviewed-by: Alex Bennee 
Message-Id: <20200917075029.313-7-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 linux-user/aarch64/signal.c  | 2 +-
 linux-user/cris/target_syscall.h | 4 ++--
 linux-user/flat.h| 2 +-
 linux-user/flatload.c| 4 ++--
 linux-user/host/ppc64/safe-syscall.inc.S | 2 +-
 linux-user/syscall.c | 4 ++--
 6 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/linux-user/aarch64/signal.c b/linux-user/aarch64/signal.c
index cd521ee42d17..d50c1ae58381 100644
--- a/linux-user/aarch64/signal.c
+++ b/linux-user/aarch64/signal.c
@@ -78,7 +78,7 @@ struct target_sve_context {
 struct target_aarch64_ctx head;
 uint16_t vl;
 uint16_t reserved[3];
-/* The actual SVE data immediately follows.  It is layed out
+/* The actual SVE data immediately follows.  It is laid out
  * according to TARGET_SVE_SIG_{Z,P}REG_OFFSET, based off of
  * the original struct pointer.
  */
diff --git a/linux-user/cris/target_syscall.h b/linux-user/cris/target_syscall.h
index d109a6b42a35..19e12814039c 100644
--- a/linux-user/cris/target_syscall.h
+++ b/linux-user/cris/target_syscall.h
@@ -4,7 +4,7 @@
 #define UNAME_MACHINE "cris"
 #define UNAME_MINIMUM_RELEASE "2.6.32"
 
-/* pt_regs not only specifices the format in the user-struct during
+/* pt_regs not only specifies the format in the user-struct during
  * ptrace but is also the frame format used in the kernel prologue/epilogues
  * themselves
  */
@@ -32,7 +32,7 @@ struct target_pt_regs {
 unsigned long spc;
 unsigned long ccs;
 unsigned long srp;
-unsigned long erp; /* This is actually the debugged process' PC */
+unsigned long erp; /* This is actually the debugged process's PC */
 /* For debugging purposes; saved only when needed. */
 unsigned long exs;
 unsigned long eda;
diff --git a/linux-user/flat.h b/linux-user/flat.h
index 1e44b3344320..ed518e2013b1 100644
--- a/linux-user/flat.h
+++ b/linux-user/flat.h
@@ -43,7 +43,7 @@ struct flat_hdr {
abi_ulong reloc_count;  /* Number of relocation records */
abi_ulong flags;
abi_ulong build_date;   /* When the program/library was built */
-   abi_ulong filler[5];/* Reservered, set to zero */
+   abi_ulong filler[5];/* Reserved, set to zero */
 };
 
 #define FLAT_FLAG_RAM0x0001 /* load program entirely into RAM */
diff --git a/linux-user/flatload.c b/linux-user/flatload.c
index 8fb448f0bf06..14d2999d1537 100644
--- a/linux-user/flatload.c
+++ b/linux-user/flatload.c
@@ -442,7 +442,7 @@ static int load_flat_file(struct linux_binprm * bprm,
 indx_len = (indx_len + 15) & ~(abi_ulong)15;
 
 /*
- * Alloate the address space.
+ * Allocate the address space.
  */
 probe_guest_base(bprm->filename, 0,
  text_len + data_len + extra + indx_len);
@@ -794,7 +794,7 @@ int load_flt_binary(struct linux_binprm *bprm, struct 
image_info *info)
 #error here
 for (i = MAX_SHARED_LIBS-1; i>0; i--) {
 if (libinfo[i].loaded) {
-/* Push previos first to call address */
+/* Push previous first to call address */
 --sp;
 if (put_user_ual(start_addr, sp))
 return -EFAULT;
diff --git a/linux-user/host/ppc64/safe-syscall.inc.S 
b/linux-user/host/ppc64/safe-syscall.inc.S
index 8ed73a5b8683..875133173bb6 100644
--- a/linux-user/host/ppc64/safe-syscall.inc.S
+++ b/linux-user/host/ppc64/safe-syscall.inc.S
@@ -84,7 +84,7 @@ safe_syscall_end:
 
/* code path when we didn't execute the syscall */
 0: addi3, 0, -TARGET_ERESTARTSYS
-   ld 14, 16(1) /* restore r14 to its orginal value */
+   ld 14, 16(1) /* restore r14 to its original value */
blr
.cfi_endproc
 
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 55ac5c320825..897d20c076ce 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -481,7 +481,7 @@ _syscall4(int, sys_prlimit64, pid_t, pid, int, resource,
 
 
 #if defined(TARGET_NR_timer_create)
-/* Maxiumum of 32 active POSIX timers allowed at any one time. */
+/* Maximum of 32 active POSIX timers allowed at any one time. */
 static timer_t g_posix_timers[32] = { 0, } ;
 
 static inline int next_free_host_timer(void)
@@ -8180,7 +8180,7 @@ static abi_long do_syscall1(void *cpu_env, int num, 
abi_long arg1,
 switch(num) {
 case TARGET_NR_exit:
 /* In old applications this may be used to implement _exit(2).
-   However in threaded applictions it is used for thread termination,
+   However in threaded applications it is used for

[PULL 08/17] scripts/git.orderfile: Display meson files along with buildsys ones

2020-09-19 Thread Laurent Vivier 
From: Philippe Mathieu-Daudé 

Since commit a56650518f5 ("configure: integrate Meson in the build
system") we replaced many Makefile by Meson files. Adapt the
git.orderfile script to display the new file at the same position.

Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Stefano Garzarella 
Message-Id: <20200907161222.41915-1-phi...@redhat.com>
Signed-off-by: Laurent Vivier 
---
 scripts/git.orderfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/git.orderfile b/scripts/git.orderfile
index 73fd818d7f3e..a021afc2d517 100644
--- a/scripts/git.orderfile
+++ b/scripts/git.orderfile
@@ -18,6 +18,7 @@ docs/*
 configure
 Makefile*
 *.mak
+meson.build
 
 # qapi schema
 qapi/*.json
-- 
2.26.2

[PULL 10/17] migration/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the migration folder.

Signed-off-by: zhaolichang 
Reviewed-by: Peter Maydell 
Message-Id: <20200917075029.313-3-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 migration/colo-failover.c |  2 +-
 migration/colo.c  |  2 +-
 migration/multifd.c   |  4 ++--
 migration/postcopy-ram.c  |  4 ++--
 migration/postcopy-ram.h  |  2 +-
 migration/ram.c   | 10 +-
 migration/rdma.c  |  8 
 migration/savevm.c|  4 ++--
 8 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/migration/colo-failover.c b/migration/colo-failover.c
index e9ca0b47744b..b717edc8e2f6 100644
--- a/migration/colo-failover.c
+++ b/migration/colo-failover.c
@@ -46,7 +46,7 @@ void failover_request_active(Error **errp)
 {
if (failover_set_state(FAILOVER_STATUS_NONE,
 FAILOVER_STATUS_REQUIRE) != FAILOVER_STATUS_NONE) {
-error_setg(errp, "COLO failover is already actived");
+error_setg(errp, "COLO failover is already activated");
 return;
 }
 failover_bh = qemu_bh_new(colo_failover_bh, NULL);
diff --git a/migration/colo.c b/migration/colo.c
index ea7d1e9d4e7b..80788d46b555 100644
--- a/migration/colo.c
+++ b/migration/colo.c
@@ -632,7 +632,7 @@ out:
 /*
  * It is safe to unregister notifier after failover finished.
  * Besides, colo_delay_timer and colo_checkpoint_sem can't be
- * released befor unregister notifier, or there will be use-after-free
+ * released before unregister notifier, or there will be use-after-free
  * error.
  */
 colo_compare_unregister_notifier(_compare_notifier);
diff --git a/migration/multifd.c b/migration/multifd.c
index d0441202aae9..ac84a61797f3 100644
--- a/migration/multifd.c
+++ b/migration/multifd.c
@@ -731,7 +731,7 @@ static void multifd_new_send_channel_async(QIOTask *task, 
gpointer opaque)
 qemu_sem_post(>sem_sync);
 /*
  * Although multifd_send_thread is not created, but main migration
- * thread neet to judge whether it is running, so we need to mark
+ * thread needs to judge whether it is running, so we need to mark
  * its status.
  */
 p->quit = true;
@@ -1042,7 +1042,7 @@ bool multifd_recv_all_channels_created(void)
 
 /*
  * Try to receive all multifd channels to get ready for the migration.
- * - Return true and do not set @errp when correctly receving all channels;
+ * - Return true and do not set @errp when correctly receiving all channels;
  * - Return false and do not set @errp when correctly receiving the current 
one;
  * - Return false and set @errp when failing to receive the current channel.
  */
diff --git a/migration/postcopy-ram.c b/migration/postcopy-ram.c
index 1bb22f2b6cba..baf094ba3a0d 100644
--- a/migration/postcopy-ram.c
+++ b/migration/postcopy-ram.c
@@ -237,7 +237,7 @@ release_ufd:
  * request_ufd_features: this function should be called only once on a newly
  * opened ufd, subsequent calls will lead to error.
  *
- * Returns: true on succes
+ * Returns: true on success
  *
  * @ufd: fd obtained from userfaultfd syscall
  * @features: bit mask see UFFD_API_FEATURES
@@ -807,7 +807,7 @@ static void mark_postcopy_blocktime_end(uintptr_t addr)
 
 low_time_offset = get_low_time_offset(dc);
 /* lookup cpu, to clear it,
- * that algorithm looks straighforward, but it's not
+ * that algorithm looks straightforward, but it's not
  * optimal, more optimal algorithm is keeping tree or hash
  * where key is address value is a list of  */
 for (i = 0; i < smp_cpus; i++) {
diff --git a/migration/postcopy-ram.h b/migration/postcopy-ram.h
index 9941feb63aa7..6d2b3cf124e8 100644
--- a/migration/postcopy-ram.h
+++ b/migration/postcopy-ram.h
@@ -161,7 +161,7 @@ struct PostCopyFD {
  */
 void postcopy_register_shared_ufd(struct PostCopyFD *pcfd);
 void postcopy_unregister_shared_ufd(struct PostCopyFD *pcfd);
-/* Call each of the shared 'waker's registerd telling them of
+/* Call each of the shared 'waker's registered telling them of
  * availability of a block.
  */
 int postcopy_notify_shared_wake(RAMBlock *rb, uint64_t offset);
diff --git a/migration/ram.c b/migration/ram.c
index 76d4fee5d511..c5f36aeae53b 100644
--- a/migration/ram.c
+++ b/migration/ram.c
@@ -256,7 +256,7 @@ int64_t ramblock_recv_bitmap_send(QEMUFile *file,
 /*
  * Always use little endian when sending the bitmap. This is
  * required that when source and destination VMs are not using the
- * same endianess. (Note: big endian won't work.)
+ * same endianness. (Note: big endian won't work.)
  */
 bitmap_to_le(le_bitmap, block->receivedmap, nbits);
 
@@ -275,7 +275,7 @@ int64_t ramblock_recv_bitmap_send(QEMUFile *file,
 qemu_put_buffer(file, (const uint8_t *)le_bitmap, size);
 /*

[PULL 17/17] contrib/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the contrib folder.

Signed-off-by: zhaolichang 
Reviewed-by: Alex Bennee 
Message-Id: <20200917075029.313-11-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 contrib/gitdm/filetypes.txt | 6 +++---
 contrib/ivshmem-client/ivshmem-client.h | 2 +-
 contrib/libvhost-user/libvhost-user.c   | 4 ++--
 contrib/libvhost-user/libvhost-user.h   | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/contrib/gitdm/filetypes.txt b/contrib/gitdm/filetypes.txt
index 9e9c50520550..d2d6f6db8d5e 100644
--- a/contrib/gitdm/filetypes.txt
+++ b/contrib/gitdm/filetypes.txt
@@ -22,7 +22,7 @@
 # in the gitdm sample-config directory.
 #
 # This file contains associations parameters regarding filetypes
-# (documentation, develompent, multimedia, images...)
+# (documentation, development, multimedia, images...)
 #
 # format:
 # filetype   []
@@ -59,8 +59,8 @@ filetype code \.s$# Assembly
 filetype code \.S$ # Assembly
 filetype code \.asm$   # Assembly
 filetype code \.awk$   # awk
-filetype code ^common$  # script fragements
-filetype code ^common.*$  # script fragements
+filetype code ^common$  # script fragments
+filetype code ^common.*$  # script fragments
 filetype code (qom|qmp)-\w+$  # python script fragments
 
 #
diff --git a/contrib/ivshmem-client/ivshmem-client.h 
b/contrib/ivshmem-client/ivshmem-client.h
index fe3cc4a03d33..fc45a38060f0 100644
--- a/contrib/ivshmem-client/ivshmem-client.h
+++ b/contrib/ivshmem-client/ivshmem-client.h
@@ -174,7 +174,7 @@ int ivshmem_client_notify_all_vects(const IvshmemClient 
*client,
 const IvshmemClientPeer *peer);
 
 /**
- * Broadcat a notification to all vectors of all peers
+ * Broadcast a notification to all vectors of all peers
  *
  * @client: The ivshmem client
  *
diff --git a/contrib/libvhost-user/libvhost-user.c 
b/contrib/libvhost-user/libvhost-user.c
index 53f16bdf082c..9d30ff2283c4 100644
--- a/contrib/libvhost-user/libvhost-user.c
+++ b/contrib/libvhost-user/libvhost-user.c
@@ -684,7 +684,7 @@ vu_add_mem_reg(VuDev *dev, VhostUserMsg *vmsg) {
 
 /*
  * If we are in postcopy mode and we receive a u64 payload with a 0 value
- * we know all the postcopy client bases have been recieved, and we
+ * we know all the postcopy client bases have been received, and we
  * should start generating faults.
  */
 if (track_ramblocks &&
@@ -973,7 +973,7 @@ vu_set_mem_table_exec(VuDev *dev, VhostUserMsg *vmsg)
 for (i = 0; i < dev->max_queues; i++) {
 if (dev->vq[i].vring.desc) {
 if (map_ring(dev, >vq[i])) {
-vu_panic(dev, "remaping queue %d during setmemtable", i);
+vu_panic(dev, "remapping queue %d during setmemtable", i);
 }
 }
 }
diff --git a/contrib/libvhost-user/libvhost-user.h 
b/contrib/libvhost-user/libvhost-user.h
index 844c37c64899..287ac5fec7f1 100644
--- a/contrib/libvhost-user/libvhost-user.h
+++ b/contrib/libvhost-user/libvhost-user.h
@@ -424,7 +424,7 @@ typedef struct VuVirtqElement {
  * @remove_watch: a remove_watch callback
  * @iface: a VuDevIface structure with vhost-user device callbacks
  *
- * Intializes a VuDev vhost-user context.
+ * Initializes a VuDev vhost-user context.
  *
  * Returns: true on success, false on failure.
  **/
-- 
2.26.2

[PULL 12/17] scripts/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the scripts folder.

Signed-off-by: zhaolichang 
Reviewed-by: Peter Maydell 
Message-Id: <20200917075029.313-5-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 scripts/checkpatch.pl  | 2 +-
 scripts/clean-header-guards.pl | 2 +-
 scripts/decodetree.py  | 6 +++---
 scripts/oss-fuzz/build.sh  | 2 +-
 scripts/tracetool/__init__.py  | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index bd3faa154c36..50910899f2ee 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -1870,7 +1870,7 @@ sub process {
substr($s, 0, length($c), '');
 
# Make sure we remove the line prefixes as we have
-   # none on the first line, and are going to readd them
+   # none on the first line, and are going to re-add them
# where necessary.
$s =~ s/\n./\n/gs;
 
diff --git a/scripts/clean-header-guards.pl b/scripts/clean-header-guards.pl
index f47d673ad5c5..a6680253b1fa 100755
--- a/scripts/clean-header-guards.pl
+++ b/scripts/clean-header-guards.pl
@@ -19,7 +19,7 @@
 # Does the following:
 # - Header files without a recognizable header guard are skipped.
 # - Clean up any untidy header guards in-place.  Warn if the cleanup
-#   renames guard symbols, and explain how to find occurences of these
+#   renames guard symbols, and explain how to find occurrences of these
 #   symbols that may have to be updated manually.
 # - Warn about duplicate header guard symbols.  To make full use of
 #   this warning, you should clean up *all* headers in one run.
diff --git a/scripts/decodetree.py b/scripts/decodetree.py
index c02de9865b27..60fd3b5e5f66 100644
--- a/scripts/decodetree.py
+++ b/scripts/decodetree.py
@@ -94,7 +94,7 @@ def str_indent(c):
 
 
 def str_fields(fields):
-"""Return a string uniquely identifing FIELDS"""
+"""Return a string uniquely identifying FIELDS"""
 r = ''
 for n in sorted(fields.keys()):
 r += '_' + n
@@ -814,7 +814,7 @@ def parse_generic(lineno, parent_pat, name, toks):
 arg = None
 fmt = None
 for t in toks:
-# '' gives a format an explcit argument set.
+# '' gives a format an explicit argument set.
 if re.fullmatch(re_arg_ident, t):
 tt = t[1:]
 if arg:
@@ -903,7 +903,7 @@ def parse_generic(lineno, parent_pat, name, toks):
 elif not (is_format and width == 0) and width != insnwidth:
 error(lineno, 'definition has {0} bits'.format(width))
 
-# Do not check for fields overlaping fields; one valid usage
+# Do not check for fields overlapping fields; one valid usage
 # is to be able to duplicate fields via import.
 fieldmask = 0
 for f in flds.values():
diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh
index d16207eb6726..0c3ca9e06f02 100755
--- a/scripts/oss-fuzz/build.sh
+++ b/scripts/oss-fuzz/build.sh
@@ -69,7 +69,7 @@ mkdir -p "$DEST_DIR/lib/"  # Copy the shared libraries here
 
 if ! make "-j$(nproc)" qemu-fuzz-i386; then
 fatal "Build failed. Please specify a compiler with fuzzing support"\
-  "using the \$CC and \$CXX environemnt variables"\
+  "using the \$CC and \$CXX environment variables"\
   "\nFor example: CC=clang CXX=clang++ $0"
 fi
 
diff --git a/scripts/tracetool/__init__.py b/scripts/tracetool/__init__.py
index 3ccfa1e1163d..3ee54be223c6 100644
--- a/scripts/tracetool/__init__.py
+++ b/scripts/tracetool/__init__.py
@@ -34,7 +34,7 @@ def error(*lines):
 def out(*lines, **kwargs):
 """Write a set of output lines.
 
-You can use kwargs as a shorthand for mapping variables when formating all
+You can use kwargs as a shorthand for mapping variables when formatting all
 the strings in lines.
 """
 lines = [ l % kwargs for l in lines ]
-- 
2.26.2

[PULL 04/17] manual: escape backslashes in "parsed-literal" blocks

2020-09-19 Thread Laurent Vivier 
From: Laszlo Ersek 

According to
,
"inline markup is recognized and there is no protection from parsing.
Backslash-escapes may be necessary to prevent unintended parsing".

The qemu(1) manual page (formatted with Sphinx 2.2.2) has several overlong
lines on my system. A stand-alone backslash at EOL serves as line
continuation in a "parsed-literal" block. Therefore, escape the
backslashes that we want to appear as such in the formatted documentation.

Cc: Peter Maydell 
Signed-off-by: Laszlo Ersek 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20200908172111.19072-1-ler...@redhat.com>
Signed-off-by: Laurent Vivier 
---
 docs/system/device-url-syntax.rst.inc |   8 +-
 qemu-options.hx   | 108 +-
 2 files changed, 58 insertions(+), 58 deletions(-)

diff --git a/docs/system/device-url-syntax.rst.inc 
b/docs/system/device-url-syntax.rst.inc
index 88d7a372a748..6f6ec8366b7a 100644
--- a/docs/system/device-url-syntax.rst.inc
+++ b/docs/system/device-url-syntax.rst.inc
@@ -25,8 +25,8 @@ These are specified using a special URL syntax.
 
.. parsed-literal::
 
-  |qemu_system| -iscsi initiator-name=iqn.2001-04.com.example:my-initiator 
\
-   -cdrom iscsi://192.0.2.1/iqn.2001-04.com.example/2 \
+  |qemu_system| -iscsi initiator-name=iqn.2001-04.com.example:my-initiator 
\\
+   -cdrom iscsi://192.0.2.1/iqn.2001-04.com.example/2 \\
-drive file=iscsi://192.0.2.1/iqn.2001-04.com.example/1
 
Example (CHAP username/password via URL):
@@ -39,8 +39,8 @@ These are specified using a special URL syntax.
 
.. parsed-literal::
 
-  LIBISCSI_CHAP_USERNAME="user" \
-  LIBISCSI_CHAP_PASSWORD="password" \
+  LIBISCSI_CHAP_USERNAME="user" \\
+  LIBISCSI_CHAP_PASSWORD="password" \\
   |qemu_system| -drive file=iscsi://192.0.2.1/iqn.2001-04.com.example/1
 
 ``NBD``
diff --git a/qemu-options.hx b/qemu-options.hx
index b0f020594eab..47f64be0c041 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -373,9 +373,9 @@ SRST
 
 .. parsed-literal::
 
-|qemu_system| \
- -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \
- -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \
+|qemu_system| \\
+ -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \\
+ -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \\
  -drive file=/dev/fdset/2,index=0,media=disk
 ERST
 
@@ -1338,9 +1338,9 @@ SRST
 
 .. parsed-literal::
 
-|qemu_system| \
- -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \
- -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \
+|qemu_system| \\
+ -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \\
+ -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \\
  -drive file=/dev/fdset/2,index=0,media=disk
 
 You can connect a CDROM to the slave of ide0:
@@ -2593,7 +2593,7 @@ SRST
 
 .. parsed-literal::
 
-|qemu_system| -hda linux.img -boot n -device e1000,netdev=n1 \
+|qemu_system| -hda linux.img -boot n -device e1000,netdev=n1 \\
 -netdev 
user,id=n1,tftp=/path/to/tftp/files,bootfile=/pxelinux.0
 
 ``smb=dir[,smbserver=addr]``
@@ -2703,15 +2703,15 @@ SRST
 
 #launch a QEMU instance with two NICs, each one connected
 #to a TAP device
-|qemu_system| linux.img \
--netdev tap,id=nd0,ifname=tap0 -device e1000,netdev=nd0 \
+|qemu_system| linux.img \\
+-netdev tap,id=nd0,ifname=tap0 -device e1000,netdev=nd0 \\
 -netdev tap,id=nd1,ifname=tap1 -device rtl8139,netdev=nd1
 
 .. parsed-literal::
 
 #launch a QEMU instance with the default network helper to
 #connect a TAP device to bridge br0
-|qemu_system| linux.img -device virtio-net-pci,netdev=n1 \
+|qemu_system| linux.img -device virtio-net-pci,netdev=n1 \\
 -netdev tap,id=n1,"helper=/path/to/qemu-bridge-helper"
 
 ``-netdev bridge,id=id[,br=bridge][,helper=helper]``
@@ -2749,12 +2749,12 @@ SRST
 .. parsed-literal::
 
 # launch a first QEMU instance
-|qemu_system| linux.img \
- -device e1000,netdev=n1,mac=52:54:00:12:34:56 \
+|qemu_system| linux.img \\
+ -device e1000,netdev=n1,mac=52:54:00:12:34:56 \\
  -netdev socket,id=n1,listen=:1234
 # connect the network of this instance to the network of the first 
instance
-|qemu_system| linux.img \
- -device e1000,netdev=n2,mac=52:54:00:12:34:57 \
+|qemu_system| linux.img \\
+ -device e1000,netdev=n2,mac=52:54:00:12:34:57 \\
  -netdev socket,id=n2,connect=127.0.0.1:1234
 
 ``-netdev socket,id=id[,fd=h][,mcast=maddr:port[,localaddr=addr]]``
@@ -2776,16 +2776,16 @@

[PULL 16/17] qapi/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the qapi folder.

Signed-off-by: zhaolichang 
Reviewed-by: Markus Armbruster 
Message-Id: <20200917075029.313-10-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 qapi/block-core.json | 4 ++--
 qapi/crypto.json | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/qapi/block-core.json b/qapi/block-core.json
index 2d94873ca02c..3c16f1e11d6b 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1795,7 +1795,7 @@
 #
 # @block-backend: corresponds to BlockBackend
 #
-# @block-job: corresonds to BlockJob
+# @block-job: corresponds to BlockJob
 #
 # @block-driver: corresponds to BlockDriverState
 #
@@ -2067,7 +2067,7 @@
 # @target: name of the destination dirty bitmap
 #
 # @bitmaps: name(s) of the source dirty bitmap(s) at @node and/or fully
-#   specifed BlockDirtyBitmap elements. The latter are supported
+#   specified BlockDirtyBitmap elements. The latter are supported
 #   since 4.1.
 #
 # Since: 4.0
diff --git a/qapi/crypto.json b/qapi/crypto.json
index bb7930d33209..2aebe6fa20fd 100644
--- a/qapi/crypto.json
+++ b/qapi/crypto.json
@@ -336,7 +336,7 @@
 # written into added active keyslots
 #
 # @old-secret:Optional (for deactivation only)
-# If given will deactive all keyslots that
+# If given will deactivate all keyslots that
 # match password located in QCryptoSecret with this ID
 #
 # @iter-time: Optional (for activation only)
@@ -354,7 +354,7 @@
 # keyslot to deactivate
 #
 # @secret:Optional. The ID of a QCryptoSecret object providing the
-# password to use to retrive current master key.
+# password to use to retrieve current master key.
 # Defaults to the same secret that was used to open the image
 #
 #
-- 
2.26.2

[PULL 13/17] util/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the util folder.

Signed-off-by: zhaolichang 
Reviewed-by: Alex Bennee 
Message-Id: <20200917075029.313-6-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 util/osdep.c | 2 +-
 util/qemu-progress.c | 2 +-
 util/qemu-sockets.c  | 2 +-
 util/qemu-thread-win32.c | 2 +-
 util/qht.c   | 2 +-
 util/trace-events| 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/util/osdep.c b/util/osdep.c
index 4829c07ff6ed..e50dc2214e36 100644
--- a/util/osdep.c
+++ b/util/osdep.c
@@ -392,7 +392,7 @@ int qemu_unlink(const char *name)
  * Set errno if fewer than `count' bytes are written.
  *
  * This function don't work with non-blocking fd's.
- * Any of the possibilities with non-bloking fd's is bad:
+ * Any of the possibilities with non-blocking fd's is bad:
  *   - return a short write (then name is wrong)
  *   - busy wait adding (errno == EAGAIN) to the loop
  */
diff --git a/util/qemu-progress.c b/util/qemu-progress.c
index 3c2223c1a21c..20d51f8c128b 100644
--- a/util/qemu-progress.c
+++ b/util/qemu-progress.c
@@ -131,7 +131,7 @@ void qemu_progress_end(void)
 /*
  * Report progress.
  * @delta is how much progress we made.
- * If @max is zero, @delta is an absolut value of the total job done.
+ * If @max is zero, @delta is an absolute value of the total job done.
  * Else, @delta is a progress delta since the last call, as a fraction
  * of @max.  I.e. the delta is @delta * @max / 100. This allows
  * relative accounting of functions which may be a different fraction of
diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index b37d288866c5..99ce2fd5e61e 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -416,7 +416,7 @@ static struct addrinfo 
*inet_parse_connect_saddr(InetSocketAddress *saddr,
 
 /* At least FreeBSD and OS-X 10.6 declare AI_V4MAPPED but
  * then don't implement it in their getaddrinfo(). Detect
- * this and retry without the flag since that's preferrable
+ * this and retry without the flag since that's preferable
  * to a fatal error
  */
 if (rc == EAI_BADFLAGS &&
diff --git a/util/qemu-thread-win32.c b/util/qemu-thread-win32.c
index 56a8da6d..d207b0cb5885 100644
--- a/util/qemu-thread-win32.c
+++ b/util/qemu-thread-win32.c
@@ -289,7 +289,7 @@ void qemu_event_wait(QemuEvent *ev)
 ResetEvent(ev->event);
 
 /* Tell qemu_event_set that there are waiters.  No need to retry
- * because there cannot be a concurent busy->free transition.
+ * because there cannot be a concurrent busy->free transition.
  * After the CAS, the event will be either set or busy.
  */
 if (atomic_cmpxchg(>value, EV_FREE, EV_BUSY) == EV_SET) {
diff --git a/util/qht.c b/util/qht.c
index 67e5d5b9163f..b2e020c398d0 100644
--- a/util/qht.c
+++ b/util/qht.c
@@ -49,7 +49,7 @@
  * it anymore.
  *
  * Writers check for concurrent resizes by comparing ht->map before and after
- * acquiring their bucket lock. If they don't match, a resize has occured
+ * acquiring their bucket lock. If they don't match, a resize has occurred
  * while the bucket spinlock was being acquired.
  *
  * Related Work:
diff --git a/util/trace-events b/util/trace-events
index 4e894aa9c38b..24c31803b014 100644
--- a/util/trace-events
+++ b/util/trace-events
@@ -28,7 +28,7 @@ qemu_file_monitor_add_watch(void *mon, const char *dirpath, 
const char *filename
 qemu_file_monitor_remove_watch(void *mon, const char *dirpath, int64_t id) 
"File monitor %p remove watch dir='%s' id=%" PRId64
 qemu_file_monitor_new(void *mon, int fd) "File monitor %p created fd=%d"
 qemu_file_monitor_enable_watch(void *mon, const char *dirpath, int id) "File 
monitor %p enable watch dir='%s' id=%u"
-qemu_file_monitor_disable_watch(void *mon, const char *dirpath, int id) "Fle 
monitor %p disable watch dir='%s' id=%u"
+qemu_file_monitor_disable_watch(void *mon, const char *dirpath, int id) "File 
monitor %p disable watch dir='%s' id=%u"
 qemu_file_monitor_event(void *mon, const char *dirpath, const char *filename, 
int mask, unsigned int id) "File monitor %p event dir='%s' file='%s' mask=0x%x 
id=%u"
 qemu_file_monitor_dispatch(void *mon, const char *dirpath, const char 
*filename, int ev, void *cb, void *opaque, int64_t id) "File monitor %p 
dispatch dir='%s' file='%s' ev=%d cb=%p opaque=%p id=%" PRId64
 
-- 
2.26.2

[PULL 02/17] hw/ppc/ppc4xx_pci: Replace magic value by the PCI_NUM_PINS definition

2020-09-19 Thread Laurent Vivier 
From: Philippe Mathieu-Daudé 

Replace the magic '4' value by the PCI_NUM_PINS definition.

Suggested-by: Cédric Le Goater 
Signed-off-by: Philippe Mathieu-Daudé 
Acked-by: David Gibson 
Reviewed-by: Richard Henderson 
Message-Id: <20200910072325.439344-3-f4...@amsat.org>
Signed-off-by: Laurent Vivier 
---
 hw/ppc/ppc4xx_pci.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/ppc/ppc4xx_pci.c b/hw/ppc/ppc4xx_pci.c
index c24bac96c32f..ca2553bf8b75 100644
--- a/hw/ppc/ppc4xx_pci.c
+++ b/hw/ppc/ppc4xx_pci.c
@@ -56,7 +56,7 @@ struct PPC4xxPCIState {
 
 struct PCIMasterMap pmm[PPC4xx_PCI_NR_PMMS];
 struct PCITargetMap ptm[PPC4xx_PCI_NR_PTMS];
-qemu_irq irq[4];
+qemu_irq irq[PCI_NUM_PINS];
 
 MemoryRegion container;
 MemoryRegion iomem;
-- 
2.26.2

[PULL 09/17] qemu/: fix some comment spelling errors

2020-09-19 Thread Laurent Vivier 
From: zhaolichang 

I found that there are many spelling errors in the comments of qemu,
so I used the spellcheck tool to check the spelling errors
and finally found some spelling errors in the folder.

Signed-off-by: zhaolichang 
Reviewed-by: Alex Bennee 
Message-Id: <20200917075029.313-2-zhaolich...@huawei.com>
Signed-off-by: Laurent Vivier 
---
 Changelog   | 2 +-
 accel/tcg/user-exec.c   | 2 +-
 audio/audio.c   | 2 +-
 block.c | 2 +-
 configure   | 2 +-
 fsdev/virtfs-proxy-helper.c | 2 +-
 hmp-commands.hx | 2 +-
 libdecnumber/decNumber.c| 2 +-
 qemu-img.c  | 2 +-
 qobject/qdict.c | 2 +-
 scsi/pr-manager-helper.c| 2 +-
 11 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/Changelog b/Changelog
index 4a90bb9e8b05..f7e178ccc018 100644
--- a/Changelog
+++ b/Changelog
@@ -241,7 +241,7 @@ version 0.8.0:
 version 0.7.2:
 
   - x86_64 fixes (Win2000 and Linux 2.6 boot in 32 bit)
-  - merge self modifying code handling in dirty ram page mecanism.
+  - merge self modifying code handling in dirty ram page mechanism.
   - MIPS fixes (Ralf Baechle)
   - better user net performances
 
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index bb039eb32d67..5c96819dedd4 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -88,7 +88,7 @@ static inline int handle_cpu_signal(uintptr_t pc, siginfo_t 
*info,
  * use that value directly.  Within cpu_restore_state_from_tb, we
  * assume PC comes from GETPC(), as used by the helper functions,
  * so we adjust the address by -GETPC_ADJ to form an address that
- * is within the call insn, so that the address does not accidentially
+ * is within the call insn, so that the address does not accidentally
  * match the beginning of the next guest insn.  However, when the
  * pc comes from the signal frame it points to the actual faulting
  * host memory insn and not the return from a call insn.
diff --git a/audio/audio.c b/audio/audio.c
index ce8c6dec5f47..1a68cfaafb9f 100644
--- a/audio/audio.c
+++ b/audio/audio.c
@@ -1674,7 +1674,7 @@ static AudioState *audio_init(Audiodev *dev, const char 
*name)
 head = audio_handle_legacy_opts();
 /*
  * In case of legacy initialization, all Audiodevs in the list will 
have
- * the same configuration (except the driver), so it does't matter 
which
+ * the same configuration (except the driver), so it doesn't matter 
which
  * one we chose.  We need an Audiodev to set up AudioState before we 
can
  * init a driver.  Also note that dev at this point is still in the
  * list.
diff --git a/block.c b/block.c
index 9538af488459..11ab55f80b00 100644
--- a/block.c
+++ b/block.c
@@ -2602,7 +2602,7 @@ static void bdrv_replace_child_noperm(BdrvChild *child,
 
 /*
  * Updates @child to change its reference to point to @new_bs, including
- * checking and applying the necessary permisson updates both to the old node
+ * checking and applying the necessary permission updates both to the old node
  * and to @new_bs.
  *
  * NULL is passed as @new_bs for removing the reference before freeing @child.
diff --git a/configure b/configure
index ce27eafb0a9e..c74d79bfbc24 100755
--- a/configure
+++ b/configure
@@ -3411,7 +3411,7 @@ EOF
 xfs="yes"
   else
 if test "$xfs" = "yes" ; then
-  feature_not_found "xfs" "Instal xfsprogs/xfslibs devel"
+  feature_not_found "xfs" "Install xfsprogs/xfslibs devel"
 fi
 xfs=no
   fi
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index de061a8a0eaa..15c0e79b067b 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -518,7 +518,7 @@ static void statfs_to_prstatfs(ProxyStatFS *pr_stfs, struct 
statfs *stfs)
 
 /*
  * Gets stat/statfs information and packs in out_iovec structure
- * on success returns number of bytes packed in out_iovec struture
+ * on success returns number of bytes packed in out_iovec structure
  * otherwise returns -errno
  */
 static int do_stat(int type, struct iovec *iovec, struct iovec *out_iovec)
diff --git a/hmp-commands.hx b/hmp-commands.hx
index 60f395c276d9..27c4bbe0f2fc 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -1267,7 +1267,7 @@ ERST
 },
 SRST
 ``drive_backup``
-  Start a point-in-time copy of a block device to a specificed target.
+  Start a point-in-time copy of a block device to a specified target.
 ERST
 
 {
diff --git a/libdecnumber/decNumber.c b/libdecnumber/decNumber.c
index 8c197023f456..1ffe458ad837 100644
--- a/libdecnumber/decNumber.c
+++ b/libdecnumber/decNumber.c
@@ -5626,7 +5626,7 @@ static const uShort LNnn[90] = {
 /*would certainly save at least one if it were made ten times */
 /*bigger, too (for truncated fractions 0.100 through 0.999).  */
 /*However, for most practical evaluations, at least four or

[PULL 06/17] hw/timer/hpet: Remove unused functions hpet_ram_readb, hpet_ram_readw

2020-09-19 Thread Laurent Vivier 
From: Dov Murik 

Fix compiler error about defined but not used functions when compiling
with -DHPET_DEBUG by deleting the unused debug functions hpet_ram_readb
and hpet_ram_readw.

Signed-off-by: Dov Murik 
Reviewed-by: Philippe Mathieu-Daudé 
Message-Id: <20200909083650.46771-2-dovmu...@linux.vnet.ibm.com>
Signed-off-by: Laurent Vivier 
---
 hw/timer/hpet.c | 14 --
 1 file changed, 14 deletions(-)

diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c
index 44bbe3a5361e..07ff82b33358 100644
--- a/hw/timer/hpet.c
+++ b/hw/timer/hpet.c
@@ -419,20 +419,6 @@ static void hpet_del_timer(HPETTimer *t)
 update_irq(t, 0);
 }
 
-#ifdef HPET_DEBUG
-static uint32_t hpet_ram_readb(void *opaque, hwaddr addr)
-{
-printf("qemu: hpet_read b at %" PRIx64 "\n", addr);
-return 0;
-}
-
-static uint32_t hpet_ram_readw(void *opaque, hwaddr addr)
-{
-printf("qemu: hpet_read w at %" PRIx64 "\n", addr);
-return 0;
-}
-#endif
-
 static uint64_t hpet_ram_read(void *opaque, hwaddr addr,
   unsigned size)
 {
-- 
2.26.2

[PULL 03/17] ui/spice-input: Remove superfluous forward declaration

2020-09-19 Thread Laurent Vivier 
From: Philippe Mathieu-Daudé 

We only need to forward-declare kbd_push_key() and kbd_get_leds()
which are used in kbd_interface, not kbd_leds(). Remove this
superfluous forward declaration.

Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Laurent Vivier 
Message-Id: <20200909171145.350360-1-f4...@amsat.org>
Signed-off-by: Laurent Vivier 
---
 ui/spice-input.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/ui/spice-input.c b/ui/spice-input.c
index d5bba231c95c..21990fa9962b 100644
--- a/ui/spice-input.c
+++ b/ui/spice-input.c
@@ -36,7 +36,6 @@ typedef struct QemuSpiceKbd {
 
 static void kbd_push_key(SpiceKbdInstance *sin, uint8_t frag);
 static uint8_t kbd_get_leds(SpiceKbdInstance *sin);
-static void kbd_leds(void *opaque, int l);
 
 static const SpiceKbdInterface kbd_interface = {
 .base.type  = SPICE_INTERFACE_KEYBOARD,
-- 
2.26.2

[PULL 01/17] hw/gpio/max7310: Remove impossible check

2020-09-19 Thread Laurent Vivier 
From: Philippe Mathieu-Daudé 

The max7310_gpio_set() handler is static and only used by
qdev_init_gpio_in, initialized with 8 IRQs. The 'line'
argument can not be out of the [0-8[ range.
Replace the dead code by an assertion.

Suggested-by: Peter Maydell 
Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <20200910072325.439344-2-f4...@amsat.org>
Signed-off-by: Laurent Vivier 
---
 hw/gpio/max7310.c | 5 +
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/hw/gpio/max7310.c b/hw/gpio/max7310.c
index 2888d071ac6b..de375892ef11 100644
--- a/hw/gpio/max7310.c
+++ b/hw/gpio/max7310.c
@@ -8,9 +8,7 @@
  */
 
 #include "qemu/osdep.h"
-#include "hw/hw.h"
 #include "hw/i2c/i2c.h"
-#include "hw/hw.h"
 #include "hw/irq.h"
 #include "migration/vmstate.h"
 #include "qemu/log.h"
@@ -175,8 +173,7 @@ static const VMStateDescription vmstate_max7310 = {
 static void max7310_gpio_set(void *opaque, int line, int level)
 {
 MAX7310State *s = (MAX7310State *) opaque;
-if (line >= ARRAY_SIZE(s->handler) || line  < 0)
-hw_error("bad GPIO line");
+assert(line >= 0 && line < ARRAY_SIZE(s->handler));
 
 if (level)
 s->level |= s->direction & (1 << line);
-- 
2.26.2

[PULL 05/17] meson: remove empty else and duplicated gio deps

2020-09-19 Thread Laurent Vivier 
From: Yonggang Luo 

Signed-off-by: Yonggang Luo 
Reviewed-by: Daniel P. Berrangé 
Reviewed-by: Thomas Huth 
Message-Id: <20200915171234.236-14-luoyongg...@gmail.com>
Signed-off-by: Laurent Vivier 
---
 meson.build | 6 --
 1 file changed, 6 deletions(-)

diff --git a/meson.build b/meson.build
index bba766b4bc66..f4d1ab109680 100644
--- a/meson.build
+++ b/meson.build
@@ -317,7 +317,6 @@ opengl = not_found
 if 'CONFIG_OPENGL' in config_host
   opengl = declare_dependency(compile_args: 
config_host['OPENGL_CFLAGS'].split(),
   link_args: config_host['OPENGL_LIBS'].split())
-else
 endif
 gtk = not_found
 if 'CONFIG_GTK' in config_host
@@ -344,11 +343,6 @@ if 'CONFIG_ICONV' in config_host
   iconv = declare_dependency(compile_args: config_host['ICONV_CFLAGS'].split(),
  link_args: config_host['ICONV_LIBS'].split())
 endif
-gio = not_found
-if 'CONFIG_GIO' in config_host
-  gio = declare_dependency(compile_args: config_host['GIO_CFLAGS'].split(),
-   link_args: config_host['GIO_LIBS'].split())
-endif
 vnc = not_found
 png = not_found
 jpeg = not_found
-- 
2.26.2

[PULL 00/17] Trivial branch for 5.2 patches

2020-09-19 Thread Laurent Vivier 
The following changes since commit de39a045bd8d2b49e4f3d07976622c29d58e0bac:

  Merge remote-tracking branch 'remotes/kraxel/tags/vga-20200915-pull-request=
' into staging (2020-09-15 14:25:05 +0100)

are available in the Git repository at:

  git://github.com/vivier/qemu.git tags/trivial-branch-for-5.2-pull-request

for you to fetch changes up to 639b090df52a4952262615328a3fdfae81234ea8:

  contrib/: fix some comment spelling errors (2020-09-17 20:41:44 +0200)


Pull request trivial patches 20200919



Dov Murik (2):
  hw/timer/hpet: Remove unused functions hpet_ram_readb, hpet_ram_readw
  hw/timer/hpet: Fix debug format strings

Laszlo Ersek (1):
  manual: escape backslashes in "parsed-literal" blocks

Philippe Mathieu-Daud=C3=A9 (4):
  hw/gpio/max7310: Remove impossible check
  hw/ppc/ppc4xx_pci: Replace magic value by the PCI_NUM_PINS definition
  ui/spice-input: Remove superfluous forward declaration
  scripts/git.orderfile: Display meson files along with buildsys ones

Yonggang Luo (1):
  meson: remove empty else and duplicated gio deps

zhaolichang (9):
  qemu/: fix some comment spelling errors
  migration/: fix some comment spelling errors
  docs/: fix some comment spelling errors
  scripts/: fix some comment spelling errors
  util/: fix some comment spelling errors
  linux-user/: fix some comment spelling errors
  disas/: fix some comment spelling errors
  qapi/: fix some comment spelling errors
  contrib/: fix some comment spelling errors

 Changelog|   2 +-
 accel/tcg/user-exec.c|   2 +-
 audio/audio.c|   2 +-
 block.c  |   2 +-
 configure|   2 +-
 contrib/gitdm/filetypes.txt  |   6 +-
 contrib/ivshmem-client/ivshmem-client.h  |   2 +-
 contrib/libvhost-user/libvhost-user.c|   4 +-
 contrib/libvhost-user/libvhost-user.h|   2 +-
 disas/hppa.c |   2 +-
 disas/m68k.c |   8 +-
 disas/ppc.c  |   2 +-
 docs/COLO-FT.txt |   6 +-
 docs/devel/blkdebug.txt  |   2 +-
 docs/devel/migration.rst |   2 +-
 docs/devel/testing.rst   |   2 +-
 docs/devel/tracing.txt   |   2 +-
 docs/interop/bitmaps.rst |   2 +-
 docs/interop/dbus.rst|   4 +-
 docs/interop/nbd.txt |   2 +-
 docs/interop/vhost-user-gpu.rst  |   2 +-
 docs/interop/vhost-user.rst  |   4 +-
 docs/rdma.txt|   2 +-
 docs/specs/ppc-spapr-hotplug.txt |   4 +-
 docs/specs/ppc-spapr-xive.rst|   4 +-
 docs/system/arm/aspeed.rst   |   2 +-
 docs/system/deprecated.rst   |   8 +-
 docs/system/device-url-syntax.rst.inc|   8 +-
 docs/system/target-avr.rst   |   4 +-
 docs/tools/virtiofsd.rst |   2 +-
 fsdev/virtfs-proxy-helper.c  |   2 +-
 hmp-commands.hx  |   2 +-
 hw/gpio/max7310.c|   5 +-
 hw/ppc/ppc4xx_pci.c  |   2 +-
 hw/timer/hpet.c  |  27 ++
 libdecnumber/decNumber.c |   2 +-
 linux-user/aarch64/signal.c  |   2 +-
 linux-user/cris/target_syscall.h |   4 +-
 linux-user/flat.h|   2 +-
 linux-user/flatload.c|   4 +-
 linux-user/host/ppc64/safe-syscall.inc.S |   2 +-
 linux-user/syscall.c |   4 +-
 meson.build  |   6 --
 migration/colo-failover.c|   2 +-
 migration/colo.c |   2 +-
 migration/multifd.c  |   4 +-
 migration/postcopy-ram.c |   4 +-
 migration/postcopy-ram.h |   2 +-
 migration/ram.c  |  10 +--
 migration/rdma.c |   8 +-
 migration/savevm.c   |   4 +-
 qapi/block-core.json |   4 +-
 qapi/crypto.json |   4 +-
 qemu-img.c   |   2 +-
 qemu-options.hx  | 108 +++
 qobject/qdict.c  |   2 +-
 scripts/checkpatch.pl|   2 +-
 scripts/clean-header-guards.pl   |   2 +-
 scripts/decodetree.py|   6 +-
 scripts/git.orderfile|   1 +
 scripts/oss-fuzz/build.sh|   2 +-
 scripts/tracetool/__init__.py|   2 +-
 scsi/pr-manager-helper.c |   2 +-
 ui/spice-input.c |   1 -
 util/osdep.c |   2 +-
 util/qemu-progress.c |

Re: [PATCH] hw/ssi/npcm7xx_fiu: Fix handling of unsigned integer

2020-09-19 Thread Havard Skinnemoen 
On Sat, Sep 19, 2020 at 6:24 AM Philippe Mathieu-Daudé  wrote:
>
> Fix integer handling issues handling issue reported by Coverity:
>
>   hw/ssi/npcm7xx_fiu.c: 162 in npcm7xx_fiu_flash_read()
>   >>> CID 1432730:  Integer handling issues  (NEGATIVE_RETURNS)
>   >>> "npcm7xx_fiu_cs_index(fiu, f)" is passed to a parameter that cannot 
> be negative.
>   162 npcm7xx_fiu_select(fiu, npcm7xx_fiu_cs_index(fiu, f));
>
>   hw/ssi/npcm7xx_fiu.c: 221 in npcm7xx_fiu_flash_write()
>   218 cs_id = npcm7xx_fiu_cs_index(fiu, f);
>   219 trace_npcm7xx_fiu_flash_write(DEVICE(fiu)->canonical_path, 
> cs_id, addr,
>   220   size, v);
>   >>> CID 1432729:  Integer handling issues  (NEGATIVE_RETURNS)
>   >>> "cs_id" is passed to a parameter that cannot be negative.
>   221 npcm7xx_fiu_select(fiu, cs_id);
>
> Since the index of the flash can not be negative, return an
> unsigned type.
>
> Reported-by: Coverity (CID 1432729 & 1432730: NEGATIVE_RETURNS)
> Signed-off-by: Philippe Mathieu-Daudé 

Reviewed-by: Havard Skinnemoen 

Thanks!

> ---
>  hw/ssi/npcm7xx_fiu.c | 12 ++--
>  hw/ssi/trace-events  |  2 +-
>  2 files changed, 7 insertions(+), 7 deletions(-)
>
> diff --git a/hw/ssi/npcm7xx_fiu.c b/hw/ssi/npcm7xx_fiu.c
> index 104e8f2b963..5040132b074 100644
> --- a/hw/ssi/npcm7xx_fiu.c
> +++ b/hw/ssi/npcm7xx_fiu.c
> @@ -103,7 +103,8 @@ enum NPCM7xxFIURegister {
>   * Returns the index of flash in the fiu->flash array. This corresponds to 
> the
>   * chip select ID of the flash.
>   */
> -static int npcm7xx_fiu_cs_index(NPCM7xxFIUState *fiu, NPCM7xxFIUFlash *flash)
> +static unsigned npcm7xx_fiu_cs_index(NPCM7xxFIUState *fiu,
> + NPCM7xxFIUFlash *flash)
>  {
>  int index = flash - fiu->flash;
>
> @@ -113,20 +114,19 @@ static int npcm7xx_fiu_cs_index(NPCM7xxFIUState *fiu, 
> NPCM7xxFIUFlash *flash)
>  }
>
>  /* Assert the chip select specified in the UMA Control/Status Register. */
> -static void npcm7xx_fiu_select(NPCM7xxFIUState *s, int cs_id)
> +static void npcm7xx_fiu_select(NPCM7xxFIUState *s, unsigned cs_id)
>  {
>  trace_npcm7xx_fiu_select(DEVICE(s)->canonical_path, cs_id);
>
>  if (cs_id < s->cs_count) {
>  qemu_irq_lower(s->cs_lines[cs_id]);
> +s->active_cs = cs_id;
>  } else {
>  qemu_log_mask(LOG_GUEST_ERROR,
>"%s: UMA to CS%d; this module has only %d chip 
> selects",
>DEVICE(s)->canonical_path, cs_id, s->cs_count);
> -cs_id = -1;
> +s->active_cs = -1;
>  }
> -
> -s->active_cs = cs_id;
>  }
>
>  /* Deassert the currently active chip select. */
> @@ -206,7 +206,7 @@ static void npcm7xx_fiu_flash_write(void *opaque, hwaddr 
> addr, uint64_t v,
>  NPCM7xxFIUFlash *f = opaque;
>  NPCM7xxFIUState *fiu = f->fiu;
>  uint32_t dwr_cfg;
> -int cs_id;
> +unsigned cs_id;
>  int i;
>
>  if (fiu->active_cs != -1) {
> diff --git a/hw/ssi/trace-events b/hw/ssi/trace-events
> index 2f83ef833fb..612d3d6087a 100644
> --- a/hw/ssi/trace-events
> +++ b/hw/ssi/trace-events
> @@ -19,4 +19,4 @@ npcm7xx_fiu_deselect(const char *id, int cs) "%s deselect 
> CS%d"
>  npcm7xx_fiu_ctrl_read(const char *id, uint64_t addr, uint32_t data) "%s 
> offset: 0x%04" PRIx64 " value: 0x%08" PRIx32
>  npcm7xx_fiu_ctrl_write(const char *id, uint64_t addr, uint32_t data) "%s 
> offset: 0x%04" PRIx64 " value: 0x%08" PRIx32
>  npcm7xx_fiu_flash_read(const char *id, int cs, uint64_t addr, unsigned int 
> size, uint64_t value) "%s[%d] offset: 0x%08" PRIx64 " size: %u value: 0x%" 
> PRIx64
> -npcm7xx_fiu_flash_write(const char *id, int cs, uint64_t addr, unsigned int 
> size, uint64_t value) "%s[%d] offset: 0x%08" PRIx64 " size: %u value: 0x%" 
> PRIx64
> +npcm7xx_fiu_flash_write(const char *id, unsigned cs, uint64_t addr, unsigned 
> int size, uint64_t value) "%s[%d] offset: 0x%08" PRIx64 " size: %u value: 
> 0x%" PRIx64
> --
> 2.26.2
>

[PULL 57/57] meson: fix installation of keymaps

2020-09-19 Thread Paolo Bonzini 
From: Anthony PERARD 

Signed-off-by: Anthony PERARD 

Message-Id: <20200918130354.1879275-1-anthony.per...@citrix.com>
Signed-off-by: Paolo Bonzini 
---
 pc-bios/keymaps/meson.build | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pc-bios/keymaps/meson.build b/pc-bios/keymaps/meson.build
index 2e2e0dfa3b..05eda6c0d2 100644
--- a/pc-bios/keymaps/meson.build
+++ b/pc-bios/keymaps/meson.build
@@ -47,6 +47,7 @@ foreach km, args: keymaps
build_by_default: true,
output: km,
command: [native_qemu_keymap, '-f', '@OUTPUT@', 
args.split()],
+   install: true,
install_dir: qemu_datadir / 'keymaps')
   else
 # copy from source tree
@@ -55,6 +56,7 @@ foreach km, args: keymaps
input: km,
output: km,
command: ['cp', '@INPUT@', '@OUTPUT@'],
+   install: true,
install_dir: qemu_datadir / 'keymaps')
   endif
 endforeach
-- 
2.26.2

Re: [PATCH v5 0/4] Fixes curses on msys2/mingw

2020-09-19 Thread Yonggang Luo 
On Sat, Sep 19, 2020 at 11:03 PM Paolo Bonzini  wrote:
>
> On 18/09/20 18:10, 罗勇刚(Yonggang Luo) wrote:
> >
> >> Yonggang Luo (4):
> >>   curses: Fixes compiler error that complain don't have langinfo.h on
> >> msys2/mingw
> >>   curses: Fixes curses compiling errors.
> >>   win32: Simplify gmtime_r detection not depends on if  _POSIX_C_SOURCE
> >> are defined on msys2/mingw
> >>   configure: Fixes ncursesw detection under msys2/mingw by convert them
> >> to meson
>
> Hi, patches 1-3 are okay, but for patch 4 I think it's better to wait
> for Meson 0.56 which will likely embed all the magic needed to test
> curses (https://github.com/mesonbuild/meson/pull/7757).
>
> Paolo
>
Wonderfull, I think there is no need fixing configure anymore, so I convert
it to meson

Waiting https://github.com/mesonbuild/meson/pull/7757 to be merged.
In deed when I convert to meson, I am facing a problem that
DNCURSES_WIDECHAR  can not be tested with the library.

--
 此致
礼
罗勇刚
Yours
sincerely,
Yonggang Luo

[PULL 51/57] qga: relocate path to default configuration and hook

2020-09-19 Thread Paolo Bonzini 
Signed-off-by: Paolo Bonzini 
---
 qga/main.c | 8 +---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/qga/main.c b/qga/main.c
index 3febf3b0fd..740f5f7303 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -29,6 +29,7 @@
 #include "qapi/error.h"
 #include "channel.h"
 #include "qemu/bswap.h"
+#include "qemu/cutils.h"
 #include "qemu/help_option.h"
 #include "qemu/sockets.h"
 #include "qemu/systemd.h"
@@ -968,7 +969,7 @@ static void config_load(GAConfig *config)
 {
 GError *gerr = NULL;
 GKeyFile *keyfile;
-const char *conf = g_getenv("QGA_CONF") ?: QGA_CONF_DEFAULT;
+g_autofree char *conf = g_strdup(g_getenv("QGA_CONF")) ?: 
get_relocated_path(QGA_CONF_DEFAULT);
 
 /* read system config */
 keyfile = g_key_file_new();
@@ -1027,7 +1028,7 @@ end:
 if (gerr &&
 !(gerr->domain == G_FILE_ERROR && gerr->code == G_FILE_ERROR_NOENT)) {
 g_critical("error loading configuration from path: %s, %s",
-   QGA_CONF_DEFAULT, gerr->message);
+   conf, gerr->message);
 exit(EXIT_FAILURE);
 }
 g_clear_error();
@@ -1141,7 +1142,7 @@ static void config_parse(GAConfig *config, int argc, char 
**argv)
 #ifdef CONFIG_FSFREEZE
 case 'F':
 g_free(config->fsfreeze_hook);
-config->fsfreeze_hook = g_strdup(optarg ?: 
QGA_FSFREEZE_HOOK_DEFAULT);
+config->fsfreeze_hook = optarg ? g_strdup(optarg) : 
get_relocated_path(QGA_FSFREEZE_HOOK_DEFAULT);
 break;
 #endif
 case 't':
@@ -1463,6 +1464,7 @@ int main(int argc, char **argv)
 
 config->log_level = G_LOG_LEVEL_ERROR | G_LOG_LEVEL_CRITICAL;
 
+qemu_init_exec_dir(argv[0]);
 qga_qmp_init_marshal(_commands);
 
 init_dfl_pathnames();
-- 
2.26.2

[PULL 38/57] meson: qtest: set "depends" correctly

2020-09-19 Thread Paolo Bonzini 
This does not have any effect on Meson's behavior itself, since "meson test"
always rebuilds everything (that is one reason why we are not using it...).
However, mtest2make can use this information to do a selective rebuild
for the requested suite.

Cc: Thomas Huth 
Signed-off-by: Paolo Bonzini 
---
 meson.build | 7 ---
 tests/qtest/meson.build | 2 ++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/meson.build b/meson.build
index 848223778d..f5c9c04e40 100644
--- a/meson.build
+++ b/meson.build
@@ -1094,7 +1094,7 @@ common_all = static_library('common',
 
 feature_to_c = find_program('scripts/feature_to_c.sh')
 
-emulators = []
+emulators = {}
 foreach target : target_dirs
   config_target = config_target_mak[target]
   target_name = config_target['TARGET_NAME']
@@ -1213,7 +1213,8 @@ foreach target : target_dirs
 }]
   endif
   foreach exe: execs
-emulators += executable(exe['name'], exe['sources'],
+emulators += {exe['name']:
+ executable(exe['name'], exe['sources'],
install: true,
c_args: c_args,
dependencies: arch_deps + deps + exe['dependencies'],
@@ -1222,6 +1223,7 @@ foreach target : target_dirs
link_depends: [block_syms, qemu_syms] + exe.get('link_depends', 
[]),
link_args: link_args,
gui_app: exe['gui'])
+}
 
 if 'CONFIG_TRACE_SYSTEMTAP' in config_host
   foreach stp: [
@@ -1267,7 +1269,6 @@ if xkbcommon.found()
dependencies: [qemuutil, xkbcommon], install: 
have_tools)
 endif
 
-qemu_block_tools = []
 if have_tools
   qemu_img = executable('qemu-img', [files('qemu-img.c'), hxdep],
  dependencies: [authz, block, crypto, io, qom, qemuutil], install: 
true)
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
index 874b5be62b..359a6cde64 100644
--- a/tests/qtest/meson.build
+++ b/tests/qtest/meson.build
@@ -228,6 +228,7 @@ foreach dir : target_dirs
   endif
 
   target_base = dir.split('-')[0]
+  qtest_emulator = emulators['qemu-system-' + target_base]
   qtests = get_variable('qtests_' + target_base, []) + qtests_generic
 
   qtest_env = environment()
@@ -248,6 +249,7 @@ foreach dir : target_dirs
 # FIXME: missing dependency on the emulator binary and qemu-img
 test('qtest-@0@: @1@'.format(target_base, test),
  qtest_executables[test],
+ depends: [qemu_img, qtest_emulator],
  env: qtest_env,
  args: ['--tap', '-k'],
  protocol: 'tap',
-- 
2.26.2

[PULL 41/57] oslib: do not call g_strdup from qemu_get_exec_dir

2020-09-19 Thread Paolo Bonzini 
Just return the directory without requiring the caller to free it.
This also removes a bogus check for NULL in os_find_datadir and
module_load_one; g_strdup of a static variable cannot return NULL.

Signed-off-by: Paolo Bonzini 
---
 include/qemu/osdep.h|  8 ++--
 os-posix.c  |  6 +-
 os-win32.c  |  2 +-
 tests/qtest/fuzz/fuzz.c |  4 ++--
 util/module.c   |  7 +--
 util/oslib-posix.c  |  8 +---
 util/oslib-win32.c  | 12 
 7 files changed, 20 insertions(+), 27 deletions(-)

diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 412962d91a..db2cfffaff 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -590,12 +590,8 @@ char *qemu_get_local_state_pathname(const char 
*relative_pathname);
  * Try OS specific API first, if not working, parse from argv0. */
 void qemu_init_exec_dir(const char *argv0);
 
-/* Get the saved exec dir.
- *
- * The caller is responsible for releasing the value returned with g_free()
- * after use.
- */
-char *qemu_get_exec_dir(void);
+/* Get the saved exec dir.  */
+const char *qemu_get_exec_dir(void);
 
 /**
  * qemu_getauxval:
diff --git a/os-posix.c b/os-posix.c
index bf98508b6d..8d8e7fc15c 100644
--- a/os-posix.c
+++ b/os-posix.c
@@ -90,13 +90,9 @@ void os_setup_signal_handling(void)
  */
 char *os_find_datadir(void)
 {
-g_autofree char *exec_dir = NULL;
 g_autofree char *dir = NULL;
 
-exec_dir = qemu_get_exec_dir();
-g_return_val_if_fail(exec_dir != NULL, NULL);
-
-dir = g_build_filename(exec_dir, "pc-bios", NULL);
+dir = g_build_filename(qemu_get_exec_dir(), "pc-bios", NULL);
 if (g_file_test(dir, G_FILE_TEST_IS_DIR)) {
 return g_steal_pointer();
 }
diff --git a/os-win32.c b/os-win32.c
index c9c3afe648..eb8501b9e5 100644
--- a/os-win32.c
+++ b/os-win32.c
@@ -65,7 +65,7 @@ void os_setup_early_signal_handling(void)
  */
 char *os_find_datadir(void)
 {
-return qemu_get_exec_dir();
+return g_strdup(qemu_get_exec_dir());
 }
 
 void os_set_line_buffering(void)
diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c
index 1ceea84702..e906ef9efa 100644
--- a/tests/qtest/fuzz/fuzz.c
+++ b/tests/qtest/fuzz/fuzz.c
@@ -143,7 +143,8 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char 
***envp)
 {
 
 char *target_name;
-char *bindir, *datadir;
+const char *bindir;
+char *datadir;
 bool serialize = false;
 
 /* Initialize qgraph and modules */
@@ -166,7 +167,6 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char 
***envp)
  */
 bindir = g_path_get_dirname(**argv);
 datadir = g_build_filename(bindir, "pc-bios", NULL);
-g_free(bindir);
 if (g_file_test(datadir, G_FILE_TEST_IS_DIR)) {
 qemu_add_data_dir(datadir);
 }
diff --git a/util/module.c b/util/module.c
index 34772e7d87..9ffe83bb32 100644
--- a/util/module.c
+++ b/util/module.c
@@ -172,7 +172,6 @@ bool module_load_one(const char *prefix, const char 
*lib_name)
 
 #ifdef CONFIG_MODULES
 char *fname = NULL;
-char *exec_dir;
 #ifdef CONFIG_MODULE_UPGRADES
 char *version_dir;
 #endif
@@ -199,13 +198,12 @@ bool module_load_one(const char *prefix, const char 
*lib_name)
 return true;
 }
 
-exec_dir = qemu_get_exec_dir();
 search_dir = getenv("QEMU_MODULE_DIR");
 if (search_dir != NULL) {
 dirs[n_dirs++] = g_strdup_printf("%s", search_dir);
 }
 dirs[n_dirs++] = g_strdup_printf("%s", CONFIG_QEMU_MODDIR);
-dirs[n_dirs++] = g_strdup_printf("%s", exec_dir ? : "");
+dirs[n_dirs++] = g_strdup(qemu_get_exec_dir());
 
 #ifdef CONFIG_MODULE_UPGRADES
 version_dir = g_strcanon(g_strdup(QEMU_PKGVERSION),
@@ -216,9 +214,6 @@ bool module_load_one(const char *prefix, const char 
*lib_name)
 
 assert(n_dirs <= ARRAY_SIZE(dirs));
 
-g_free(exec_dir);
-exec_dir = NULL;
-
 for (i = 0; i < n_dirs; i++) {
 fname = g_strdup_printf("%s/%s%s",
 dirs[i], module_name, CONFIG_HOST_DSOSUF);
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index ad8001a4ad..0dd8d24076 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -366,7 +366,9 @@ void qemu_init_exec_dir(const char *argv0)
 char *p = NULL;
 char buf[PATH_MAX];
 
-assert(!exec_dir[0]);
+if (exec_dir[0]) {
+return;
+}
 
 #if defined(__linux__)
 {
@@ -439,9 +441,9 @@ void qemu_init_exec_dir(const char *argv0)
 g_free(dir);
 }
 
-char *qemu_get_exec_dir(void)
+const char *qemu_get_exec_dir(void)
 {
-return g_strdup(exec_dir);
+return exec_dir;
 }
 
 static void sigbus_handler(int signal)
diff --git a/util/oslib-win32.c b/util/oslib-win32.c
index c654dafd93..1a33912944 100644
--- a/util/oslib-win32.c
+++ b/util/oslib-win32.c
@@ -315,7 +315,7 @@ void qemu_set_tty_echo(int fd, bool echo)
 }
 }
 
-static char exec_dir[PATH_MAX];
+static char *exec_dir;
 
 void qemu_init_exec_dir(const char *argv0)
 {
@@ -324,6 +324,10 @@ void

[PULL 54/57] hw/i386/q35: Remove unreachable Xen code on Q35 machine

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

Xen accelerator requires specific changes to a machine to be able
to use it. See for example the 'Xen PC' machine configure its PCI
bus calling pc_xen_hvm_init_pci(). There is no 'Xen Q35' machine
declared. This code was probably added while introducing the Q35
machine, based on the existing PC machine (see commit df2d8b3ed4
"Introduce q35 pc based chipset emulator"). Remove the unreachable
code to simplify this file.

Signed-off-by: Philippe Mathieu-Daudé 
Acked-by: Anthony PERARD 
Message-Id: <20200722082517.18708-1-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 hw/i386/pc_q35.c | 13 ++---
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 4a37bc3e6d..aa4b6c8e30 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -34,9 +34,7 @@
 #include "sysemu/arch_init.h"
 #include "hw/i2c/smbus_eeprom.h"
 #include "hw/rtc/mc146818rtc.h"
-#include "hw/xen/xen.h"
 #include "sysemu/kvm.h"
-#include "sysemu/xen.h"
 #include "hw/kvm/clock.h"
 #include "hw/pci-host/q35.h"
 #include "hw/qdev-properties.h"
@@ -179,10 +177,6 @@ static void pc_q35_init(MachineState *machine)
 x86ms->below_4g_mem_size = machine->ram_size;
 }
 
-if (xen_enabled()) {
-xen_hvm_init(pcms, _memory);
-}
-
 x86_cpus_init(x86ms, pcmc->default_cpu_version);
 
 kvmclock_create();
@@ -208,10 +202,7 @@ static void pc_q35_init(MachineState *machine)
 }
 
 /* allocate ram and load rom/bios */
-if (!xen_enabled()) {
-pc_memory_init(pcms, get_system_memory(),
-   rom_memory, _memory);
-}
+pc_memory_init(pcms, get_system_memory(), rom_memory, _memory);
 
 /* create pci host bus */
 q35_host = Q35_HOST_DEVICE(qdev_new(TYPE_Q35_HOST_DEVICE));
@@ -271,7 +262,7 @@ static void pc_q35_init(MachineState *machine)
 
 assert(pcms->vmport != ON_OFF_AUTO__MAX);
 if (pcms->vmport == ON_OFF_AUTO_AUTO) {
-pcms->vmport = xen_enabled() ? ON_OFF_AUTO_OFF : ON_OFF_AUTO_ON;
+pcms->vmport = ON_OFF_AUTO_ON;
 }
 
 /* init basic PC hardware */
-- 
2.26.2

[PULL 36/57] configure: move cocoa option to Meson

2020-09-19 Thread Paolo Bonzini 
While detection of the framework was already there, moving
the option allows for better error reporting.

Reported-by: Christophe de Dinechin 
Reviewed-by: Richard Henderson 
Signed-off-by: Paolo Bonzini 
---
 configure | 17 +++--
 meson.build   |  9 +++--
 meson_options.txt |  2 ++
 ui/meson.build|  2 +-
 4 files changed, 17 insertions(+), 13 deletions(-)

diff --git a/configure b/configure
index f4499f52a4..96446e10b0 100755
--- a/configure
+++ b/configure
@@ -448,7 +448,7 @@ bsd="no"
 linux="no"
 solaris="no"
 profiler="no"
-cocoa="no"
+cocoa="auto"
 softmmu="yes"
 linux_user="no"
 bsd_user="no"
@@ -868,7 +868,7 @@ Darwin)
 QEMU_CFLAGS="-arch x86_64 $QEMU_CFLAGS"
 QEMU_LDFLAGS="-arch x86_64 $QEMU_LDFLAGS"
   fi
-  cocoa="yes"
+  cocoa="enabled"
   audio_drv_list="coreaudio try-sdl"
   audio_possible_drivers="coreaudio sdl"
   QEMU_LDFLAGS="-framework CoreFoundation -framework IOKit $QEMU_LDFLAGS"
@@ -1239,10 +1239,10 @@ for opt do
   ;;
   --enable-profiler) profiler="yes"
   ;;
-  --disable-cocoa) cocoa="no"
+  --disable-cocoa) cocoa="disabled"
   ;;
   --enable-cocoa)
-  cocoa="yes" ;
+  cocoa="enabled" ;
   audio_drv_list="coreaudio $(echo $audio_drv_list | sed s,coreaudio,,g)"
   ;;
   --disable-system) softmmu="no"
@@ -2387,8 +2387,8 @@ fi
 # cocoa implies not SDL or GTK
 # (the cocoa UI code currently assumes it is always the active UI
 # and doesn't interact well with other UI frontend code)
-if test "$cocoa" = "yes"; then
-if test "$sdl" = "yes"; then
+if test "$cocoa" = "enabled"; then
+if test "$sdl" = "enabled"; then
 error_exit "Cocoa and SDL UIs cannot both be enabled at once"
 fi
 if test "$gtk" = "yes"; then
@@ -6552,9 +6552,6 @@ if test "$have_x11" = "yes" && test "$need_x11" = "yes"; 
then
   echo "X11_CFLAGS=$x11_cflags" >> $config_host_mak
   echo "X11_LIBS=$x11_libs" >> $config_host_mak
 fi
-if test "$cocoa" = "yes" ; then
-  echo "CONFIG_COCOA=y" >> $config_host_mak
-fi
 if test "$iconv" = "yes" ; then
   echo "CONFIG_ICONV=y" >> $config_host_mak
   echo "ICONV_CFLAGS=$iconv_cflags" >> $config_host_mak
@@ -7857,7 +7854,7 @@ NINJA=${ninja:-$PWD/ninjatool} $meson setup \
 -Db_pie=$(if test "$pie" = yes; then echo true; else echo false; fi) \
 -Db_coverage=$(if test "$gcov" = yes; then echo true; else echo false; 
fi) \
-Dmalloc=$malloc -Dmalloc_trim=$malloc_trim \
-   -Dmpath=$mpath -Dsdl=$sdl -Dsdl_image=$sdl_image \
+   -Dcocoa=$cocoa -Dmpath=$mpath -Dsdl=$sdl -Dsdl_image=$sdl_image \
-Dvnc=$vnc -Dvnc_sasl=$vnc_sasl -Dvnc_jpeg=$vnc_jpeg -Dvnc_png=$vnc_png 
\
-Dgettext=$gettext -Dxkbcommon=$xkbcommon -Du2f=$u2f\
 $cross_arg \
diff --git a/meson.build b/meson.build
index 808980b508..848223778d 100644
--- a/meson.build
+++ b/meson.build
@@ -101,7 +101,7 @@ socket = []
 version_res = []
 coref = []
 iokit = []
-cocoa = []
+cocoa = not_found
 hvf = []
 if targetos == 'windows'
   socket = cc.find_library('ws2_32')
@@ -114,7 +114,7 @@ if targetos == 'windows'
 elif targetos == 'darwin'
   coref = dependency('appleframeworks', modules: 'CoreFoundation')
   iokit = dependency('appleframeworks', modules: 'IOKit')
-  cocoa = dependency('appleframeworks', modules: 'Cocoa')
+  cocoa = dependency('appleframeworks', modules: 'Cocoa', required: 
get_option('cocoa'))
   hvf = dependency('appleframeworks', modules: 'Hypervisor')
 elif targetos == 'sunos'
   socket = [cc.find_library('socket'),
@@ -126,6 +126,10 @@ elif targetos == 'haiku'
 cc.find_library('bsd')]
 endif
 
+if not cocoa.found() and get_option('cocoa').enabled()
+  error('Cocoa not available on this platform')
+endif
+
 
 # Dependencies #
 
@@ -542,6 +546,7 @@ endif
 
 # Create config-host.h
 
+config_host_data.set('CONFIG_COCOA', cocoa.found())
 config_host_data.set('CONFIG_LIBUDEV', libudev.found())
 config_host_data.set('CONFIG_MPATH', mpathpersist.found())
 config_host_data.set('CONFIG_MPATH_NEW_API', mpathpersist_new_api)
diff --git a/meson_options.txt b/meson_options.txt
index 8a59ec263d..46ea1d889a 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -11,6 +11,8 @@ option('malloc_trim', type : 'feature', value : 'auto',
 option('malloc', type : 'combo', choices : ['system', 'tcmalloc', 'jemalloc'],
value: 'system', description: 'choose memory allocator to use')
 
+option('cocoa', type : 'feature', value : 'auto',
+   description: 'Cocoa user interface (macOS only)')
 option('mpath', type : 'feature', value : 'auto',
description: 'Multipath persistent reservation passthrough')
 option('sdl', type : 'feature', value : 'auto',
diff --git a/ui/meson.build b/ui/meson.build
index dd6c110136..8a080c38e3 100644
--- a/ui/meson.build
+++ b/ui/meson.build
@@ -15,7 +15,7 @@ softmmu_ss.add(files(
 
 softmmu_ss.add(when: 'CONFIG_LINUX', if_true: files('input-linux.c'))
 softmmu_ss.add(when: 'CONFIG_SPICE', if_true: files('spice-core.c',

[PULL 52/57] ui: relocate paths to icons and translations

2020-09-19 Thread Paolo Bonzini 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 ui/gtk.c  | 10 --
 ui/sdl2.c |  9 +++--
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/ui/gtk.c b/ui/gtk.c
index 1c59de2af4..b11594d817 100644
--- a/ui/gtk.c
+++ b/ui/gtk.c
@@ -51,6 +51,7 @@
 #include 
 
 #include "trace.h"
+#include "qemu/cutils.h"
 #include "ui/input.h"
 #include "sysemu/runstate.h"
 #include "sysemu/sysemu.h"
@@ -2202,6 +2203,7 @@ static void gtk_display_init(DisplayState *ds, 
DisplayOptions *opts)
 GtkDisplayState *s = g_malloc0(sizeof(*s));
 GdkDisplay *window_display;
 GtkIconTheme *theme;
+char *dir;
 
 if (!gtkinit) {
 fprintf(stderr, "gtk initialization failed\n");
@@ -2211,7 +2213,9 @@ static void gtk_display_init(DisplayState *ds, 
DisplayOptions *opts)
 s->opts = opts;
 
 theme = gtk_icon_theme_get_default();
-gtk_icon_theme_prepend_search_path(theme, CONFIG_QEMU_ICONDIR);
+dir = get_relocated_path(CONFIG_QEMU_ICONDIR);
+gtk_icon_theme_prepend_search_path(theme, dir);
+g_free(dir);
 g_set_prgname("qemu");
 
 s->window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
@@ -2227,7 +2231,9 @@ static void gtk_display_init(DisplayState *ds, 
DisplayOptions *opts)
  * sure that we don't accidentally break implicit assumptions.  */
 setlocale(LC_MESSAGES, "");
 setlocale(LC_CTYPE, "C.UTF-8");
-bindtextdomain("qemu", CONFIG_QEMU_LOCALEDIR);
+dir = get_relocated_path(CONFIG_QEMU_LOCALEDIR);
+bindtextdomain("qemu", dir);
+g_free(dir);
 bind_textdomain_codeset("qemu", "UTF-8");
 textdomain("qemu");
 
diff --git a/ui/sdl2.c b/ui/sdl2.c
index b23a8f0a8e..abad7f981e 100644
--- a/ui/sdl2.c
+++ b/ui/sdl2.c
@@ -25,6 +25,7 @@
 
 #include "qemu/osdep.h"
 #include "qemu/module.h"
+#include "qemu/cutils.h"
 #include "ui/console.h"
 #include "ui/input.h"
 #include "ui/sdl2.h"
@@ -795,6 +796,7 @@ static void sdl2_display_init(DisplayState *ds, 
DisplayOptions *o)
 int i;
 SDL_SysWMinfo info;
 SDL_Surface *icon = NULL;
+char *dir;
 
 assert(o->type == DISPLAY_TYPE_SDL);
 
@@ -868,15 +870,18 @@ static void sdl2_display_init(DisplayState *ds, 
DisplayOptions *o)
 }
 
 #ifdef CONFIG_SDL_IMAGE
-icon = IMG_Load(CONFIG_QEMU_ICONDIR "/hicolor/128x128/apps/qemu.png");
+dir = get_relocated_path(CONFIG_QEMU_ICONDIR 
"/hicolor/128x128/apps/qemu.png");
+icon = IMG_Load(dir);
 #else
 /* Load a 32x32x4 image. White pixels are transparent. */
-icon = SDL_LoadBMP(CONFIG_QEMU_ICONDIR "/hicolor/32x32/apps/qemu.bmp");
+dir = get_relocated_path(CONFIG_QEMU_ICONDIR 
"/hicolor/32x32/apps/qemu.bmp");
+icon = SDL_LoadBMP(dir);
 if (icon) {
 uint32_t colorkey = SDL_MapRGB(icon->format, 255, 255, 255);
 SDL_SetColorKey(icon, SDL_TRUE, colorkey);
 }
 #endif
+g_free(dir);
 if (icon) {
 SDL_SetWindowIcon(sdl2_console[0].real_window, icon);
 }
-- 
2.26.2

Re: [PATCH] configure: fix performance regression due to PIC objects

2020-09-19 Thread Philippe Mathieu-Daudé 
Cc'ing Aleksandar as Ahmed is away.

On 9/19/20 5:56 PM, Paolo Bonzini wrote:
> Because most files in QEMU are grouped into static libraries, Meson 
> conservatively
> compiles them with -fPIC.  This is overkill and produces slowdowns up to 20% 
> on
> some TCG tests.
> 
> As a stopgap measure, use the b_staticpic option to limit the slowdown to
> --enable-pie.  https://github.com/mesonbuild/meson/pull/7760 will allow
> us to use b_staticpic=false and let Meson do the right thing.
> 
> Reported-by: Ahmed Karaman 
> Signed-off-by: Paolo Bonzini 
> ---
>  configure | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/configure b/configure
> index 0004c46525..0786144043 100755
> --- a/configure
> +++ b/configure
> @@ -7414,6 +7414,7 @@ NINJA=${ninja:-$PWD/ninjatool} $meson setup \
>  -Dwerror=$(if test "$werror" = yes; then echo true; else echo false; 
> fi) \
>  -Dstrip=$(if test "$strip_opt" = yes; then echo true; else echo 
> false; fi) \
>  -Db_pie=$(if test "$pie" = yes; then echo true; else echo false; fi) 
> \
> +-Db_staticpic=$(if test "$pie" = yes; then echo true; else echo 
> false; fi) \
>  -Db_coverage=$(if test "$gcov" = yes; then echo true; else echo 
> false; fi) \
>   -Dmalloc=$malloc -Dmalloc_trim=$malloc_trim -Dsparse=$sparse \
>   -Dkvm=$kvm -Dhax=$hax -Dwhpx=$whpx -Dhvf=$hvf \
>

[PULL 37/57] configure: do not limit Hypervisor.framework test to Darwin

2020-09-19 Thread Paolo Bonzini 
Because the target/i386/hvf/meson.build rule culls hvf support
on non-Darwin systems, a --enable-hvf build is succeeding.
To fix this, just try the compilation test every time someone
passes --enable-hvf.

Reported-by: Christophe de Dinechin 
Reviewed-by: Richard Henderson 
Signed-off-by: Paolo Bonzini 
---
 configure | 8 +---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/configure b/configure
index 96446e10b0..0e65d4493d 100755
--- a/configure
+++ b/configure
@@ -863,7 +863,7 @@ Darwin)
   bsd="yes"
   darwin="yes"
   hax="yes"
-  hvf="yes"
+  hvf=""
   if [ "$cpu" = "x86_64" ] ; then
 QEMU_CFLAGS="-arch x86_64 $QEMU_CFLAGS"
 QEMU_LDFLAGS="-arch x86_64 $QEMU_LDFLAGS"
@@ -5818,16 +5818,18 @@ fi
 
 #
 # Check to see if we have the Hypervisor framework
-if [ "$darwin" = "yes" ] ; then
+if [ "$hvf" != "no" ] ; then
   cat > $TMPC << EOF
 #include 
 int main() { return 0;}
 EOF
   if ! compile_object ""; then
+if test "$hvf" = "yes"; then
+   error_exit "Hypervisor.framework not available"
+fi
 hvf='no'
   else
 hvf='yes'
-QEMU_LDFLAGS="-framework Hypervisor $QEMU_LDFLAGS"
   fi
 fi
 
-- 
2.26.2

[PULL 46/57] module: relocate path to modules

2020-09-19 Thread Paolo Bonzini 
Signed-off-by: Paolo Bonzini 
---
 util/module.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/util/module.c b/util/module.c
index 9ffe83bb32..a44ec38d93 100644
--- a/util/module.c
+++ b/util/module.c
@@ -19,6 +19,7 @@
 #endif
 #include "qemu/queue.h"
 #include "qemu/module.h"
+#include "qemu/cutils.h"
 #ifdef CONFIG_MODULE_UPGRADES
 #include "qemu-version.h"
 #endif
@@ -202,7 +203,7 @@ bool module_load_one(const char *prefix, const char 
*lib_name)
 if (search_dir != NULL) {
 dirs[n_dirs++] = g_strdup_printf("%s", search_dir);
 }
-dirs[n_dirs++] = g_strdup_printf("%s", CONFIG_QEMU_MODDIR);
+dirs[n_dirs++] = get_relocated_path(CONFIG_QEMU_MODDIR);
 dirs[n_dirs++] = g_strdup(qemu_get_exec_dir());
 
 #ifdef CONFIG_MODULE_UPGRADES
-- 
2.26.2

[PULL 44/57] cutils: introduce get_relocated_path

2020-09-19 Thread Paolo Bonzini 
Add the function that will compute a relocated version of the
directories in CONFIG_QEMU_*DIR and CONFIG_QEMU_*PATH.

Signed-off-by: Paolo Bonzini 
---
 include/qemu/cutils.h | 12 +
 meson.build   |  4 +--
 util/cutils.c | 61 +++
 3 files changed, 75 insertions(+), 2 deletions(-)

diff --git a/include/qemu/cutils.h b/include/qemu/cutils.h
index eb59852dfd..3a86ec0321 100644
--- a/include/qemu/cutils.h
+++ b/include/qemu/cutils.h
@@ -184,4 +184,16 @@ int uleb128_decode_small(const uint8_t *in, uint32_t *n);
  */
 int qemu_pstrcmp0(const char **str1, const char **str2);
 
+
+/**
+ * get_relocated_path:
+ * @dir: the directory (typically a `CONFIG_*DIR` variable) to be relocated.
+ *
+ * Returns a path for @dir that uses the directory of the running executable
+ * as the prefix.  For example, if `bindir` is `/usr/bin` and @dir is
+ * `/usr/share/qemu`, the function will append `../share/qemu` to the
+ * directory that contains the running executable and return the result.
+ */
+char *get_relocated_path(const char *dir);
+
 #endif
diff --git a/meson.build b/meson.build
index 1f8487eacf..1b1cde8725 100644
--- a/meson.build
+++ b/meson.build
@@ -566,9 +566,9 @@ config_host_data.set('QEMU_VERSION_MINOR', 
meson.project_version().split('.')[1]
 config_host_data.set('QEMU_VERSION_MICRO', 
meson.project_version().split('.')[2])
 
 arrays = ['CONFIG_AUDIO_DRIVERS', 'CONFIG_BDRV_RW_WHITELIST', 
'CONFIG_BDRV_RO_WHITELIST']
-strings = ['HOST_DSOSUF', 'CONFIG_IASL', 'bindir', 'qemu_confdir', 
'qemu_datadir',
+strings = ['HOST_DSOSUF', 'CONFIG_IASL', 'bindir', 'prefix', 'qemu_confdir', 
'qemu_datadir',
'qemu_moddir', 'qemu_localstatedir', 'qemu_helperdir', 
'qemu_localedir',
-   'qemu_icondir', 'qemu_desktopdir', 'qemu_firmwarepath']
+   'qemu_icondir', 'qemu_desktopdir', 'qemu_firmwarepath', 
'sysconfdir']
 foreach k, v: config_host
   if arrays.contains(k)
 if v != ''
diff --git a/util/cutils.c b/util/cutils.c
index 36ce712271..8da34e04b0 100644
--- a/util/cutils.c
+++ b/util/cutils.c
@@ -889,3 +889,64 @@ int qemu_pstrcmp0(const char **str1, const char **str2)
 {
 return g_strcmp0(*str1, *str2);
 }
+
+static inline bool starts_with_prefix(const char *dir)
+{
+size_t prefix_len = strlen(CONFIG_PREFIX);
+return !memcmp(dir, CONFIG_PREFIX, prefix_len) &&
+(!dir[prefix_len] || G_IS_DIR_SEPARATOR(dir[prefix_len]));
+}
+
+/* Return the next path component in dir, and store its length in *p_len.  */
+static inline const char *next_component(const char *dir, int *p_len)
+{
+int len;
+while (*dir && G_IS_DIR_SEPARATOR(*dir)) {
+dir++;
+}
+len = 0;
+while (dir[len] && !G_IS_DIR_SEPARATOR(dir[len])) {
+len++;
+}
+*p_len = len;
+return dir;
+}
+
+char *get_relocated_path(const char *dir)
+{
+size_t prefix_len = strlen(CONFIG_PREFIX);
+const char *bindir = CONFIG_BINDIR;
+const char *exec_dir = qemu_get_exec_dir();
+GString *result;
+int len_dir, len_bindir;
+
+/* Fail if qemu_init_exec_dir was not called.  */
+assert(exec_dir[0]);
+if (!starts_with_prefix(dir) || !starts_with_prefix(bindir)) {
+return strdup(dir);
+}
+
+result = g_string_new(exec_dir);
+
+/* Advance over common components.  */
+len_dir = len_bindir = prefix_len;
+do {
+dir += len_dir;
+bindir += len_bindir;
+dir = next_component(dir, _dir);
+bindir = next_component(bindir, _bindir);
+} while (len_dir == len_bindir && !memcmp(dir, bindir, len_dir));
+
+/* Ascend from bindir to the common prefix with dir.  */
+while (len_bindir) {
+bindir += len_bindir;
+g_string_append(result, "/..");
+bindir = next_component(bindir, _bindir);
+}
+
+if (*dir) {
+assert(G_IS_DIR_SEPARATOR(dir[-1]));
+g_string_append(result, dir - 1);
+}
+return result->str;
+}
-- 
2.26.2

[PULL 55/57] exec: Remove MemoryRegion::global_locking field

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

Last uses of memory_region_clear_global_locking() have been
removed in commit 7070e085d4 ("acpi: mark PMTIMER as unlocked")
and commit 08565552f7 ("cputlb: Move NOTDIRTY handling from I/O
path to TLB path").
Remove memory_region_clear_global_locking() and the now unused
'global_locking' field in MemoryRegion.

Reported-by: Alexander Bulekov 
Suggested-by: Stefan Hajnoczi 
Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Stefan Hajnoczi 
Message-Id: <20200806150726.962-1-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 accel/tcg/cputlb.c|  4 ++--
 exec.c|  2 +-
 include/exec/memory.h | 14 --
 softmmu/memory.c  |  6 --
 4 files changed, 3 insertions(+), 23 deletions(-)

diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 6489abbf8c..4657a3b8a6 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1053,7 +1053,7 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry 
*iotlbentry,
 cpu_io_recompile(cpu, retaddr);
 }
 
-if (mr->global_locking && !qemu_mutex_iothread_locked()) {
+if (!qemu_mutex_iothread_locked()) {
 qemu_mutex_lock_iothread();
 locked = true;
 }
@@ -1114,7 +1114,7 @@ static void io_writex(CPUArchState *env, CPUIOTLBEntry 
*iotlbentry,
  */
 save_iotlb_data(cpu, iotlbentry->addr, section, mr_offset);
 
-if (mr->global_locking && !qemu_mutex_iothread_locked()) {
+if (!qemu_mutex_iothread_locked()) {
 qemu_mutex_lock_iothread();
 locked = true;
 }
diff --git a/exec.c b/exec.c
index e34b602bdf..bc55a92292 100644
--- a/exec.c
+++ b/exec.c
@@ -3136,7 +3136,7 @@ static bool prepare_mmio_access(MemoryRegion *mr)
 bool unlocked = !qemu_mutex_iothread_locked();
 bool release_lock = false;
 
-if (unlocked && mr->global_locking) {
+if (unlocked) {
 qemu_mutex_lock_iothread();
 unlocked = false;
 release_lock = true;
diff --git a/include/exec/memory.h b/include/exec/memory.h
index ec9edee742..9f6468f346 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -404,7 +404,6 @@ struct MemoryRegion {
 bool nonvolatile;
 bool rom_device;
 bool flush_coalesced_mmio;
-bool global_locking;
 uint8_t dirty_log_mask;
 bool is_iommu;
 RAMBlock *ram_block;
@@ -1738,19 +1737,6 @@ void memory_region_set_flush_coalesced(MemoryRegion *mr);
  */
 void memory_region_clear_flush_coalesced(MemoryRegion *mr);
 
-/**
- * memory_region_clear_global_locking: Declares that access processing does
- * not depend on the QEMU global lock.
- *
- * By clearing this property, accesses to the memory region will be processed
- * outside of QEMU's global lock (unless the lock is held on when issuing the
- * access request). In this case, the device model implementing the access
- * handlers is responsible for synchronization of concurrency.
- *
- * @mr: the memory region to be updated.
- */
-void memory_region_clear_global_locking(MemoryRegion *mr);
-
 /**
  * memory_region_add_eventfd: Request an eventfd to be triggered when a word
  *is written to a location.
diff --git a/softmmu/memory.c b/softmmu/memory.c
index d030eb6f7c..31b0c5250e 100644
--- a/softmmu/memory.c
+++ b/softmmu/memory.c
@@ -1221,7 +1221,6 @@ static void memory_region_initfn(Object *obj)
 mr->ops = _mem_ops;
 mr->enabled = true;
 mr->romd_mode = true;
-mr->global_locking = true;
 mr->destructor = memory_region_destructor_none;
 QTAILQ_INIT(>subregions);
 QTAILQ_INIT(>coalesced);
@@ -2277,11 +2276,6 @@ void memory_region_clear_flush_coalesced(MemoryRegion 
*mr)
 }
 }
 
-void memory_region_clear_global_locking(MemoryRegion *mr)
-{
-mr->global_locking = false;
-}
-
 static bool userspace_eventfd_warning;
 
 void memory_region_add_eventfd(MemoryRegion *mr,
-- 
2.26.2

[PULL 47/57] net: relocate paths to helpers and scripts

2020-09-19 Thread Paolo Bonzini 
Signed-off-by: Paolo Bonzini 
---
 include/net/net.h |  4 ++--
 net/tap.c | 26 +++---
 2 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/include/net/net.h b/include/net/net.h
index e7ef42d62b..897b2d7595 100644
--- a/include/net/net.h
+++ b/include/net/net.h
@@ -209,8 +209,8 @@ void netdev_add(QemuOpts *opts, Error **errp);
 int net_hub_id_for_client(NetClientState *nc, int *id);
 NetClientState *net_hub_port_find(int hub_id);
 
-#define DEFAULT_NETWORK_SCRIPT "/etc/qemu-ifup"
-#define DEFAULT_NETWORK_DOWN_SCRIPT "/etc/qemu-ifdown"
+#define DEFAULT_NETWORK_SCRIPT CONFIG_SYSCONFDIR "/qemu-ifup"
+#define DEFAULT_NETWORK_DOWN_SCRIPT CONFIG_SYSCONFDIR "/qemu-ifdown"
 #define DEFAULT_BRIDGE_HELPER CONFIG_QEMU_HELPERDIR "/qemu-bridge-helper"
 #define DEFAULT_BRIDGE_INTERFACE "br0"
 
diff --git a/net/tap.c b/net/tap.c
index 14dc904fca..04ce72dd2f 100644
--- a/net/tap.c
+++ b/net/tap.c
@@ -478,6 +478,7 @@ static int net_bridge_run_helper(const char *helper, const 
char *bridge,
  Error **errp)
 {
 sigset_t oldmask, mask;
+g_autofree char *default_helper = NULL;
 int pid, status;
 char *args[5];
 char **parg;
@@ -487,6 +488,10 @@ static int net_bridge_run_helper(const char *helper, const 
char *bridge,
 sigaddset(, SIGCHLD);
 sigprocmask(SIG_BLOCK, , );
 
+if (!helper) {
+helper = default_helper = get_relocated_path(DEFAULT_BRIDGE_HELPER);
+}
+
 if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
 error_setg_errno(errp, errno, "socketpair() failed");
 return -1;
@@ -588,8 +593,7 @@ int net_init_bridge(const Netdev *netdev, const char *name,
 
 assert(netdev->type == NET_CLIENT_DRIVER_BRIDGE);
 bridge = >u.bridge;
-
-helper = bridge->has_helper ? bridge->helper : DEFAULT_BRIDGE_HELPER;
+helper = bridge->has_helper ? bridge->helper : NULL;
 br = bridge->has_br ? bridge->br : DEFAULT_BRIDGE_INTERFACE;
 
 fd = net_bridge_run_helper(helper, br, errp);
@@ -773,8 +777,8 @@ int net_init_tap(const Netdev *netdev, const char *name,
 const NetdevTapOptions *tap;
 int fd, vnet_hdr = 0, i = 0, queues;
 /* for the no-fd, no-helper case */
-const char *script = NULL; /* suppress wrong "uninit'd use" gcc warning */
-const char *downscript = NULL;
+const char *script;
+const char *downscript;
 Error *err = NULL;
 const char *vhostfdname;
 char ifname[128];
@@ -784,6 +788,8 @@ int net_init_tap(const Netdev *netdev, const char *name,
 tap = >u.tap;
 queues = tap->has_queues ? tap->queues : 1;
 vhostfdname = tap->has_vhostfd ? tap->vhostfd : NULL;
+script = tap->has_script ? tap->script : NULL;
+downscript = tap->has_downscript ? tap->downscript : NULL;
 
 /* QEMU hubs do not support multiqueue tap, in this case peer is set.
  * For -netdev, peer is always NULL. */
@@ -934,13 +940,19 @@ free_fail:
 return -1;
 }
 } else {
+g_autofree char *default_script = NULL;
+g_autofree char *default_downscript = NULL;
 if (tap->has_vhostfds) {
 error_setg(errp, "vhostfds= is invalid if fds= wasn't specified");
 return -1;
 }
-script = tap->has_script ? tap->script : DEFAULT_NETWORK_SCRIPT;
-downscript = tap->has_downscript ? tap->downscript :
-DEFAULT_NETWORK_DOWN_SCRIPT;
+
+if (!script) {
+script = default_script = 
get_relocated_path(DEFAULT_NETWORK_SCRIPT);
+}
+if (!downscript) {
+downscript = default_downscript = 
get_relocated_path(DEFAULT_NETWORK_SCRIPT);
+}
 
 if (tap->has_ifname) {
 pstrcpy(ifname, sizeof ifname, tap->ifname);
-- 
2.26.2

[PULL 30/57] i386/cpu: Clear FEAT_XSAVE_COMP_{LO, HI} when XSAVE is not available

2020-09-19 Thread Paolo Bonzini 
From: Xiaoyao Li 

Per Intel SDM vol 1, 13.2, if CPUID.1:ECX.XSAVE[bit 26] is 0, the
processor provides no further enumeration through CPUID function 0DH.
QEMU does not do this for "-cpu host,-xsave".

Signed-off-by: Xiaoyao Li 
Message-Id: <20200716082019.215316-2-xiaoyao...@intel.com>
Signed-off-by: Paolo Bonzini 
---
 target/i386/cpu.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 7603784351..053385c2b4 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -6372,6 +6372,8 @@ static void x86_cpu_enable_xsave_components(X86CPU *cpu)
 uint64_t mask;
 
 if (!(env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE)) {
+env->features[FEAT_XSAVE_COMP_LO] = 0;
+env->features[FEAT_XSAVE_COMP_HI] = 0;
 return;
 }
 
-- 
2.26.2

[PULL 29/57] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl

2020-09-19 Thread Paolo Bonzini 
From: Li Qiang 

Currently in 'megasas_map_sgl' when 'iov_count=0' will just return
success however the 'cmd' doens't contain any iov. This will cause
the assert in 'scsi_dma_complete' failed. This is because in
'dma_blk_cb' the 'dbs->sg_cur_index == dbs->sg->nsg' will be true
and just call 'dma_complete'. However now there is no aiocb returned.

This fixes the LP#1878263:

-->https://bugs.launchpad.net/qemu/+bug/1878263

Reported-by: Alexander Bulekov 
Signed-off-by: Li Qiang 
Message-Id: <20200815141940.44025-3-liq...@163.com>
Signed-off-by: Paolo Bonzini 
---
 hw/scsi/megasas.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 4cc709d2c6..e24c12d7ee 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -277,7 +277,7 @@ static int megasas_map_sgl(MegasasState *s, MegasasCmd 
*cmd, union mfi_sgl *sgl)
 
 cmd->flags = le16_to_cpu(cmd->frame->header.flags);
 iov_count = cmd->frame->header.sge_count;
-if (iov_count > MEGASAS_MAX_SGE) {
+if (!iov_count || iov_count > MEGASAS_MAX_SGE) {
 trace_megasas_iovec_sgl_overflow(cmd->index, iov_count,
  MEGASAS_MAX_SGE);
 return -1;
-- 
2.26.2

[PULL 42/57] fuzz: use qemu_get_exec_dir

2020-09-19 Thread Paolo Bonzini 
Make things consistent with how softmmu/vl.c uses os_find_datadir.
Initializing the path to the executables will also be needed for
get_relocatable_path to work.

Reviewed-by: Thomas Huth 
Reviewed-by: Alexander Bulekov 
Signed-off-by: Paolo Bonzini 
---
 tests/qtest/fuzz/fuzz.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c
index e906ef9efa..1811cb1d88 100644
--- a/tests/qtest/fuzz/fuzz.c
+++ b/tests/qtest/fuzz/fuzz.c
@@ -153,6 +153,7 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char 
***envp)
 module_call_init(MODULE_INIT_QOM);
 module_call_init(MODULE_INIT_LIBQOS);
 
+qemu_init_exec_dir(**argv);
 target_name = strstr(**argv, "-target-");
 if (target_name) {/* The binary name specifies the target */
 target_name += strlen("-target-");
@@ -165,7 +166,7 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, char 
***envp)
  * location of the executable. Using this we add exec_dir/pc-bios to
  * the datadirs.
  */
-bindir = g_path_get_dirname(**argv);
+bindir = qemu_get_exec_dir();
 datadir = g_build_filename(bindir, "pc-bios", NULL);
 if (g_file_test(datadir, G_FILE_TEST_IS_DIR)) {
 qemu_add_data_dir(datadir);
-- 
2.26.2

[PULL 33/57] meson: extend libmpathpersist test for static linking

2020-09-19 Thread Paolo Bonzini 
libmultipath has a dependency on libdevmapper, so
include it as well when static linking.  It seems that
the rabbit hole ends there.

Signed-off-by: Paolo Bonzini 
---
 meson.build | 27 +++
 1 file changed, 19 insertions(+), 8 deletions(-)

diff --git a/meson.build b/meson.build
index 4d617d7561..8484e24720 100644
--- a/meson.build
+++ b/meson.build
@@ -302,14 +302,25 @@ if targetos == 'linux' and not 
get_option('mpath').disabled()
   mpath_lib_init(udev);
   return 0;
   }'''
-  libmultipath = cc.find_library('multipath',
- required: get_option('mpath'),
- static: enable_static)
-  libmpathpersist = cc.find_library('mpathpersist',
-required: get_option('mpath'),
-static: enable_static)
-  if libmultipath.found() and libmpathpersist.found() and libudev.found()
-mpathlibs = [libmultipath, libmpathpersist, libudev]
+  mpathlibs = [libudev]
+  if enable_static
+mpathlibs += cc.find_library('devmapper',
+   required: get_option('mpath'),
+   static: enable_static)
+  endif
+  mpathlibs += cc.find_library('multipath',
+   required: get_option('mpath'),
+   static: enable_static)
+  mpathlibs += cc.find_library('mpathpersist',
+   required: get_option('mpath'),
+   static: enable_static)
+  foreach lib: mpathlibs
+if not lib.found()
+  mpathlibs = []
+  break
+endif
+  endforeach
+  if mpathlibs.length() > 0
 if cc.links(mpath_test_source_new, dependencies: mpathlibs)
   mpathpersist = declare_dependency(dependencies: mpathlibs)
   mpathpersist_new_api = true
-- 
2.26.2

[PULL 31/57] meson: move libudev test

2020-09-19 Thread Paolo Bonzini 
Signed-off-by: Paolo Bonzini 
---
 configure   | 14 --
 meson.build |  7 ---
 2 files changed, 4 insertions(+), 17 deletions(-)

diff --git a/configure b/configure
index 6201e7c732..4a7f577f49 100755
--- a/configure
+++ b/configure
@@ -901,7 +901,6 @@ Linux)
   linux_user="yes"
   kvm="yes"
   QEMU_INCLUDES="-isystem ${source_path}/linux-headers -Ilinux-headers 
$QEMU_INCLUDES"
-  libudev="yes"
 ;;
 esac
 
@@ -6282,15 +6281,6 @@ if test "$libnfs" != "no" ; then
 fi
 
 ##
-# Do we have libudev
-if test "$libudev" != "no" ; then
-  if $pkg_config libudev && test "$static" != "yes"; then
-libudev="yes"
-libudev_libs=$($pkg_config --libs libudev)
-  else
-libudev="no"
-  fi
-fi
 
 # Exclude --warn-common with TSan to suppress warnings from the TSan libraries.
 if test "$solaris" = "no" && test "$tsan" = "no"; then
@@ -7459,10 +7449,6 @@ if test "$gcov" = "yes" ; then
   echo "CONFIG_GCOV=y" >> $config_host_mak
 fi
 
-if test "$libudev" != "no"; then
-echo "CONFIG_LIBUDEV=y" >> $config_host_mak
-echo "LIBUDEV_LIBS=$libudev_libs" >> $config_host_mak
-fi
 if test "$fuzzing" != "no"; then
 echo "CONFIG_FUZZ=y" >> $config_host_mak
 fi
diff --git a/meson.build b/meson.build
index 5ab9a4dd1e..11213b6e8b 100644
--- a/meson.build
+++ b/meson.build
@@ -257,8 +257,8 @@ if 'CONFIG_CURL' in config_host
 link_args: config_host['CURL_LIBS'].split())
 endif
 libudev = not_found
-if 'CONFIG_LIBUDEV' in config_host
-  libudev = declare_dependency(link_args: config_host['LIBUDEV_LIBS'].split())
+if target_os == 'linux'
+  libudev = dependency('libudev', static: enable_static)
 endif
 brlapi = not_found
 if 'CONFIG_BRLAPI' in config_host
@@ -446,6 +446,7 @@ has_gettid = cc.has_function('gettid')
 
 # Create config-host.h
 
+config_host_data.set('CONFIG_LIBUDEV', libudev.found())
 config_host_data.set('CONFIG_SDL', sdl.found())
 config_host_data.set('CONFIG_SDL_IMAGE', sdl_image.found())
 config_host_data.set('CONFIG_VNC', vnc.found())
@@ -1526,7 +1527,7 @@ summary_info += {'sheepdog support':  
config_host.has_key('CONFIG_SHEEPDOG')}
 summary_info += {'capstone':  config_host.has_key('CONFIG_CAPSTONE')}
 summary_info += {'libpmem support':   config_host.has_key('CONFIG_LIBPMEM')}
 summary_info += {'libdaxctl support': config_host.has_key('CONFIG_LIBDAXCTL')}
-summary_info += {'libudev':   config_host.has_key('CONFIG_LIBUDEV')}
+summary_info += {'libudev':   libudev.found()}
 summary_info += {'default devices':   config_host['CONFIG_MINIKCONF_MODE'] == 
'--defconfig'}
 summary_info += {'plugin support':config_host.has_key('CONFIG_PLUGIN')}
 summary_info += {'fuzzing support':   config_host.has_key('CONFIG_FUZZ')}
-- 
2.26.2

[PULL 56/57] checkpatch: avoid error on cover letter files

2020-09-19 Thread Paolo Bonzini 
From: Stefano Garzarella 

Running checkpatch on a directory that contains a cover letter reports
this error:

Checking /tmp/tmpbnngauy3/-cover-letter.patch...
ERROR: Does not appear to be a unified-diff format patch

total: 1 errors, 0 warnings, 0 lines checked

Let's skip cover letter as it is already done in the Linux kernel
commits 06330fc40e3f ("checkpatch: avoid NOT_UNIFIED_DIFF errors
on cover-letter.patch files") and a08ffbef4ab7 ("checkpatch: fix
ignoring cover-letter logic").

Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Stefano Garzarella 
Message-Id: <20200917170212.92672-1-sgarz...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 scripts/checkpatch.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index bd3faa154c..3c898f878a 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -3005,7 +3005,7 @@ sub process {
return 1;
}
 
-   if (!$is_patch) {
+   if (!$is_patch && $filename !~ /cover-letter\.patch$/) {
ERROR("Does not appear to be a unified-diff format patch\n");
}
 
-- 
2.26.2

[PULL 32/57] meson: move libmpathpersist test

2020-09-19 Thread Paolo Bonzini 
This is the first compiler/linker test that has been moved to Meson.
Add more section headings to keep things clearer.

This also fixes static linking to libmpathpersist, which has a
dependency on libmultipath but no pkg-config file to describe it.

Signed-off-by: Paolo Bonzini 
---
 configure | 77 +++
 meson.build   | 83 ++-
 meson_options.txt |  2 ++
 3 files changed, 81 insertions(+), 81 deletions(-)

diff --git a/configure b/configure
index 4a7f577f49..7e8c31cafa 100755
--- a/configure
+++ b/configure
@@ -394,7 +394,7 @@ netmap="no"
 sdl="auto"
 sdl_image="auto"
 virtfs=""
-mpath=""
+mpath="auto"
 vnc="enabled"
 sparse="no"
 vde=""
@@ -1109,9 +1109,9 @@ for opt do
   ;;
   --enable-virtfs) virtfs="yes"
   ;;
-  --disable-mpath) mpath="no"
+  --disable-mpath) mpath="disabled"
   ;;
-  --enable-mpath) mpath="yes"
+  --enable-mpath) mpath="enabled"
   ;;
   --disable-vnc) vnc="disabled"
   ;;
@@ -3847,57 +3847,6 @@ if test "$modules" = yes; then
 fi
 fi
 
-##
-# libmpathpersist probe
-
-if test "$mpath" != "no" ; then
-  # probe for the new API
-  cat > $TMPC <
-#include 
-unsigned mpath_mx_alloc_len = 1024;
-int logsink;
-static struct config *multipath_conf;
-extern struct udev *udev;
-extern struct config *get_multipath_config(void);
-extern void put_multipath_config(struct config *conf);
-struct udev *udev;
-struct config *get_multipath_config(void) { return multipath_conf; }
-void put_multipath_config(struct config *conf) { }
-
-int main(void) {
-udev = udev_new();
-multipath_conf = mpath_lib_init();
-return 0;
-}
-EOF
-  if compile_prog "" "-ludev -lmultipath -lmpathpersist" ; then
-mpathpersist=yes
-mpathpersist_new_api=yes
-  else
-# probe for the old API
-cat > $TMPC <
-#include 
-unsigned mpath_mx_alloc_len = 1024;
-int logsink;
-int main(void) {
-struct udev *udev = udev_new();
-mpath_lib_init(udev);
-return 0;
-}
-EOF
-if compile_prog "" "-ludev -lmultipath -lmpathpersist" ; then
-  mpathpersist=yes
-  mpathpersist_new_api=no
-else
-  mpathpersist=no
-fi
-  fi
-else
-  mpathpersist=no
-fi
-
 ##
 # pthread probe
 PTHREADLIBS_LIST="-pthread -lpthread -lpthreadGC2"
@@ -6339,23 +6288,11 @@ if test "$softmmu" = yes ; then
   fi
   virtfs=no
 fi
-if test "$mpath" != no && test "$mpathpersist" = yes ; then
-  mpath=yes
-else
-  if test "$mpath" = yes; then
-error_exit "Multipath requires libmpathpersist devel"
-  fi
-  mpath=no
-fi
   else
 if test "$virtfs" = yes; then
   error_exit "VirtFS is supported only on Linux"
 fi
 virtfs=no
-if test "$mpath" = yes; then
-  error_exit "Multipath is supported only on Linux"
-fi
-mpath=no
   fi
 fi
 
@@ -6896,12 +6833,6 @@ fi
 if test "$virtfs" = "yes" ; then
   echo "CONFIG_VIRTFS=y" >> $config_host_mak
 fi
-if test "$mpath" = "yes" ; then
-  echo "CONFIG_MPATH=y" >> $config_host_mak
-  if test "$mpathpersist_new_api" = "yes"; then
-echo "CONFIG_MPATH_NEW_API=y" >> $config_host_mak
-  fi
-fi
 if test "$vhost_scsi" = "yes" ; then
   echo "CONFIG_VHOST_SCSI=y" >> $config_host_mak
 fi
@@ -7992,7 +7923,7 @@ NINJA=${ninja:-$PWD/ninjatool} $meson setup \
 -Dstrip=$(if test "$strip_opt" = yes; then echo true; else echo false; 
fi) \
 -Db_pie=$(if test "$pie" = yes; then echo true; else echo false; fi) \
 -Db_coverage=$(if test "$gcov" = yes; then echo true; else echo false; 
fi) \
-   -Dsdl=$sdl -Dsdl_image=$sdl_image \
+   -Dmpath=$mpath -Dsdl=$sdl -Dsdl_image=$sdl_image \
-Dvnc=$vnc -Dvnc_sasl=$vnc_sasl -Dvnc_jpeg=$vnc_jpeg -Dvnc_png=$vnc_png 
\
-Dgettext=$gettext -Dxkbcommon=$xkbcommon -Du2f=$u2f\
 $cross_arg \
diff --git a/meson.build b/meson.build
index 11213b6e8b..4d617d7561 100644
--- a/meson.build
+++ b/meson.build
@@ -86,6 +86,14 @@ if 'SPARSE_CFLAGS' in config_host
'compile_commands.json'])
 endif
 
+###
+# Target-specific checks and dependencies #
+###
+
+if targetos != 'linux' and get_option('mpath').enabled()
+  error('Multipath is supported only on Linux')
+endif
+
 m = cc.find_library('m', required: false)
 util = cc.find_library('util', required: false)
 winmm = []
@@ -117,6 +125,11 @@ elif targetos == 'haiku'
 cc.find_library('network'),
 cc.find_library('bsd')]
 endif
+
+
+# Dependencies #
+
+
 # The path to glib.h is added to all compilation commands.  This was
 # grandfathered in from the QEMU Makefiles.
 add_project_arguments(config_host['GLIB_CFLAGS'].split(),
@@ -223,10 +236,6 @@ if 'CONFIG_SPICE' in config_host
  link_args: config_host['SPICE_LIBS'].split())
 endif
 rt =

[PULL 48/57] vl: relocate paths to data directories

2020-09-19 Thread Paolo Bonzini 
As an additional advantage, the logic is now unified between
POSIX and Win32 systems.

Signed-off-by: Paolo Bonzini 
---
 include/qemu-common.h   |  1 -
 include/sysemu/sysemu.h |  2 +-
 os-posix.c  | 20 
 os-win32.c  | 11 ---
 softmmu/vl.c| 40 
 tests/qtest/fuzz/fuzz.c |  5 +++--
 6 files changed, 32 insertions(+), 47 deletions(-)

diff --git a/include/qemu-common.h b/include/qemu-common.h
index 9cfd62669b..a9b11f59c4 100644
--- a/include/qemu-common.h
+++ b/include/qemu-common.h
@@ -131,7 +131,6 @@ char *qemu_find_file(int type, const char *name);
 
 /* OS specific functions */
 void os_setup_early_signal_handling(void);
-char *os_find_datadir(void);
 int os_parse_cmd_args(int index, const char *optarg);
 
 /*
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index 4b6a5c459c..817ff4cf75 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -14,7 +14,7 @@ extern const char *qemu_name;
 extern QemuUUID qemu_uuid;
 extern bool qemu_uuid_set;
 
-void qemu_add_data_dir(const char *path);
+void qemu_add_data_dir(char *path);
 
 void qemu_add_exit_notifier(Notifier *notify);
 void qemu_remove_exit_notifier(Notifier *notify);
diff --git a/os-posix.c b/os-posix.c
index 8d8e7fc15c..af91089c01 100644
--- a/os-posix.c
+++ b/os-posix.c
@@ -80,26 +80,6 @@ void os_setup_signal_handling(void)
 sigaction(SIGTERM, , NULL);
 }
 
-/*
- * Find a likely location for support files using the location of the binary.
- * When running from the build tree this will be "$bindir/pc-bios".
- * Otherwise, this is CONFIG_QEMU_DATADIR.
- *
- * The caller must use g_free() to free the returned data when it is
- * no longer required.
- */
-char *os_find_datadir(void)
-{
-g_autofree char *dir = NULL;
-
-dir = g_build_filename(qemu_get_exec_dir(), "pc-bios", NULL);
-if (g_file_test(dir, G_FILE_TEST_IS_DIR)) {
-return g_steal_pointer();
-}
-
-return g_strdup(CONFIG_QEMU_DATADIR);
-}
-
 void os_set_proc_name(const char *s)
 {
 #if defined(PR_SET_NAME)
diff --git a/os-win32.c b/os-win32.c
index eb8501b9e5..fd1137bab1 100644
--- a/os-win32.c
+++ b/os-win32.c
@@ -57,17 +57,6 @@ void os_setup_early_signal_handling(void)
 atexit(os_undo_timer_resolution);
 }
 
-/*
- * Look for support files in the same directory as the executable.
- *
- * The caller must use g_free() to free the returned data when it is
- * no longer required.
- */
-char *os_find_datadir(void)
-{
-return g_strdup(qemu_get_exec_dir());
-}
-
 void os_set_line_buffering(void)
 {
 setbuf(stdout, NULL);
diff --git a/softmmu/vl.c b/softmmu/vl.c
index f7b103467c..c872657e60 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2005,7 +2005,7 @@ char *qemu_find_file(int type, const char *name)
 return NULL;
 }
 
-void qemu_add_data_dir(const char *path)
+void qemu_add_data_dir(char *path)
 {
 int i;
 
@@ -2017,10 +2017,11 @@ void qemu_add_data_dir(const char *path)
 }
 for (i = 0; i < data_dir_idx; i++) {
 if (strcmp(data_dir[i], path) == 0) {
-return; /* duplicate */
+g_free(path); /* duplicate */
+return;
 }
 }
-data_dir[data_dir_idx++] = g_strdup(path);
+data_dir[data_dir_idx++] = path;
 }
 
 static inline bool nonempty_str(const char *str)
@@ -2829,6 +2830,26 @@ static void create_default_memdev(MachineState *ms, 
const char *path)
 _fatal);
 }
 
+/*
+ * Find a likely location for support files using the location of the binary.
+ * When running from the build tree this will be "$bindir/pc-bios".
+ * Otherwise, this is CONFIG_QEMU_DATADIR (possibly relocated).
+ *
+ * The caller must use g_free() to free the returned data when it is
+ * no longer required.
+ */
+static char *find_datadir(void)
+{
+g_autofree char *dir = NULL;
+
+dir = g_build_filename(qemu_get_exec_dir(), "pc-bios", NULL);
+if (g_file_test(dir, G_FILE_TEST_IS_DIR)) {
+return g_steal_pointer();
+}
+
+return get_relocated_path(CONFIG_QEMU_DATADIR);
+}
+
 void qemu_init(int argc, char **argv, char **envp)
 {
 int i;
@@ -2862,7 +2883,7 @@ void qemu_init(int argc, char **argv, char **envp)
 Error *main_loop_err = NULL;
 Error *err = NULL;
 bool list_data_dirs = false;
-char *dir, **dirs;
+char **dirs;
 const char *mem_path = NULL;
 bool have_custom_ram_size;
 BlockdevOptionsQueue bdo_queue = QSIMPLEQ_HEAD_INITIALIZER(bdo_queue);
@@ -3195,7 +3216,7 @@ void qemu_init(int argc, char **argv, char **envp)
 if (is_help_option(optarg)) {
 list_data_dirs = true;
 } else {
-qemu_add_data_dir(optarg);
+qemu_add_data_dir(g_strdup(optarg));
 }
 break;
 case QEMU_OPTION_bios:
@@ -3927,17 +3948,12 @@ void qemu_init(int argc, char **argv, char **envp)
 /* add

[PULL 49/57] vl: relocate path to configuration file

2020-09-19 Thread Paolo Bonzini 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 softmmu/vl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index c872657e60..c4f9671c48 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2676,8 +2676,9 @@ static int global_init_func(void *opaque, QemuOpts *opts, 
Error **errp)
 static int qemu_read_default_config_file(void)
 {
 int ret;
+g_autofree char *file = get_relocated_path(CONFIG_QEMU_CONFDIR 
"/qemu.conf");
 
-ret = qemu_read_config_file(CONFIG_QEMU_CONFDIR "/qemu.conf");
+ret = qemu_read_config_file(file);
 if (ret < 0 && ret != -ENOENT) {
 return ret;
 }
-- 
2.26.2

[PULL 34/57] configure: move malloc_trim/tcmalloc/jemalloc to meson

2020-09-19 Thread Paolo Bonzini 
Because LIBS is not used anymore, tcmalloc/jemalloc does
not work with binaries whose description is in Meson.
The fix is simply to move them to Meson too.

For consistency with other configure options, specifying
--enable-malloc-trim together with --enable-{tc,je}malloc
becomes a fatal error.

Reported-by: Stefan Hajnoczi 
Reviewed-by: Stefan Hajnoczi 
Signed-off-by: Paolo Bonzini 
---
 configure | 84 +--
 meson.build   | 28 +---
 meson_options.txt |  5 +++
 3 files changed, 38 insertions(+), 79 deletions(-)

diff --git a/configure b/configure
index 7e8c31cafa..d4298436ac 100755
--- a/configure
+++ b/configure
@@ -540,7 +540,7 @@ skip_meson=no
 gettext=""
 
 bogus_os="no"
-malloc_trim=""
+malloc_trim="auto"
 
 deprecated_features=""
 
@@ -1221,9 +1221,9 @@ for opt do
   ;;
   --enable-tcg) tcg="yes"
   ;;
-  --disable-malloc-trim) malloc_trim="no"
+  --disable-malloc-trim) malloc_trim="disabled"
   ;;
-  --enable-malloc-trim) malloc_trim="yes"
+  --enable-malloc-trim) malloc_trim="enabled"
   ;;
   --disable-spice) spice="no"
   ;;
@@ -4379,77 +4379,14 @@ EOF
   fi
 fi
 
+malloc=system
 if test "$tcmalloc" = "yes" && test "$jemalloc" = "yes" ; then
 echo "ERROR: tcmalloc && jemalloc can't be used at the same time"
 exit 1
-fi
-
-# Even if malloc_trim() is available, these non-libc memory allocators
-# do not support it.
-if test "$tcmalloc" = "yes" || test "$jemalloc" = "yes" ; then
-if test "$malloc_trim" = "yes" ; then
-echo "Disabling malloc_trim with non-libc memory allocator"
-fi
-malloc_trim="no"
-fi
-
-###
-# malloc_trim
-
-if test "$malloc_trim" != "no" ; then
-cat > $TMPC << EOF
-#include 
-int main(void) { malloc_trim(0); return 0; }
-EOF
-if compile_prog "" "" ; then
-malloc_trim="yes"
-else
-malloc_trim="no"
-fi
-fi
-
-##
-# tcmalloc probe
-
-if test "$tcmalloc" = "yes" ; then
-  cat > $TMPC << EOF
-#include 
-int main(void) {
-void *tmp = malloc(1);
-if (tmp != NULL) {
-return 0;
-}
-return 1;
-}
-EOF
-
-  if compile_prog "" "-ltcmalloc" ; then
-LIBS="-ltcmalloc $LIBS"
-  else
-feature_not_found "tcmalloc" "install gperftools devel"
-  fi
-fi
-
-##
-# jemalloc probe
-
-if test "$jemalloc" = "yes" ; then
-  cat > $TMPC << EOF
-#include 
-int main(void) {
-void *tmp = malloc(1);
-if (tmp != NULL) {
-return 0;
-}
-return 1;
-}
-EOF
-
-  if compile_prog "" "-ljemalloc" ; then
-LIBS="-ljemalloc $LIBS"
-  else
-feature_not_found "jemalloc" "install jemalloc devel"
-  fi
+elif test "$tcmalloc" = "yes" ; then
+malloc=tcmalloc
+elif test "$jemalloc" = "yes" ; then
+malloc=jemalloc
 fi
 
 ##
@@ -6947,10 +6884,6 @@ if test "$gbm" = "yes" ; then
 fi
 
 
-if test "$malloc_trim" = "yes" ; then
-  echo "CONFIG_MALLOC_TRIM=y" >> $config_host_mak
-fi
-
 if test "$avx2_opt" = "yes" ; then
   echo "CONFIG_AVX2_OPT=y" >> $config_host_mak
 fi
@@ -7923,6 +7856,7 @@ NINJA=${ninja:-$PWD/ninjatool} $meson setup \
 -Dstrip=$(if test "$strip_opt" = yes; then echo true; else echo false; 
fi) \
 -Db_pie=$(if test "$pie" = yes; then echo true; else echo false; fi) \
 -Db_coverage=$(if test "$gcov" = yes; then echo true; else echo false; 
fi) \
+   -Dmalloc=$malloc -Dmalloc_trim=$malloc_trim \
-Dmpath=$mpath -Dsdl=$sdl -Dsdl_image=$sdl_image \
-Dvnc=$vnc -Dvnc_sasl=$vnc_sasl -Dvnc_jpeg=$vnc_jpeg -Dvnc_png=$vnc_png 
\
-Dgettext=$gettext -Dxkbcommon=$xkbcommon -Du2f=$u2f\
diff --git a/meson.build b/meson.build
index 8484e24720..808980b508 100644
--- a/meson.build
+++ b/meson.build
@@ -520,6 +520,26 @@ keyutils = dependency('libkeyutils', required: false,
 
 has_gettid = cc.has_function('gettid')
 
+# Malloc tests
+
+malloc = []
+if get_option('malloc') == 'system'
+  has_malloc_trim = \
+not get_option('malloc_trim').disabled() and \
+cc.links('''#include 
+int main(void) { malloc_trim(0); return 0; }''')
+else
+  has_malloc_trim = false
+  malloc = cc.find_library(get_option('malloc'), required: true)
+endif
+if not has_malloc_trim and get_option('malloc_trim').enabled()
+  if get_option('malloc') == 'system'
+error('malloc_trim not available on this platform.')
+  else
+error('malloc_trim not available with non-libc memory allocator')
+  endif
+endif
+
 # Create config-host.h
 
 config_host_data.set('CONFIG_LIBUDEV', libudev.found())
@@ -534,6 +554,7 @@ config_host_data.set('CONFIG_VNC_SASL', sasl.found())
 config_host_data.set('CONFIG_XKBCOMMON', xkbcommon.found())
 config_host_data.set('CONFIG_KEYUTILS', keyutils.found())
 config_host_data.set('CONFIG_GETTID', has_gettid)
+config_host_data.set('CONFIG_MALLOC_TRIM', has_malloc_trim)
 config_host_data.set('QEMU_VERSION',

[PULL 43/57] oslib-posix: default exec_dir to bindir

2020-09-19 Thread Paolo Bonzini 
If the exec_dir cannot be retrieved, just assume it's the installation
directory that was specified at configure time.  This makes it simpler
to reason about what the callers will do if they get back an empty
path.

Signed-off-by: Paolo Bonzini 
---
 meson.build|  2 +-
 util/oslib-posix.c | 23 ---
 util/oslib-win32.c |  4 +++-
 3 files changed, 12 insertions(+), 17 deletions(-)

diff --git a/meson.build b/meson.build
index d5ab4bde2b..1f8487eacf 100644
--- a/meson.build
+++ b/meson.build
@@ -566,7 +566,7 @@ config_host_data.set('QEMU_VERSION_MINOR', 
meson.project_version().split('.')[1]
 config_host_data.set('QEMU_VERSION_MICRO', 
meson.project_version().split('.')[2])
 
 arrays = ['CONFIG_AUDIO_DRIVERS', 'CONFIG_BDRV_RW_WHITELIST', 
'CONFIG_BDRV_RO_WHITELIST']
-strings = ['HOST_DSOSUF', 'CONFIG_IASL', 'qemu_confdir', 'qemu_datadir',
+strings = ['HOST_DSOSUF', 'CONFIG_IASL', 'bindir', 'qemu_confdir', 
'qemu_datadir',
'qemu_moddir', 'qemu_localstatedir', 'qemu_helperdir', 
'qemu_localedir',
'qemu_icondir', 'qemu_desktopdir', 'qemu_firmwarepath']
 foreach k, v: config_host
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index 0dd8d24076..ce44380f09 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -358,15 +358,14 @@ void qemu_set_tty_echo(int fd, bool echo)
 tcsetattr(fd, TCSANOW, );
 }
 
-static char exec_dir[PATH_MAX];
+static const char *exec_dir;
 
 void qemu_init_exec_dir(const char *argv0)
 {
-char *dir;
 char *p = NULL;
 char buf[PATH_MAX];
 
-if (exec_dir[0]) {
+if (exec_dir) {
 return;
 }
 
@@ -425,20 +424,14 @@ void qemu_init_exec_dir(const char *argv0)
 #endif
 /* If we don't have any way of figuring out the actual executable
location then try argv[0].  */
-if (!p) {
-if (!argv0) {
-return;
-}
+if (!p && argv0) {
 p = realpath(argv0, buf);
-if (!p) {
-return;
-}
 }
-dir = g_path_get_dirname(p);
-
-pstrcpy(exec_dir, sizeof(exec_dir), dir);
-
-g_free(dir);
+if (p) {
+exec_dir = g_path_get_dirname(p);
+} else {
+exec_dir = CONFIG_BINDIR;
+}
 }
 
 const char *qemu_get_exec_dir(void)
diff --git a/util/oslib-win32.c b/util/oslib-win32.c
index 1a33912944..051afb217b 100644
--- a/util/oslib-win32.c
+++ b/util/oslib-win32.c
@@ -315,7 +315,7 @@ void qemu_set_tty_echo(int fd, bool echo)
 }
 }
 
-static char *exec_dir;
+static const char *exec_dir;
 
 void qemu_init_exec_dir(const char *argv0)
 {
@@ -341,6 +341,8 @@ void qemu_init_exec_dir(const char *argv0)
 *p = 0;
 if (access(buf, R_OK) == 0) {
 exec_dir = g_strdup(buf);
+} else {
+exec_dir = CONFIG_BINDIR;
 }
 }
 
-- 
2.26.2

[PULL 50/57] qemu-bridge-helper: relocate path to default ACL

2020-09-19 Thread Paolo Bonzini 
Signed-off-by: Paolo Bonzini 
---
 qemu-bridge-helper.c | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index 88b26747fc..a26e1663f0 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -40,6 +40,7 @@
 #endif
 
 #include "qemu/queue.h"
+#include "qemu/cutils.h"
 
 #include "net/tap-linux.h"
 
@@ -245,6 +246,7 @@ int main(int argc, char **argv)
 ACLList acl_list;
 int access_allowed, access_denied;
 int ret = EXIT_SUCCESS;
+g_autofree char *acl_file = NULL;
 
 #ifdef CONFIG_LIBCAP_NG
 /* if we're run from an suid binary, immediately drop privileges preserving
@@ -257,6 +259,8 @@ int main(int argc, char **argv)
 }
 #endif
 
+qemu_init_exec_dir(argv[0]);
+
 /* parse arguments */
 for (index = 1; index < argc; index++) {
 if (strcmp(argv[index], "--use-vnet") == 0) {
@@ -282,9 +286,10 @@ int main(int argc, char **argv)
 
 /* parse default acl file */
 QSIMPLEQ_INIT(_list);
-if (parse_acl_file(DEFAULT_ACL_FILE, _list) == -1) {
+acl_file = get_relocated_path(DEFAULT_ACL_FILE);
+if (parse_acl_file(acl_file, _list) == -1) {
 fprintf(stderr, "failed to parse default acl file `%s'\n",
-DEFAULT_ACL_FILE);
+acl_file);
 ret = EXIT_FAILURE;
 goto cleanup;
 }
-- 
2.26.2

[PULL 26/57] hw/char/serial-{isa, pci}: Alias QDEV properties from generic serial object

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

Instead of overwritting the properties of the generic 'state'
object, alias them.
Note we can now propagate the "baudbase" property.

Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <20200907015535.827885-7-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/char/serial-isa.c | 4 ++--
 hw/char/serial-pci.c | 3 ++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/hw/char/serial-isa.c b/hw/char/serial-isa.c
index 7e1b36c3f6..c0607476c2 100644
--- a/hw/char/serial-isa.c
+++ b/hw/char/serial-isa.c
@@ -118,8 +118,6 @@ static Property serial_isa_properties[] = {
 DEFINE_PROP_UINT32("index",  ISASerialState, index,   -1),
 DEFINE_PROP_UINT32("iobase",  ISASerialState, iobase,  -1),
 DEFINE_PROP_UINT32("irq",ISASerialState, isairq,  -1),
-DEFINE_PROP_CHR("chardev",   ISASerialState, state.chr),
-DEFINE_PROP_BOOL("wakeup",   ISASerialState, state.wakeup, false),
 DEFINE_PROP_END_OF_LIST(),
 };
 
@@ -140,6 +138,8 @@ static void serial_isa_initfn(Object *o)
 ISASerialState *self = ISA_SERIAL(o);
 
 object_initialize_child(o, "serial", >state, TYPE_SERIAL);
+
+qdev_alias_all_properties(DEVICE(>state), o);
 }
 
 static const TypeInfo serial_isa_info = {
diff --git a/hw/char/serial-pci.c b/hw/char/serial-pci.c
index f68948154e..81da2783f9 100644
--- a/hw/char/serial-pci.c
+++ b/hw/char/serial-pci.c
@@ -84,7 +84,6 @@ static const VMStateDescription vmstate_pci_serial = {
 };
 
 static Property serial_pci_properties[] = {
-DEFINE_PROP_CHR("chardev",  PCISerialState, state.chr),
 DEFINE_PROP_UINT8("prog_if",  PCISerialState, prog_if, 0x02),
 DEFINE_PROP_END_OF_LIST(),
 };
@@ -109,6 +108,8 @@ static void serial_pci_init(Object *o)
 PCISerialState *ps = PCI_SERIAL(o);
 
 object_initialize_child(o, "serial", >state, TYPE_SERIAL);
+
+qdev_alias_all_properties(DEVICE(>state), o);
 }
 
 static const TypeInfo serial_pci_info = {
-- 
2.26.2

[PULL 24/57] hw/char/serial: Rename I/O read/write trace events

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

The serial_mm_read/write() handlers from the TYPE_SERIAL_MM device
call the serial_ioport_read/write() handlers with shifted offset.

When looking at the trace events from this MMIO device, it is
confusing to read the accesses as I/O. Simplify using generic
trace event names which make sense the various uses.

Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <20200907015535.827885-5-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/char/serial.c | 4 ++--
 hw/char/trace-events | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/char/serial.c b/hw/char/serial.c
index 26f7fa8a21..7b5ef872bd 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -333,7 +333,7 @@ static void serial_ioport_write(void *opaque, hwaddr addr, 
uint64_t val,
 SerialState *s = opaque;
 
 assert(size == 1 && addr < 8);
-trace_serial_ioport_write(addr, val);
+trace_serial_write(addr, val);
 switch(addr) {
 default:
 case 0:
@@ -550,7 +550,7 @@ static uint64_t serial_ioport_read(void *opaque, hwaddr 
addr, unsigned size)
 ret = s->scr;
 break;
 }
-trace_serial_ioport_read(addr, ret);
+trace_serial_read(addr, ret);
 return ret;
 }
 
diff --git a/hw/char/trace-events b/hw/char/trace-events
index 17304bef26..609df10fed 100644
--- a/hw/char/trace-events
+++ b/hw/char/trace-events
@@ -5,8 +5,8 @@ parallel_ioport_read(const char *desc, uint16_t addr, uint8_t 
value) "read [%s]
 parallel_ioport_write(const char *desc, uint16_t addr, uint8_t value) "write 
[%s] addr 0x%02x val 0x%02x"
 
 # serial.c
-serial_ioport_read(uint16_t addr, uint8_t value) "read addr 0x%02x val 0x%02x"
-serial_ioport_write(uint16_t addr, uint8_t value) "write addr 0x%02x val 
0x%02x"
+serial_read(uint16_t addr, uint8_t value) "read addr 0x%02x val 0x%02x"
+serial_write(uint16_t addr, uint8_t value) "write addr 0x%02x val 0x%02x"
 serial_update_parameters(uint64_t baudrate, char parity, int data_bits, int 
stop_bits) "baudrate=%"PRIu64" parity='%c' data=%d stop=%d"
 
 # virtio-serial-bus.c
-- 
2.26.2

[PULL 20/57] configure: rename QEMU_GA_MSI_ENABLED to CONFIG_QGA_MSI

2020-09-19 Thread Paolo Bonzini 
From: Stefan Hajnoczi 

The QEMU_GA_MSI_ENABLED config-host.mak variable is emitted by
./configure. meson.build actually checks for CONFIG_QGA_MSI_ENABLED:

  summary_info += {'QGA MSI support':   
config_host.has_key('CONFIG_QGA_MSI_ENABLED')}

Rename QEMU_GA_MSI_ENABLED to CONFIG_QGA_MSI for consistency with
CONFIG_QGA_VSS. Also use 'y' instead of 'yes' for consistency.

This fixes the feature summary printed by meson.build.

Signed-off-by: Stefan Hajnoczi 
Message-Id: <20200914095231.621068-4-stefa...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 Makefile| 2 +-
 configure   | 2 +-
 meson.build | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index 7c60b9dcb8..42d90cb597 100644
--- a/Makefile
+++ b/Makefile
@@ -285,7 +285,7 @@ endif
 ifdef CONFIG_WIN32
@echo  'Windows targets:'
$(call print-help,installer,Build NSIS-based installer for QEMU)
-ifdef QEMU_GA_MSI_ENABLED
+ifdef CONFIG_QGA_MSI
$(call print-help,msi,Build MSI-based installer for qemu-ga)
 endif
@echo  ''
diff --git a/configure b/configure
index 7662b3bf6f..6201e7c732 100755
--- a/configure
+++ b/configure
@@ -6572,7 +6572,7 @@ if test "$mingw32" = "yes" ; then
 echo "CONFIG_QGA_NTDDSCSI=y" >> $config_host_mak
   fi
   if test "$guest_agent_msi" = "yes"; then
-echo "QEMU_GA_MSI_ENABLED=yes" >> $config_host_mak
+echo "CONFIG_QGA_MSI=y" >> $config_host_mak
 echo "QEMU_GA_MSI_MINGW_DLL_PATH=${QEMU_GA_MSI_MINGW_DLL_PATH}" >> 
$config_host_mak
 echo "QEMU_GA_MSI_WITH_VSS=${QEMU_GA_MSI_WITH_VSS}" >> $config_host_mak
 echo "QEMU_GA_MSI_ARCH=${QEMU_GA_MSI_ARCH}" >> $config_host_mak
diff --git a/meson.build b/meson.build
index 8bf696558f..5ab9a4dd1e 100644
--- a/meson.build
+++ b/meson.build
@@ -1488,7 +1488,7 @@ if targetos == 'windows'
   endif
   summary_info += {'QGA VSS support':   config_host.has_key('CONFIG_QGA_VSS')}
   summary_info += {'QGA w32 disk info': 
config_host.has_key('CONFIG_QGA_NTDDSCSI')}
-  summary_info += {'QGA MSI support':   
config_host.has_key('CONFIG_QGA_MSI_ENABLED')}
+  summary_info += {'QGA MSI support':   config_host.has_key('CONFIG_QGA_MSI')}
 endif
 summary_info += {'seccomp support':   config_host.has_key('CONFIG_SECCOMP')}
 summary_info += {'coroutine backend': config_host['CONFIG_COROUTINE_BACKEND']}
-- 
2.26.2

[PULL 53/57] configure: use a platform-neutral prefix

2020-09-19 Thread Paolo Bonzini 
Now that the installation is relocatable, there is no need to compile a
Windows-format prefix into Win32 binaries.  Instead, the prefix will
only be used to compute installation-relative paths, and it can be
any string.

Drop the "Program Files" path completely: it is only usable on English
versions of Windows; therefore, using the NSIS installer to get the
"correct" path to the Program Files folder is recommended, and NSIS
works just as well with any prefix.

Signed-off-by: Paolo Bonzini 
---
 configure | 30 +++---
 1 file changed, 11 insertions(+), 19 deletions(-)

diff --git a/configure b/configure
index 0e65d4493d..560c8d4d3d 100755
--- a/configure
+++ b/configure
@@ -962,7 +962,7 @@ if test "$mingw32" = "yes" ; then
   # MinGW needs -mthreads for TLS and macro _MT.
   CFLAGS="-mthreads $CFLAGS"
   write_c_skeleton;
-  prefix="c:/Program Files/QEMU"
+  prefix="/qemu"
   qemu_suffix=""
   libs_qga="-lws2_32 -lwinmm -lpowrprof -lwtsapi32 -lwininet -liphlpapi 
-lnetapi32 $libs_qga"
 fi
@@ -7799,17 +7799,9 @@ echo "strip = $(meson_quote $strip)" >> $cross
 echo "windres = $(meson_quote $windres)" >> $cross
 if test -n "$cross_prefix"; then
 cross_arg="--cross-file config-meson.cross"
-# Hack: Meson expects an absolute path for the *build* machine
-# for the prefix, so add a slash in front of a Windows path that
-# includes a drive letter.
-#
-# See https://github.com/mesonbuild/meson/issues/7577.
 echo "[host_machine]" >> $cross
 if test "$mingw32" = "yes" ; then
 echo "system = 'windows'" >> $cross
-case $prefix in
-?:*) pre_prefix=/ ;;
-esac
 fi
 if test "$linux" = "yes" ; then
 echo "system = 'linux'" >> $cross
@@ -7838,16 +7830,16 @@ mv $cross config-meson.cross
 
 rm -rf meson-private meson-info meson-logs
 NINJA=${ninja:-$PWD/ninjatool} $meson setup \
---prefix "${pre_prefix}$prefix" \
---libdir "${pre_prefix}$libdir" \
---libexecdir "${pre_prefix}$libexecdir" \
---bindir "${pre_prefix}$bindir" \
---includedir "${pre_prefix}$includedir" \
---datadir "${pre_prefix}$datadir" \
---mandir "${pre_prefix}$mandir" \
---sysconfdir "${pre_prefix}$sysconfdir" \
---localstatedir "${pre_prefix}$local_statedir" \
--Ddocdir="${pre_prefix}$docdir" \
+--prefix "$prefix" \
+--libdir "$libdir" \
+--libexecdir "$libexecdir" \
+--bindir "$bindir" \
+--includedir "$includedir" \
+--datadir "$datadir" \
+--mandir "$mandir" \
+--sysconfdir "$sysconfdir" \
+--localstatedir "$local_statedir" \
+-Ddocdir="$docdir" \
 -Dqemu_suffix="$qemu_suffix" \
 -Doptimization=$(if test "$debug" = yes; then echo 0; else echo 2; fi) 
\
 -Ddebug=$(if test "$debug_info" = yes; then echo true; else echo 
false; fi) \
-- 
2.26.2

[PULL 45/57] oslib-posix: relocate path to /var

2020-09-19 Thread Paolo Bonzini 
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 util/oslib-posix.c | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index ce44380f09..7e21b2f10c 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -339,8 +339,10 @@ int qemu_pipe(int pipefd[2])
 char *
 qemu_get_local_state_pathname(const char *relative_pathname)
 {
-return g_strdup_printf("%s/%s", CONFIG_QEMU_LOCALSTATEDIR,
-   relative_pathname);
+g_autofree char *dir = g_strdup_printf("%s/%s",
+   CONFIG_QEMU_LOCALSTATEDIR,
+   relative_pathname);
+return get_relocated_path(dir);
 }
 
 void qemu_set_tty_echo(int fd, bool echo)
-- 
2.26.2

[PULL 25/57] hw/char/serial: Make 'wakeup' property boolean

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

Make the "wakeup" property introduced in commit 9826fd597df
("suspend: make serial ports wakeup the guest") a boolean.

As we want to reuse the generic serial properties in the
ISA model (next commit), expose this property.

Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <20200907015535.827885-6-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/char/serial-isa.c | 2 +-
 hw/char/serial.c | 1 +
 include/hw/char/serial.h | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/hw/char/serial-isa.c b/hw/char/serial-isa.c
index d4aad81a85..7e1b36c3f6 100644
--- a/hw/char/serial-isa.c
+++ b/hw/char/serial-isa.c
@@ -119,7 +119,7 @@ static Property serial_isa_properties[] = {
 DEFINE_PROP_UINT32("iobase",  ISASerialState, iobase,  -1),
 DEFINE_PROP_UINT32("irq",ISASerialState, isairq,  -1),
 DEFINE_PROP_CHR("chardev",   ISASerialState, state.chr),
-DEFINE_PROP_UINT32("wakeup", ISASerialState, state.wakeup, 0),
+DEFINE_PROP_BOOL("wakeup",   ISASerialState, state.wakeup, false),
 DEFINE_PROP_END_OF_LIST(),
 };
 
diff --git a/hw/char/serial.c b/hw/char/serial.c
index 7b5ef872bd..4386adabd4 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -975,6 +975,7 @@ const MemoryRegionOps serial_io_ops = {
 static Property serial_properties[] = {
 DEFINE_PROP_CHR("chardev", SerialState, chr),
 DEFINE_PROP_UINT32("baudbase", SerialState, baudbase, 115200),
+DEFINE_PROP_BOOL("wakeup", SerialState, wakeup, false),
 DEFINE_PROP_END_OF_LIST(),
 };
 
diff --git a/include/hw/char/serial.h b/include/hw/char/serial.h
index 51397a8a18..83fa08e4e7 100644
--- a/include/hw/char/serial.h
+++ b/include/hw/char/serial.h
@@ -61,7 +61,7 @@ struct SerialState {
 uint32_t baudbase;
 uint32_t tsr_retry;
 guint watch_tag;
-uint32_t wakeup;
+bool wakeup;
 
 /* Time when the last byte was successfully sent out of the tsr */
 uint64_t last_xmit_ts;
-- 
2.26.2

[PULL 18/57] hw/mips/mipssim: Use MMIO serial device on fake ISA I/O

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

The 'mipssim' is not a real hardware, it is a simulator.

There is an ISA MMIO space mapped at 0x1fd0, however
this is not a real ISA bus (no ISA IRQ). So can not use
the TYPE_ISA_SERIAL device...
Instead we have been using a plain MMIO device, but named
it IO.

TYPE_SERIAL_IO is a subset of TYPE_SERIAL_MM, using
regshift=0 and endianness=DEVICE_LITTLE_ENDIAN.

Directly use the TYPE_SERIAL_MM device, enforcing the
regshift/endianness values. 'regshift' default is already
'0'. 'endianness' is meaningless for 8-bit accesses.

This change breaks migration back compatibility, but
this is not an issue for the mipssim machine.

Suggested-by: Peter Maydell 
Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <20200907011538.818996-2-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 hw/mips/mipssim.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/hw/mips/mipssim.c b/hw/mips/mipssim.c
index 1b3b762203..5d4ad74828 100644
--- a/hw/mips/mipssim.c
+++ b/hw/mips/mipssim.c
@@ -216,10 +216,11 @@ mips_mipssim_init(MachineState *machine)
  * MIPS CPU INT2, which is interrupt 4.
  */
 if (serial_hd(0)) {
-DeviceState *dev = qdev_new(TYPE_SERIAL_IO);
+DeviceState *dev = qdev_new(TYPE_SERIAL_MM);
 
 qdev_prop_set_chr(dev, "chardev", serial_hd(0));
-qdev_set_legacy_instance_id(dev, 0x3f8, 2);
+qdev_prop_set_uint8(dev, "regshift", 0);
+qdev_prop_set_uint8(dev, "endianness", DEVICE_LITTLE_ENDIAN);
 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), _fatal);
 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, env->irq[4]);
 sysbus_add_io(SYS_BUS_DEVICE(dev), 0x3f8,
-- 
2.26.2

[PULL 40/57] meson: report accelerator support

2020-09-19 Thread Paolo Bonzini 
Note that the "real" support is reported.  A configuration like
--disable-system --enable-kvm will report "no" for "KVM support" because
no KVM-supported target is being compiled.

Reported-by: Andrew Jones 
Signed-off-by: Paolo Bonzini 
---
 meson.build | 35 ---
 1 file changed, 24 insertions(+), 11 deletions(-)

diff --git a/meson.build b/meson.build
index f5c9c04e40..d5ab4bde2b 100644
--- a/meson.build
+++ b/meson.build
@@ -589,6 +589,7 @@ endforeach
 genh += configure_file(output: 'config-host.h', configuration: 
config_host_data)
 
 minikconf = find_program('scripts/minikconf.py')
+config_all = {}
 config_all_devices = {}
 config_all_disas = {}
 config_devices_mak_list = []
@@ -644,6 +645,14 @@ kconfig_external_symbols = [
 ]
 ignored = ['TARGET_XML_FILES', 'TARGET_ABI_DIR', 'TARGET_DIRS']
 
+accel_symbols = [
+  'CONFIG_KVM',
+  'CONFIG_HAX',
+  'CONFIG_HVF',
+  'CONFIG_TCG',
+  'CONFIG_WHPX'
+]
+
 foreach target : target_dirs
   config_target = keyval.load(meson.current_build_dir() / target / 
'config-target.mak')
 
@@ -672,6 +681,11 @@ foreach target : target_dirs
   config_target_data.set(k, v)
 endif
   endforeach
+  foreach sym: accel_symbols
+if config_target.has_key(sym)
+  config_all += { sym: 'y' }
+endif
+  endforeach
   config_target_h += {target: configure_file(output: target + 
'-config-target.h',
configuration: 
config_target_data)}
 
@@ -716,7 +730,7 @@ endforeach
 # targets that are not built for this compilation.  The CONFIG_ALL
 # pseudo symbol replaces it.
 
-config_all = config_all_devices
+config_all += config_all_devices
 config_all += config_host
 config_all += config_all_disas
 config_all += {
@@ -1543,16 +1557,15 @@ summary_info += {'Linux AIO support': 
config_host.has_key('CONFIG_LINUX_AIO')}
 summary_info += {'Linux io_uring support': 
config_host.has_key('CONFIG_LINUX_IO_URING')}
 summary_info += {'ATTR/XATTR support': config_host.has_key('CONFIG_ATTR')}
 summary_info += {'Install blobs': config_host.has_key('INSTALL_BLOBS')}
-# TODO: add back KVM/HAX/HVF/WHPX/TCG
-#summary_info += {'KVM support':   have_kvm'}
-#summary_info += {'HAX support':   have_hax'}
-#summary_info += {'HVF support':   have_hvf'}
-#summary_info += {'WHPX support':  have_whpx'}
-#summary_info += {'TCG support':   have_tcg'}
-#if get_option('tcg')
-#  summary_info += {'TCG debug enabled': 
config_host.has_key('CONFIG_DEBUG_TCG')}
-#  summary_info += {'TCG interpreter':   
config_host.has_key('CONFIG_TCG_INTERPRETER')}
-#endif
+summary_info += {'KVM support':   config_all.has_key('CONFIG_KVM')}
+summary_info += {'HAX support':   config_all.has_key('CONFIG_HAX')}
+summary_info += {'HVF support':   config_all.has_key('CONFIG_HVF')}
+summary_info += {'WHPX support':  config_all.has_key('CONFIG_WHPX')}
+summary_info += {'TCG support':   config_all.has_key('CONFIG_TCG')}
+if config_all.has_key('CONFIG_TCG')
+  summary_info += {'TCG debug enabled': 
config_host.has_key('CONFIG_DEBUG_TCG')}
+  summary_info += {'TCG interpreter':   
config_host.has_key('CONFIG_TCG_INTERPRETER')}
+endif
 summary_info += {'malloc trim support': has_malloc_trim}
 summary_info += {'RDMA support':  config_host.has_key('CONFIG_RDMA')}
 summary_info += {'PVRDMA support':config_host.has_key('CONFIG_PVRDMA')}
-- 
2.26.2

[PULL 39/57] mtest2make: add support for introspected test dependencies

2020-09-19 Thread Paolo Bonzini 
Right now all "make check" targets depend blindly on "all".  If Meson
is 0.56.0 or newer, we can use the correct dependencies using the new
"depends" entry in "meson introspect --tests".

Signed-off-by: Paolo Bonzini 
---
 Makefile  |  2 +-
 scripts/mtest2make.py | 19 +++
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/Makefile b/Makefile
index 42d90cb597..897246d77c 100644
--- a/Makefile
+++ b/Makefile
@@ -78,7 +78,7 @@ ${ninja-targets-c_COMPILER} ${ninja-targets-cpp_COMPILER}: 
.var.command += -MP
 # reread (and MESON won't be empty anymore).
 ifneq ($(MESON),)
 Makefile.mtest: build.ninja scripts/mtest2make.py
-   $(MESON) introspect --tests --benchmarks | $(PYTHON) 
scripts/mtest2make.py > $@
+   $(MESON) introspect --targets --tests --benchmarks | $(PYTHON) 
scripts/mtest2make.py > $@
 -include Makefile.mtest
 endif
 
diff --git a/scripts/mtest2make.py b/scripts/mtest2make.py
index 9cbb2e374d..c3489a4605 100644
--- a/scripts/mtest2make.py
+++ b/scripts/mtest2make.py
@@ -5,6 +5,7 @@
 # Author: Paolo Bonzini 
 
 from collections import defaultdict
+import itertools
 import json
 import os
 import shlex
@@ -36,7 +37,7 @@ SPEED = quick
 introspect = json.load(sys.stdin)
 i = 0
 
-def process_tests(test, suites):
+def process_tests(test, targets, suites):
 global i
 env = ' '.join(('%s=%s' % (shlex.quote(k), shlex.quote(v))
 for k, v in test['env'].items()))
@@ -58,12 +59,19 @@ def process_tests(test, suites):
 i += 1
 if test['workdir'] is not None:
 print('.test.dir.%d := %s' % (i, shlex.quote(test['workdir'])))
+
+if 'depends' in test:
+deps = (targets.get(x, []) for x in test['depends'])
+deps = itertools.chain.from_iterable(deps)
+else:
+deps = ['all']
+
 print('.test.name.%d := %s' % (i, test['name']))
 print('.test.driver.%d := %s' % (i, driver))
 print('.test.env.%d := $(.test.env) %s' % (i, env))
 print('.test.cmd.%d := %s' % (i, cmd))
 print('.PHONY: run-test-%d' % (i,))
-print('run-test-%d: all' % (i,))
+print('run-test-%d: %s' % (i, ' '.join(deps)))
 print('\t@$(call .test.run,%d,$(.test.output-format))' % (i,))
 
 test_suites = test['suite'] or ['default']
@@ -102,16 +110,19 @@ def emit_suite(name, suite, prefix):
 print('.tests += $(.test.$(SPEED).%s)' % (target, ))
 print('endif')
 
+targets = {t['id']: [os.path.relpath(f) for f in t['filename']]
+   for t in introspect['targets']}
+
 testsuites = defaultdict(Suite)
 for test in introspect['tests']:
-process_tests(test, testsuites)
+process_tests(test, targets, testsuites)
 emit_prolog(testsuites, 'check')
 for name, suite in testsuites.items():
 emit_suite(name, suite, 'check')
 
 benchsuites = defaultdict(Suite)
 for test in introspect['benchmarks']:
-process_tests(test, benchsuites)
+process_tests(test, targets, benchsuites)
 emit_prolog(benchsuites, 'bench')
 for name, suite in benchsuites.items():
 emit_suite(name, suite, 'bench')
-- 
2.26.2

[PULL 23/57] hw/char/serial: Remove old DEBUG_SERIAL commented code

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

All useful DPRINTF() calls have been converted to trace
events.  Remove a pointless one in the IOEventHandler,
and drop the DEBUG_SERIAL ifdef'ry.

Reviewed-by: Richard Henderson 
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20200907015535.827885-4-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/char/serial.c | 11 ---
 1 file changed, 11 deletions(-)

diff --git a/hw/char/serial.c b/hw/char/serial.c
index e8029f840a..26f7fa8a21 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -36,8 +36,6 @@
 #include "trace.h"
 #include "hw/qdev-properties.h"
 
-//#define DEBUG_SERIAL
-
 #define UART_LCR_DLAB  0x80/* Divisor latch access bit */
 
 #define UART_IER_MSI   0x08/* Enable Modem status interrupt */
@@ -102,14 +100,6 @@
 
 #define MAX_XMIT_RETRY  4
 
-#ifdef DEBUG_SERIAL
-#define DPRINTF(fmt, ...) \
-do { fprintf(stderr, "serial: " fmt , ## __VA_ARGS__); } while (0)
-#else
-#define DPRINTF(fmt, ...) \
-do {} while (0)
-#endif
-
 static void serial_receive1(void *opaque, const uint8_t *buf, int size);
 static void serial_xmit(SerialState *s);
 
@@ -636,7 +626,6 @@ static void serial_receive1(void *opaque, const uint8_t 
*buf, int size)
 static void serial_event(void *opaque, QEMUChrEvent event)
 {
 SerialState *s = opaque;
-DPRINTF("event %x\n", event);
 if (event == CHR_EVENT_BREAK)
 serial_receive_break(s);
 }
-- 
2.26.2

[PULL 22/57] hw/char/serial: Replace commented DPRINTF() by trace event

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

Convert the old debug PRINTF() call to display the UART
baudrate to a trace event.

Reviewed-by: Richard Henderson 
Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20200907015535.827885-3-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/char/serial.c | 4 +---
 hw/char/trace-events | 1 +
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/char/serial.c b/hw/char/serial.c
index 840da89de7..e8029f840a 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -187,9 +187,7 @@ static void serial_update_parameters(SerialState *s)
 ssp.stop_bits = stop_bits;
 s->char_transmit_time =  (NANOSECONDS_PER_SECOND / speed) * frame_size;
 qemu_chr_fe_ioctl(>chr, CHR_IOCTL_SERIAL_SET_PARAMS, );
-
-DPRINTF("speed=%.2f parity=%c data=%d stop=%d\n",
-   speed, parity, data_bits, stop_bits);
+trace_serial_update_parameters(speed, parity, data_bits, stop_bits);
 }
 
 static void serial_update_msl(SerialState *s)
diff --git a/hw/char/trace-events b/hw/char/trace-events
index 2442a9f7d5..17304bef26 100644
--- a/hw/char/trace-events
+++ b/hw/char/trace-events
@@ -7,6 +7,7 @@ parallel_ioport_write(const char *desc, uint16_t addr, uint8_t 
value) "write [%s
 # serial.c
 serial_ioport_read(uint16_t addr, uint8_t value) "read addr 0x%02x val 0x%02x"
 serial_ioport_write(uint16_t addr, uint8_t value) "write addr 0x%02x val 
0x%02x"
+serial_update_parameters(uint64_t baudrate, char parity, int data_bits, int 
stop_bits) "baudrate=%"PRIu64" parity='%c' data=%d stop=%d"
 
 # virtio-serial-bus.c
 virtio_serial_send_control_event(unsigned int port, uint16_t event, uint16_t 
value) "port %u, event %u, value %u"
-- 
2.26.2

[PULL 35/57] configure: fix --meson=/path/to/meson

2020-09-19 Thread Paolo Bonzini 
Due to a cut-and-paste error, the path to a user-specified meson
was ignored and replaced by whatever was in the path.

Reviewed-by: Richard Henderson 
Signed-off-by: Paolo Bonzini 
---
 configure | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure b/configure
index d4298436ac..f4499f52a4 100755
--- a/configure
+++ b/configure
@@ -2011,7 +2011,7 @@ case "$meson" in
 fi
 meson="$python ${source_path}/meson/meson.py"
 ;;
-*) meson=$(command -v meson) ;;
+*) meson=$(command -v "$meson") ;;
 esac
 
 # Probe for ninja (used for compdb)
-- 
2.26.2

[PULL 28/57] hw: megasas: return -1 when 'megasas_map_sgl' fails

2020-09-19 Thread Paolo Bonzini 
From: Li Qiang 

The caller of 'megasas_map_sgl' will only check if the return
is zero or not. If it return 0 it means success, as in the next
patch we will consider 'iov_count=0' is an error, so let's
return -1 to indicate a failure.

Signed-off-by: Li Qiang 
Message-Id: <20200815141940.44025-2-liq...@163.com>
Signed-off-by: Paolo Bonzini 
---
 hw/scsi/megasas.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index e90c00823a..4cc709d2c6 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -280,7 +280,7 @@ static int megasas_map_sgl(MegasasState *s, MegasasCmd 
*cmd, union mfi_sgl *sgl)
 if (iov_count > MEGASAS_MAX_SGE) {
 trace_megasas_iovec_sgl_overflow(cmd->index, iov_count,
  MEGASAS_MAX_SGE);
-return iov_count;
+return -1;
 }
 pci_dma_sglist_init(>qsg, PCI_DEVICE(s), iov_count);
 for (i = 0; i < iov_count; i++) {
@@ -310,7 +310,7 @@ static int megasas_map_sgl(MegasasState *s, MegasasCmd 
*cmd, union mfi_sgl *sgl)
 return 0;
 unmap:
 qemu_sglist_destroy(>qsg);
-return iov_count - i;
+return -1;
 }
 
 /*
-- 
2.26.2

[PULL 15/57] numa: drop support for '-numa node' (without memory specified)

2020-09-19 Thread Paolo Bonzini 
From: Igor Mammedov 

it was deprecated since 4.1
commit 4bb4a2732e (numa: deprecate implict memory distribution between nodes)

Users of existing VMs, wishing to preserve the same RAM distribution,
should configure it explicitly using ``-numa node,memdev`` options.
Current RAM distribution can be retrieved using HMP command
`info numa` and if separate memory devices (pc|nv-dimm) are present
use `info memory-device` and subtract device memory from output of
`info numa`.

Signed-off-by: Igor Mammedov 
Message-Id: <20200911084410.788171-2-imamm...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 docs/system/deprecated.rst | 23 +---
 hw/core/machine.c  |  1 -
 hw/core/numa.c | 55 --
 hw/i386/pc_piix.c  |  1 -
 hw/i386/pc_q35.c   |  1 -
 hw/ppc/spapr.c |  1 -
 include/hw/boards.h|  2 --
 include/sysemu/numa.h  |  4 ---
 8 files changed, 14 insertions(+), 74 deletions(-)

diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
index 0cb8b01424..bb59061c1b 100644
--- a/docs/system/deprecated.rst
+++ b/docs/system/deprecated.rst
@@ -104,15 +104,6 @@ error in the future.
 The ``-realtime mlock=on|off`` argument has been replaced by the
 ``-overcommit mem-lock=on|off`` argument.
 
-``-numa`` node (without memory specified) (since 4.1)
-'
-
-Splitting RAM by default between NUMA nodes has the same issues as ``mem``
-parameter described above with the difference that the role of the user plays
-QEMU using implicit generic or board specific splitting rule.
-Use ``memdev`` with *memory-backend-ram* backend or ``mem`` (if
-it's supported by used machine type) to define mapping explictly instead.
-
 ``-mem-path`` fallback to RAM (since 4.1)
 '
 
@@ -625,6 +616,20 @@ error when ``-u`` is not used.
 Command line options
 
 
+``-numa`` node (without memory specified) (removed 5.2)
+'''
+
+Splitting RAM by default between NUMA nodes had the same issues as ``mem``
+parameter with the difference that the role of the user plays QEMU using
+implicit generic or board specific splitting rule.
+Use ``memdev`` with *memory-backend-ram* backend or ``mem`` (if
+it's supported by used machine type) to define mapping explictly instead.
+Users of existing VMs, wishing to preserve the same RAM distribution, should
+configure it explicitly using ``-numa node,memdev`` options. Current RAM
+distribution can be retrieved using HMP command ``info numa`` and if separate
+memory devices (pc|nv-dimm) are present use ``info memory-device`` and subtract
+device memory from output of ``info numa``.
+
 ``-numa node,mem=``\ *size* (removed in 5.1)
 
 
diff --git a/hw/core/machine.c b/hw/core/machine.c
index ea26d61237..f70d388e86 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -797,7 +797,6 @@ static void machine_class_init(ObjectClass *oc, void *data)
  * On Linux, each node's border has to be 8MB aligned
  */
 mc->numa_mem_align_shift = 23;
-mc->numa_auto_assign_ram = numa_default_auto_assign_ram;
 
 object_class_property_add_str(oc, "kernel",
 machine_get_kernel, machine_set_kernel);
diff --git a/hw/core/numa.c b/hw/core/numa.c
index f9593ec716..706c1e84c6 100644
--- a/hw/core/numa.c
+++ b/hw/core/numa.c
@@ -611,42 +611,6 @@ static void complete_init_numa_distance(MachineState *ms)
 }
 }
 
-void numa_legacy_auto_assign_ram(MachineClass *mc, NodeInfo *nodes,
- int nb_nodes, ram_addr_t size)
-{
-int i;
-uint64_t usedmem = 0;
-
-/* Align each node according to the alignment
- * requirements of the machine class
- */
-
-for (i = 0; i < nb_nodes - 1; i++) {
-nodes[i].node_mem = (size / nb_nodes) &
-~((1 << mc->numa_mem_align_shift) - 1);
-usedmem += nodes[i].node_mem;
-}
-nodes[i].node_mem = size - usedmem;
-}
-
-void numa_default_auto_assign_ram(MachineClass *mc, NodeInfo *nodes,
-  int nb_nodes, ram_addr_t size)
-{
-int i;
-uint64_t usedmem = 0, node_mem;
-uint64_t granularity = size / nb_nodes;
-uint64_t propagate = 0;
-
-for (i = 0; i < nb_nodes - 1; i++) {
-node_mem = (granularity + propagate) &
-   ~((1 << mc->numa_mem_align_shift) - 1);
-propagate = granularity + propagate - node_mem;
-nodes[i].node_mem = node_mem;
-usedmem += node_mem;
-}
-nodes[i].node_mem = size - usedmem;
-}
-
 static void numa_init_memdev_container(MachineState *ms, MemoryRegion *ram)
 {
 int i;
@@ -717,25 +681,6 @@ void numa_complete_configuration(MachineState *ms)
 ms->numa_state->num_nodes = MAX_NODES;
 }
 
-/* If no memory size is given for any node, assume the

[PULL 17/57] numa: remove fixup numa_state->num_nodes to MAX_NODES

2020-09-19 Thread Paolo Bonzini 
From: Igor Mammedov 

current code permits only nodeids in [0..MAX_NODES) range
due to nodeid check in

  parse_numa_node()
  if (nodenr >= MAX_NODES) {
  error_setg(errp, "Max number of NUMA nodes reached: %"

so subj fixup is not reachable, drop it.

Signed-off-by: Igor Mammedov 
Message-Id: <20200911084410.788171-4-imamm...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 hw/core/numa.c | 4 
 1 file changed, 4 deletions(-)

diff --git a/hw/core/numa.c b/hw/core/numa.c
index 706c1e84c6..7d5d413001 100644
--- a/hw/core/numa.c
+++ b/hw/core/numa.c
@@ -677,10 +677,6 @@ void numa_complete_configuration(MachineState *ms)
 if (ms->numa_state->num_nodes > 0) {
 uint64_t numa_total;
 
-if (ms->numa_state->num_nodes > MAX_NODES) {
-ms->numa_state->num_nodes = MAX_NODES;
-}
-
 numa_total = 0;
 for (i = 0; i < ms->numa_state->num_nodes; i++) {
 numa_total += numa_info[i].node_mem;
-- 
2.26.2

[PULL 27/57] scsi-generic: Fix HM-zoned device scan

2020-09-19 Thread Paolo Bonzini 
From: Dmitry Fomichev 

Several important steps during device scan depend on SCSI type of the
device. For example, max_transfer property is only determined and
assigned if the device has the type of TYPE_DISK.

Host-managed ZBC disks retain most of the properties of regular SCSI
drives, but they have their own SCSI device type, 0x14. This prevents
the proper assignment of max_transfer property for HM-zoned devices in
scsi-generic driver leading to I/O errors if the maximum i/o size
calculated at the guest exceeds the host value.

To fix this, define TYPE_ZBC to have the standard value from SCSI ZBC
standard spec. Several scan steps that were previously done only for
TYPE_DISK devices, are now performed for the SCSI devices having
TYPE_ZBC too.

Reported-by: Johannes Thumshirn 
Signed-off-by: Dmitry Fomichev 
Message-Id: <20200811225122.17342-3-dmitry.fomic...@wdc.com>
Signed-off-by: Paolo Bonzini 
---
 hw/scsi/scsi-generic.c   | 10 ++
 include/scsi/constants.h |  1 +
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c
index 86ed0a3822..2cb23ca891 100644
--- a/hw/scsi/scsi-generic.c
+++ b/hw/scsi/scsi-generic.c
@@ -162,7 +162,8 @@ static void scsi_handle_inquiry_reply(SCSIGenericReq *r, 
SCSIDevice *s)
 }
 }
 
-if (s->type == TYPE_DISK && (r->req.cmd.buf[1] & 0x01)) {
+if ((s->type == TYPE_DISK || s->type == TYPE_ZBC) &&
+(r->req.cmd.buf[1] & 0x01)) {
 page = r->req.cmd.buf[2];
 if (page == 0xb0) {
 uint32_t max_transfer =
@@ -299,10 +300,11 @@ static void scsi_read_complete(void * opaque, int ret)
 }
 blk_set_guest_block_size(s->conf.blk, s->blocksize);
 
-/* Patch MODE SENSE device specific parameters if the BDS is opened
+/*
+ * Patch MODE SENSE device specific parameters if the BDS is opened
  * readonly.
  */
-if ((s->type == TYPE_DISK || s->type == TYPE_TAPE) &&
+if ((s->type == TYPE_DISK || s->type == TYPE_TAPE || s->type == TYPE_ZBC) 
&&
 blk_is_read_only(s->conf.blk) &&
 (r->req.cmd.buf[0] == MODE_SENSE ||
  r->req.cmd.buf[0] == MODE_SENSE_10) &&
@@ -617,7 +619,7 @@ static void 
scsi_generic_read_device_identification(SCSIDevice *s)
 void scsi_generic_read_device_inquiry(SCSIDevice *s)
 {
 scsi_generic_read_device_identification(s);
-if (s->type == TYPE_DISK) {
+if (s->type == TYPE_DISK || s->type == TYPE_ZBC) {
 scsi_generic_set_vpd_bl_emulation(s);
 } else {
 s->needs_vpd_bl_emulation = false;
diff --git a/include/scsi/constants.h b/include/scsi/constants.h
index 874176019e..2a32c08b5e 100644
--- a/include/scsi/constants.h
+++ b/include/scsi/constants.h
@@ -218,6 +218,7 @@
 #define TYPE_ENCLOSURE  0x0d/* Enclosure Services Device */
 #define TYPE_RBC0x0e/* Simplified Direct-Access Device */
 #define TYPE_OSD0x11/* Object-storage Device */
+#define TYPE_ZBC0x14/* Host-managed Zoned SCSI Device */
 #define TYPE_WLUN   0x1e/* Well known LUN */
 #define TYPE_NOT_PRESENT0x1f
 #define TYPE_INACTIVE   0x20
-- 
2.26.2

[PULL 08/57] configure: Do not intent to build WHPX on 32-bit host

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

Hyper-V is available on 64-bit versions of Windows,
do not try to build its support on 32-bit versions.

Signed-off-by: Philippe Mathieu-Daudé 
Message-Id: <20200910054516.405777-1-f4...@amsat.org>
Reviewed-by: Stefan Weil 
Signed-off-by: Paolo Bonzini 
---
 configure | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/configure b/configure
index ce27eafb0a..7662b3bf6f 100755
--- a/configure
+++ b/configure
@@ -2981,7 +2981,10 @@ fi
 
 ##
 # Windows Hypervisor Platform accelerator (WHPX) check
-if test "$whpx" != "no" ; then
+if test "$whpx" = "yes" && test "$ARCH" != "x86_64"; then
+  error_exit "WHPX requires 64-bit host"
+fi
+if test "$whpx" != "no" && test "$ARCH" = "x86_64"; then
 if check_include "WinHvPlatform.h" && check_include "WinHvEmulation.h"; 
then
 whpx="yes"
 else
-- 
2.26.2

[PULL 21/57] hw/char/serial: Assert serial_ioport_read/write offset fits 8 bytes

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

The serial device has 8 registers, each 8-bit. The MemoryRegionOps
'serial_io_ops' is initialized with max_access_size=1, and all
memory_region_init_io() callers correctly set the region size to
8 bytes:
- serial_io_realize
- serial_isa_realizefn
- serial_pci_realize
- multi_serial_pci_realize

It is safe to assert the offset argument of serial_ioport_read()
and serial_ioport_write() is always less than 8.

Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <20200907015535.827885-2-f4...@amsat.org>
Signed-off-by: Paolo Bonzini 
---
 hw/char/serial.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/char/serial.c b/hw/char/serial.c
index fd80ae5592..840da89de7 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -344,7 +344,7 @@ static void serial_ioport_write(void *opaque, hwaddr addr, 
uint64_t val,
 {
 SerialState *s = opaque;
 
-addr &= 7;
+assert(size == 1 && addr < 8);
 trace_serial_ioport_write(addr, val);
 switch(addr) {
 default:
@@ -485,7 +485,7 @@ static uint64_t serial_ioport_read(void *opaque, hwaddr 
addr, unsigned size)
 SerialState *s = opaque;
 uint32_t ret;
 
-addr &= 7;
+assert(size == 1 && addr < 8);
 switch(addr) {
 default:
 case 0:
-- 
2.26.2

[PULL 19/57] hw/char/serial: Remove TYPE_SERIAL_IO

2020-09-19 Thread Paolo Bonzini 
From: Philippe Mathieu-Daudé 

TYPE_SERIAL_IO is a subset of TYPE_SERIAL_MM, and it is
not used anymore. Remove it.

Suggested-by: Paolo Bonzini 
Suggested-by: Peter Maydell 
Signed-off-by: Philippe Mathieu-Daudé 
Reviewed-by: Richard Henderson 
Message-Id: <20200907011538.818996-3-phi...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 hw/char/serial.c | 41 
 include/hw/char/serial.h | 11 ---
 2 files changed, 52 deletions(-)

diff --git a/hw/char/serial.c b/hw/char/serial.c
index 2386479492..fd80ae5592 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -985,46 +985,6 @@ const MemoryRegionOps serial_io_ops = {
 .endianness = DEVICE_LITTLE_ENDIAN,
 };
 
-static void serial_io_realize(DeviceState *dev, Error **errp)
-{
-SerialIO *sio = SERIAL_IO(dev);
-SerialState *s = >serial;
-
-if (!qdev_realize(DEVICE(s), NULL, errp)) {
-return;
-}
-
-memory_region_init_io(>io, OBJECT(dev), _io_ops, s, "serial", 8);
-sysbus_init_mmio(SYS_BUS_DEVICE(sio), >io);
-sysbus_init_irq(SYS_BUS_DEVICE(sio), >irq);
-}
-
-static void serial_io_class_init(ObjectClass *klass, void* data)
-{
-DeviceClass *dc = DEVICE_CLASS(klass);
-
-dc->realize = serial_io_realize;
-/* No dc->vmsd: class has no migratable state */
-}
-
-static void serial_io_instance_init(Object *o)
-{
-SerialIO *sio = SERIAL_IO(o);
-
-object_initialize_child(o, "serial", >serial, TYPE_SERIAL);
-
-qdev_alias_all_properties(DEVICE(>serial), o);
-}
-
-
-static const TypeInfo serial_io_info = {
-.name = TYPE_SERIAL_IO,
-.parent = TYPE_SYS_BUS_DEVICE,
-.instance_size = sizeof(SerialIO),
-.instance_init = serial_io_instance_init,
-.class_init = serial_io_class_init,
-};
-
 static Property serial_properties[] = {
 DEFINE_PROP_CHR("chardev", SerialState, chr),
 DEFINE_PROP_UINT32("baudbase", SerialState, baudbase, 115200),
@@ -1178,7 +1138,6 @@ static const TypeInfo serial_mm_info = {
 static void serial_register_types(void)
 {
 type_register_static(_info);
-type_register_static(_io_info);
 type_register_static(_mm_info);
 }
 
diff --git a/include/hw/char/serial.h b/include/hw/char/serial.h
index 264f529a7f..51397a8a18 100644
--- a/include/hw/char/serial.h
+++ b/include/hw/char/serial.h
@@ -91,13 +91,6 @@ struct SerialMM {
 };
 typedef struct SerialMM SerialMM;
 
-struct SerialIO {
-SysBusDevice parent;
-
-SerialState serial;
-};
-typedef struct SerialIO SerialIO;
-
 extern const VMStateDescription vmstate_serial;
 extern const MemoryRegionOps serial_io_ops;
 
@@ -111,10 +104,6 @@ DECLARE_INSTANCE_CHECKER(SerialState, SERIAL,
 DECLARE_INSTANCE_CHECKER(SerialMM, SERIAL_MM,
  TYPE_SERIAL_MM)
 
-#define TYPE_SERIAL_IO "serial-io"
-DECLARE_INSTANCE_CHECKER(SerialIO, SERIAL_IO,
- TYPE_SERIAL_IO)
-
 SerialMM *serial_mm_init(MemoryRegion *address_space,
  hwaddr base, int regshift,
  qemu_irq irq, int baudbase,
-- 
2.26.2

[PULL 11/57] memory: Convert IOMMUMemoryRegionClass doc comment to kernel-doc

2020-09-19 Thread Paolo Bonzini 
From: Eduardo Habkost 

Convert the existing documentation comments of
IOMMUMemoryRegionClass to kernel-doc format so their contents
will appear in the API reference at docs/devel/memory.html.

Signed-off-by: Eduardo Habkost 
Message-Id: <20200908201129.3407568-1-ehabk...@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 include/exec/memory.h | 50 +++
 1 file changed, 41 insertions(+), 9 deletions(-)

diff --git a/include/exec/memory.h b/include/exec/memory.h
index f1bb2a7df5..ec9edee742 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -228,8 +228,11 @@ enum IOMMUMemoryRegionAttr {
  * attributes and the output TLB entry depends on the transaction
  * attributes, we represent this using IOMMU indexes. Each index
  * selects a particular translation table that the IOMMU has:
+ *
  *   @attrs_to_index returns the IOMMU index for a set of transaction 
attributes
+ *
  *   @translate takes an input address and an IOMMU index
+ *
  * and the mapping returned can only depend on the input address and the
  * IOMMU index.
  *
@@ -238,10 +241,13 @@ enum IOMMUMemoryRegionAttr {
  * for secure transactions and one for non-secure transactions.
  */
 struct IOMMUMemoryRegionClass {
-/* private */
+/* private: */
 MemoryRegionClass parent_class;
 
-/*
+/* public: */
+/**
+ * @translate:
+ *
  * Return a TLB entry that contains a given address.
  *
  * The IOMMUAccessFlags indicated via @flag are optional and may
@@ -262,26 +268,38 @@ struct IOMMUMemoryRegionClass {
  * information when the IOMMU mapping changes.
  *
  * @iommu: the IOMMUMemoryRegion
+ *
  * @hwaddr: address to be translated within the memory region
- * @flag: requested access permissions
+ *
+ * @flag: requested access permission
+ *
  * @iommu_idx: IOMMU index for the translation
  */
 IOMMUTLBEntry (*translate)(IOMMUMemoryRegion *iommu, hwaddr addr,
IOMMUAccessFlags flag, int iommu_idx);
-/* Returns minimum supported page size in bytes.
+/**
+ * @get_min_page_size:
+ *
+ * Returns minimum supported page size in bytes.
+ *
  * If this method is not provided then the minimum is assumed to
  * be TARGET_PAGE_SIZE.
  *
  * @iommu: the IOMMUMemoryRegion
  */
 uint64_t (*get_min_page_size)(IOMMUMemoryRegion *iommu);
-/* Called when IOMMU Notifier flag changes (ie when the set of
+/**
+ * @notify_flag_changed:
+ *
+ * Called when IOMMU Notifier flag changes (ie when the set of
  * events which IOMMU users are requesting notification for changes).
  * Optional method -- need not be provided if the IOMMU does not
  * need to know exactly which events must be notified.
  *
  * @iommu: the IOMMUMemoryRegion
+ *
  * @old_flags: events which previously needed to be notified
+ *
  * @new_flags: events which now need to be notified
  *
  * Returns 0 on success, or a negative errno; in particular
@@ -293,7 +311,10 @@ struct IOMMUMemoryRegionClass {
IOMMUNotifierFlag old_flags,
IOMMUNotifierFlag new_flags,
Error **errp);
-/* Called to handle memory_region_iommu_replay().
+/**
+ * @replay:
+ *
+ * Called to handle memory_region_iommu_replay().
  *
  * The default implementation of memory_region_iommu_replay() is to
  * call the IOMMU translate method for every page in the address space
@@ -310,7 +331,10 @@ struct IOMMUMemoryRegionClass {
  */
 void (*replay)(IOMMUMemoryRegion *iommu, IOMMUNotifier *notifier);
 
-/* Get IOMMU misc attributes. This is an optional method that
+/**
+ * @get_attr:
+ *
+ * Get IOMMU misc attributes. This is an optional method that
  * can be used to allow users of the IOMMU to get implementation-specific
  * information. The IOMMU implements this method to handle calls
  * by IOMMU users to memory_region_iommu_get_attr() by filling in
@@ -319,7 +343,9 @@ struct IOMMUMemoryRegionClass {
  * memory_region_iommu_get_attr() will always return -EINVAL.
  *
  * @iommu: the IOMMUMemoryRegion
+ *
  * @attr: attribute being queried
+ *
  * @data: memory to fill in with the attribute data
  *
  * Returns 0 on success, or a negative errno; in particular
@@ -328,7 +354,10 @@ struct IOMMUMemoryRegionClass {
 int (*get_attr)(IOMMUMemoryRegion *iommu, enum IOMMUMemoryRegionAttr attr,
 void *data);
 
-/* Return the IOMMU index to use for a given set of transaction attributes.
+/**
+ * @attrs_to_index:
+ *
+ * Return the IOMMU index to use for a given set of transaction attributes.
  *
  * Optional method: if an IOMMU only supports a single IOMMU index then
  * the default

[PULL 06/57] meson: error out if qemu_suffix starts with /

2020-09-19 Thread Paolo Bonzini 
From: Marc-André Lureau 

Since the variable is used for path concatenation, the result would
ignore the prefix directory altogether.

Signed-off-by: Marc-André Lureau 
Signed-off-by: Paolo Bonzini 
---
 meson.build | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meson.build b/meson.build
index bba766b4bc..8bf696558f 100644
--- a/meson.build
+++ b/meson.build
@@ -17,6 +17,11 @@ config_host = keyval.load(meson.current_build_dir() / 
'config-host.mak')
 enable_modules = 'CONFIG_MODULES' in config_host
 enable_static = 'CONFIG_STATIC' in config_host
 build_docs = 'BUILD_DOCS' in config_host
+
+if get_option('qemu_suffix').startswith('/')
+  error('qemu_suffix cannot start with a /')
+endif
+
 qemu_datadir = get_option('datadir') / get_option('qemu_suffix')
 qemu_docdir = get_option('docdir') / get_option('qemu_suffix')
 config_host_data = configuration_data()
-- 
2.26.2

[PULL 10/57] target/i386: support KVM_FEATURE_ASYNC_PF_INT

2020-09-19 Thread Paolo Bonzini 
From: Vitaly Kuznetsov 

Linux-5.8 introduced interrupt based mechanism for 'page ready' events
delivery and disabled the old, #PF based one (see commit 2635b5c4a0e4
"KVM: x86: interrupt based APF 'page ready' event delivery"). Linux
guest switches to using in in 5.9 (see commit b1d405751cd5 "KVM: x86:
Switch KVM guest to using interrupts for page ready APF delivery").
The feature has a new KVM_FEATURE_ASYNC_PF_INT bit assigned and
the interrupt vector is set in MSR_KVM_ASYNC_PF_INT MSR. Support this
in QEMU.

Signed-off-by: Vitaly Kuznetsov 
Message-Id: <20200908141206.357450-1-vkuzn...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 target/i386/cpu.c |  4 +++-
 target/i386/cpu.h |  1 +
 target/i386/kvm.c | 10 ++
 target/i386/machine.c | 19 +++
 4 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 49d8958528..7603784351 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -903,7 +903,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
 "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock",
 "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt",
 NULL, "kvm-pv-tlb-flush", NULL, "kvm-pv-ipi",
-"kvm-poll-control", "kvm-pv-sched-yield", NULL, NULL,
+"kvm-poll-control", "kvm-pv-sched-yield", "kvm-asyncpf-int", NULL,
 NULL, NULL, NULL, NULL,
 NULL, NULL, NULL, NULL,
 "kvmclock-stable-bit", NULL, NULL, NULL,
@@ -4209,6 +4209,7 @@ static PropValue kvm_default_props[] = {
 { "kvmclock", "on" },
 { "kvm-nopiodelay", "on" },
 { "kvm-asyncpf", "on" },
+{ "kvm-asyncpf-int", "on" },
 { "kvm-steal-time", "on" },
 { "kvm-pv-eoi", "on" },
 { "kvmclock-stable-bit", "on" },
@@ -7092,6 +7093,7 @@ static void x86_cpu_initfn(Object *obj)
 object_property_add_alias(obj, "kvm_nopiodelay", obj, "kvm-nopiodelay");
 object_property_add_alias(obj, "kvm_mmu", obj, "kvm-mmu");
 object_property_add_alias(obj, "kvm_asyncpf", obj, "kvm-asyncpf");
+object_property_add_alias(obj, "kvm_asyncpf_int", obj, "kvm-asyncpf-int");
 object_property_add_alias(obj, "kvm_steal_time", obj, "kvm-steal-time");
 object_property_add_alias(obj, "kvm_pv_eoi", obj, "kvm-pv-eoi");
 object_property_add_alias(obj, "kvm_pv_unhalt", obj, "kvm-pv-unhalt");
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index d3097be6a5..18e99e9b39 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1492,6 +1492,7 @@ typedef struct CPUX86State {
 uint64_t wall_clock_msr;
 uint64_t steal_time_msr;
 uint64_t async_pf_en_msr;
+uint64_t async_pf_int_msr;
 uint64_t pv_eoi_en_msr;
 uint64_t poll_control_msr;
 
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index d87af57a23..0ab90c3669 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -287,6 +287,7 @@ static const struct kvm_para_features {
 { KVM_CAP_NOP_IO_DELAY, KVM_FEATURE_NOP_IO_DELAY },
 { KVM_CAP_PV_MMU, KVM_FEATURE_MMU_OP },
 { KVM_CAP_ASYNC_PF, KVM_FEATURE_ASYNC_PF },
+{ KVM_CAP_ASYNC_PF_INT, KVM_FEATURE_ASYNC_PF_INT },
 };
 
 static int get_para_features(KVMState *s)
@@ -2821,6 +2822,9 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
 if (env->features[FEAT_KVM] & (1 << KVM_FEATURE_ASYNC_PF)) {
 kvm_msr_entry_add(cpu, MSR_KVM_ASYNC_PF_EN, env->async_pf_en_msr);
 }
+if (env->features[FEAT_KVM] & (1 << KVM_FEATURE_ASYNC_PF_INT)) {
+kvm_msr_entry_add(cpu, MSR_KVM_ASYNC_PF_EN, env->async_pf_int_msr);
+}
 if (env->features[FEAT_KVM] & (1 << KVM_FEATURE_PV_EOI)) {
 kvm_msr_entry_add(cpu, MSR_KVM_PV_EOI_EN, env->pv_eoi_en_msr);
 }
@@ -3206,6 +3210,9 @@ static int kvm_get_msrs(X86CPU *cpu)
 if (env->features[FEAT_KVM] & (1 << KVM_FEATURE_ASYNC_PF)) {
 kvm_msr_entry_add(cpu, MSR_KVM_ASYNC_PF_EN, 0);
 }
+if (env->features[FEAT_KVM] & (1 << KVM_FEATURE_ASYNC_PF_INT)) {
+kvm_msr_entry_add(cpu, MSR_KVM_ASYNC_PF_INT, 0);
+}
 if (env->features[FEAT_KVM] & (1 << KVM_FEATURE_PV_EOI)) {
 kvm_msr_entry_add(cpu, MSR_KVM_PV_EOI_EN, 0);
 }
@@ -3446,6 +3453,9 @@ static int kvm_get_msrs(X86CPU *cpu)
 case MSR_KVM_ASYNC_PF_EN:
 env->async_pf_en_msr = msrs[i].data;
 break;
+case MSR_KVM_ASYNC_PF_INT:
+env->async_pf_int_msr = msrs[i].data;
+break;
 case MSR_KVM_PV_EOI_EN:
 env->pv_eoi_en_msr = msrs[i].data;
 break;
diff --git a/target/i386/machine.c b/target/i386/machine.c
index b1acf7d0ef..233e46bb70 100644
--- a/target/i386/machine.c
+++ b/target/i386/machine.c
@@ -394,6 +394,13 @@ static bool async_pf_msr_needed(void *opaque)
 return cpu->env.async_pf_en_msr != 0;
 }
 
+static bool async_pf_int_msr_needed(void *opaque)
+{
+X86CPU *cpu = opaque;
+
+return cpu->env.async_pf_int_msr != 0;
+}
+

[PULL 14/57] acpi: i386: Move VMBus DSDT entry to SB

2020-09-19 Thread Paolo Bonzini 
From: Jon Doron 

Signed-off-by: Jon Doron 
Reviewed-by: Igor Mammedov 
Message-Id: <20200715084326.678715-2-ari...@gmail.com>
Signed-off-by: Paolo Bonzini 
---
 hw/i386/acpi-build.c | 12 +++-
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index 7a5a8b3521..975db68c6d 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -975,7 +975,6 @@ static Aml *build_vmbus_device_aml(VMBusBridge 
*vmbus_bridge)
 
 static void build_isa_devices_aml(Aml *table)
 {
-VMBusBridge *vmbus_bridge = vmbus_bridge_find();
 bool ambiguous;
 Object *obj = object_resolve_path_type("", TYPE_ISA_BUS, );
 Aml *scope;
@@ -986,10 +985,6 @@ static void build_isa_devices_aml(Aml *table)
 build_acpi_ipmi_devices(scope, BUS(obj), "\\_SB.PCI0.ISA");
 isa_build_aml(ISA_BUS(obj), scope);
 
-if (vmbus_bridge) {
-aml_append(scope, build_vmbus_device_aml(vmbus_bridge));
-}
-
 aml_append(table, scope);
 }
 
@@ -1485,6 +1480,7 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 PCIBus *bus = NULL;
 TPMIf *tpm = tpm_find();
 int i;
+VMBusBridge *vmbus_bridge = vmbus_bridge_find();
 
 dsdt = init_aml_allocator();
 
@@ -1526,6 +1522,12 @@ build_dsdt(GArray *table_data, BIOSLinker *linker,
 }
 }
 
+if (vmbus_bridge) {
+sb_scope = aml_scope("_SB");
+aml_append(sb_scope, build_vmbus_device_aml(vmbus_bridge));
+aml_append(dsdt, sb_scope);
+}
+
 if (pcmc->legacy_cpu_hotplug) {
 build_legacy_cpu_hotplug_aml(dsdt, machine, pm->cpu_hp_io_base);
 } else {
-- 
2.26.2

[PULL 07/57] WHPX: vmware cpuid leaf for tsc and apic frequency

2020-09-19 Thread Paolo Bonzini 
From: Sunil Muthuswamy 

Newer versions of WHPX provide the capability to query the tsc
and apic frequency. Expose these through the vmware cpuid leaf.
This patch doesnt support setting the tsc frequency; that will
come as a separate fix.

Signed-off-by: Sunil Muthuswamy 
Message-Id: 

Signed-off-by: Paolo Bonzini 
---
 target/i386/whp-dispatch.h |  3 +-
 target/i386/whpx-all.c | 96 +-
 2 files changed, 87 insertions(+), 12 deletions(-)

diff --git a/target/i386/whp-dispatch.h b/target/i386/whp-dispatch.h
index e4695c349f..b18aba20ed 100644
--- a/target/i386/whp-dispatch.h
+++ b/target/i386/whp-dispatch.h
@@ -2,10 +2,11 @@
 #define WHP_DISPATCH_H
 
 #include 
-
 #include 
 #include 
 
+#define WHV_E_UNKNOWN_CAPABILITY 0x80370300L
+
 #define LIST_WINHVPLATFORM_FUNCTIONS(X) \
   X(HRESULT, WHvGetCapability, (WHV_CAPABILITY_CODE CapabilityCode, VOID* 
CapabilityBuffer, UINT32 CapabilityBufferSizeInBytes, UINT32* 
WrittenSizeInBytes)) \
   X(HRESULT, WHvCreatePartition, (WHV_PARTITION_HANDLE* Partition)) \
diff --git a/target/i386/whpx-all.c b/target/i386/whpx-all.c
index c78baac6df..3fad7928e8 100644
--- a/target/i386/whpx-all.c
+++ b/target/i386/whpx-all.c
@@ -27,6 +27,8 @@
 #include 
 #include 
 
+#define HYPERV_APIC_BUS_FREQUENCY  (2ULL)
+
 struct whpx_state {
 uint64_t mem_quota;
 WHV_PARTITION_HANDLE partition;
@@ -1061,6 +1063,18 @@ static int whpx_vcpu_run(CPUState *cpu)
 cpu_x86_cpuid(env, cpuid_fn, 0, (UINT32 *), (UINT32 *),
 (UINT32 *), (UINT32 *));
 switch (cpuid_fn) {
+case 0x4000:
+/* Expose the vmware cpu frequency cpuid leaf */
+rax = 0x4010;
+rbx = rcx = rdx = 0;
+break;
+
+case 0x4010:
+rax = env->tsc_khz;
+rbx = env->apic_bus_freq / 1000; /* Hz to KHz */
+rcx = rdx = 0;
+break;
+
 case 0x8001:
 /* Remove any support of OSVW */
 rcx &= ~CPUID_EXT3_OSVW;
@@ -1191,8 +1205,12 @@ int whpx_init_vcpu(CPUState *cpu)
 {
 HRESULT hr;
 struct whpx_state *whpx = _global;
-struct whpx_vcpu *vcpu;
+struct whpx_vcpu *vcpu = NULL;
 Error *local_error = NULL;
+struct CPUX86State *env = (CPUArchState *)(cpu->env_ptr);
+X86CPU *x86_cpu = X86_CPU(cpu);
+UINT64 freq = 0;
+int ret;
 
 /* Add migration blockers for all unsupported features of the
  * Windows Hypervisor Platform
@@ -1207,7 +1225,8 @@ int whpx_init_vcpu(CPUState *cpu)
 error_report_err(local_error);
 migrate_del_blocker(whpx_migration_blocker);
 error_free(whpx_migration_blocker);
-return -EINVAL;
+ret = -EINVAL;
+goto error;
 }
 }
 
@@ -1215,7 +1234,8 @@ int whpx_init_vcpu(CPUState *cpu)
 
 if (!vcpu) {
 error_report("WHPX: Failed to allocte VCPU context.");
-return -ENOMEM;
+ret = -ENOMEM;
+goto error;
 }
 
 hr = whp_dispatch.WHvEmulatorCreateEmulator(
@@ -1224,8 +1244,8 @@ int whpx_init_vcpu(CPUState *cpu)
 if (FAILED(hr)) {
 error_report("WHPX: Failed to setup instruction completion support,"
  " hr=%08lx", hr);
-g_free(vcpu);
-return -EINVAL;
+ret = -EINVAL;
+goto error;
 }
 
 hr = whp_dispatch.WHvCreateVirtualProcessor(
@@ -1234,17 +1254,72 @@ int whpx_init_vcpu(CPUState *cpu)
 error_report("WHPX: Failed to create a virtual processor,"
  " hr=%08lx", hr);
 whp_dispatch.WHvEmulatorDestroyEmulator(vcpu->emulator);
-g_free(vcpu);
-return -EINVAL;
+ret = -EINVAL;
+goto error;
 }
 
-vcpu->interruptable = true;
+/*
+ * vcpu's TSC frequency is either specified by user, or use the value
+ * provided by Hyper-V if the former is not present. In the latter case, we
+ * query it from Hyper-V and record in env->tsc_khz, so that vcpu's TSC
+ * frequency can be migrated later via this field.
+ */
+if (!env->tsc_khz) {
+hr = whp_dispatch.WHvGetCapability(
+WHvCapabilityCodeProcessorClockFrequency, , sizeof(freq),
+NULL);
+if (hr != WHV_E_UNKNOWN_CAPABILITY) {
+if (FAILED(hr)) {
+printf("WHPX: Failed to query tsc frequency, hr=0x%08lx\n", 
hr);
+} else {
+env->tsc_khz = freq / 1000; /* Hz to KHz */
+}
+}
+}
 
+env->apic_bus_freq = HYPERV_APIC_BUS_FREQUENCY;
+hr = whp_dispatch.WHvGetCapability(
+WHvCapabilityCodeInterruptClockFrequency, , sizeof(freq), NULL);
+if (hr != WHV_E_UNKNOWN_CAPABILITY) {
+if (FAILED(hr)) {
+printf("WHPX: Failed to query apic bus frequency hr=0x%08lx\n", 
hr);
+} else {
+env->apic_bus_freq = freq;
+

[PULL 13/57] Simplify the .gitignore file

2020-09-19 Thread Paolo Bonzini 
From: Thomas Huth 

Now that we always do out-of-tree builds (and the in-tree builds are
faked via a "build" directory), we can simplify out .gitignore file
quite a bit.

Signed-off-by: Thomas Huth 
Message-Id: <20200909080305.258961-1-th...@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé 
Signed-off-by: Paolo Bonzini 
---
 .gitignore | 152 -
 1 file changed, 152 deletions(-)

diff --git a/.gitignore b/.gitignore
index b6fdd34ddf..5515f595e6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,163 +1,11 @@
 /GNUmakefile
 /build/
-/.doctrees
-/config-devices.*
-/config-host.*
-/config-target.*
-/config.status
-/config-temp
-/tools/virtiofsd/50-qemu-virtiofsd.json
-/elf2dmp
-/trace-events-all
-/trace/generated-events.h
-/trace/generated-events.c
-/trace/generated-helpers-wrappers.h
-/trace/generated-helpers.h
-/trace/generated-helpers.c
-/trace/generated-tcg-tracers.h
-/ui/shader/texture-blit-frag.h
-/ui/shader/texture-blit-vert.h
-/ui/shader/texture-blit-flip-vert.h
-/ui/input-keymap-*.c.inc
-*-timestamp
-/*-softmmu
-/*-darwin-user
-/*-linux-user
-/*-bsd-user
-/ivshmem-client
-/ivshmem-server
-/libdis*
-/libuser
-/linux-headers/asm
-/qga/qapi-generated
-/qapi-gen-timestamp
-/qapi/qapi-builtin-types.[ch]
-/qapi/qapi-builtin-visit.[ch]
-/qapi/qapi-commands-*.[ch]
-**/qapi/qapi-commands.[ch]
-**/qapi/qapi-emit-events.[ch]
-/qapi/qapi-events-*.[ch]
-**/qapi/qapi-events.[ch]
-**/qapi/qapi-init-commands.[ch]
-**/qapi/qapi-introspect.[ch]
-/qapi/qapi-types-*.[ch]
-**/qapi/qapi-types.[ch]
-/qapi/qapi-visit-*.[ch]
-!/qapi/qapi-visit-core.c
-**/qapi/qapi-visit.[ch]
-**/qapi/qapi-doc.texi
-/qemu-edid
-/qemu-img
-/qemu-nbd
-/qemu-options.def
-/qemu-options.texi
-/qemu-img-cmds.texi
-/qemu-img-cmds.h
-/qemu-io
-/qemu-ga
-/qemu-bridge-helper
-/qemu-keymap
-/qemu-monitor.texi
-/qemu-monitor-info.texi
-/qemu-storage-daemon
-/qemu-version.h
-/qemu-version.h.tmp
-/module_block.h
-/scsi/qemu-pr-helper
-/vhost-user-scsi
-/vhost-user-blk
-/vhost-user-gpu
-/vhost-user-input
-/fsdev/virtfs-proxy-helper
-*.tmp
-*.[1-9]
-*.a
-*.aux
-*.cp
-*.exe
-*.msi
-*.dll
-*.so
-*.fn
-*.ky
-*.log
-*.pdf
-*.pod
-*.cps
-*.fns
-*.kys
-*.pg
-*.pyc
-*.toc
-*.tp
-*.vr
-*.d
-!/.gitlab-ci.d
-!/scripts/qemu-guest-agent/fsfreeze-hook.d
-*.o
 .sdk
-*.gcda
-*.gcno
-*.gcov
-/pc-bios/bios-pq/status
-/pc-bios/edk2-*.fd
-/pc-bios/vgabios-pq/status
-/pc-bios/optionrom/linuxboot.asm
-/pc-bios/optionrom/linuxboot.bin
-/pc-bios/optionrom/linuxboot.raw
-/pc-bios/optionrom/linuxboot.img
-/pc-bios/optionrom/linuxboot_dma.asm
-/pc-bios/optionrom/linuxboot_dma.bin
-/pc-bios/optionrom/linuxboot_dma.raw
-/pc-bios/optionrom/linuxboot_dma.img
-/pc-bios/optionrom/pvh.asm
-/pc-bios/optionrom/pvh.bin
-/pc-bios/optionrom/pvh.raw
-/pc-bios/optionrom/pvh.img
-/pc-bios/optionrom/multiboot.asm
-/pc-bios/optionrom/multiboot.bin
-/pc-bios/optionrom/multiboot.raw
-/pc-bios/optionrom/multiboot.img
-/pc-bios/optionrom/kvmvapic.asm
-/pc-bios/optionrom/kvmvapic.bin
-/pc-bios/optionrom/kvmvapic.raw
-/pc-bios/optionrom/kvmvapic.img
-/pc-bios/s390-ccw/s390-ccw.elf
-/pc-bios/s390-ccw/s390-ccw.img
-/docs/built
-/docs/interop/qemu-ga-qapi.texi
-/docs/interop/qemu-ga-ref.html
-/docs/interop/qemu-ga-ref.info*
-/docs/interop/qemu-ga-ref.txt
-/docs/interop/qemu-qmp-qapi.texi
-/docs/interop/qemu-qmp-ref.html
-/docs/interop/qemu-qmp-ref.info*
-/docs/interop/qemu-qmp-ref.txt
-/docs/version.texi
-/contrib/vhost-user-gpu/50-qemu-gpu.json
-*.tps
 .stgit-*
 .git-submodule-status
 cscope.*
 tags
 TAGS
-docker-src.*
 *~
 *.ast_raw
 *.depend_raw
-trace.c
-trace-ust.h
-trace-ust.h
-trace-dtrace.h
-trace-dtrace.dtrace
-trace-root.h
-trace-root.c
-trace-ust-root.h
-trace-ust-root.h
-trace-ust-all.h
-trace-ust-all.c
-trace-dtrace-root.h
-trace-dtrace-root.dtrace
-trace-ust-all.h
-trace-ust-all.c
-/target/arm/decode-sve.c.inc
-- 
2.26.2

[PULL 05/57] meson: fix MSI rule

2020-09-19 Thread Paolo Bonzini 
From: Marc-André Lureau 

The environment variables can't be passed through an env: argument
yet (meson#2723), use 'env' as suggested in:
https://github.com/mesonbuild/meson/issues/2723#issuecomment-348630957

Signed-off-by: Marc-André Lureau 
Signed-off-by: Paolo Bonzini 
---
 qga/meson.build | 1 +
 1 file changed, 1 insertion(+)

diff --git a/qga/meson.build b/qga/meson.build
index e5c5778a3e..c10a0526b2 100644
--- a/qga/meson.build
+++ b/qga/meson.build
@@ -70,6 +70,7 @@ if targetos == 'windows'
 output: 
'qemu-ga-@0@.msi'.format(config_host['ARCH']),
 depends: deps,
 command: [
+  find_program('env'),
   'QEMU_GA_VERSION=' + 
config_host['QEMU_GA_VERSION'],
   'QEMU_GA_MANUFACTURER=' + 
config_host['QEMU_GA_MANUFACTURER'],
   'QEMU_GA_DISTRO=' + 
config_host['QEMU_GA_DISTRO'],
-- 
2.26.2

[PULL 09/57] MAINTAINERS: add Paolo Bonzini as RCU maintainer

2020-09-19 Thread Paolo Bonzini 
From: Stefan Hajnoczi 

The RCU code that Paolo maintains is missing a MAINTAINERS file entry.

Signed-off-by: Stefan Hajnoczi 
Message-Id: <20200909090851.14458-1-stefa...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 MAINTAINERS | 8 
 1 file changed, 8 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 3d17cad19a..9b01385484 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2310,6 +2310,14 @@ F: softmmu/cpus.c
 F: softmmu/cpu-throttle.c
 F: qapi/run-state.json
 
+Read, Copy, Update (RCU)
+M: Paolo Bonzini 
+S: Maintained
+F: include/qemu/rcu*.h
+F: tests/rcutorture.c
+F: tests/test-rcu-*.c
+F: util/rcu.c
+
 Human Monitor (HMP)
 M: Dr. David Alan Gilbert 
 S: Maintained
-- 
2.26.2

[PULL 00/57] Misc patches for 2020-09-19

2020-09-19 Thread Paolo Bonzini 
The following changes since commit de39a045bd8d2b49e4f3d07976622c29d58e0bac:

  Merge remote-tracking branch 'remotes/kraxel/tags/vga-20200915-pull-request' 
into staging (2020-09-15 14:25:05 +0100)

are available in the Git repository at:

  https://gitlab.com/bonzini/qemu.git tags/for-upstream

for you to fetch changes up to 2521f1f245101df93d12e40144af62aae0bb96a6:

  meson: fix installation of keymaps (2020-09-19 11:57:44 -0400)


* SCSI fix (Dmitry, Li Feng, Li Qiang)
* memory API fixes (Eduardo)
* removal of deprecated '-numa node' (Igor)
* ACPI fix for VMBus (Jon)
* relocatable install (myself)
* always remove docker containers (myself)
* serial cleanups (Philippe)
* vmware cpuid leaf for tsc and apic frequency (Sunil)
* KVM_FEATURE_ASYNC_PF_INT support (Vitaly)
* i386 XSAVE bugfix (Xiaoyao)

meson:
* fixes (Marc-André, Max, Stefan, myself)
* moved libmpathpersist, cocoa, malloc tests (myself)
* support for 0.56 introspected test dependencies (myself)


Anthony PERARD (1):
  meson: fix installation of keymaps

Claudio Fontana (1):
  tests: add missing genh dependency

Dmitry Fomichev (1):
  scsi-generic: Fix HM-zoned device scan

Eduardo Habkost (1):
  memory: Convert IOMMUMemoryRegionClass doc comment to kernel-doc

Igor Mammedov (3):
  numa: drop support for '-numa node' (without memory specified)
  doc: Cleanup "'-mem-path' fallback to RAM" deprecation text
  numa: remove fixup numa_state->num_nodes to MAX_NODES

Jon Doron (1):
  acpi: i386: Move VMBus DSDT entry to SB

Li Feng (1):
  vhost-scsi: support inflight io track

Li Qiang (2):
  hw: megasas: return -1 when 'megasas_map_sgl' fails
  hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl

Marc-André Lureau (2):
  meson: fix MSI rule
  meson: error out if qemu_suffix starts with /

Max Reitz (1):
  iotests: Work around failing readlink -f

Paolo Bonzini (25):
  meson: clean up build_by_default
  ninjatool: rebuild multi-output targets if outputs are missing
  meson: move libudev test
  meson: move libmpathpersist test
  meson: extend libmpathpersist test for static linking
  configure: move malloc_trim/tcmalloc/jemalloc to meson
  configure: fix --meson=/path/to/meson
  configure: move cocoa option to Meson
  configure: do not limit Hypervisor.framework test to Darwin
  meson: qtest: set "depends" correctly
  mtest2make: add support for introspected test dependencies
  meson: report accelerator support
  oslib: do not call g_strdup from qemu_get_exec_dir
  fuzz: use qemu_get_exec_dir
  oslib-posix: default exec_dir to bindir
  cutils: introduce get_relocated_path
  oslib-posix: relocate path to /var
  module: relocate path to modules
  net: relocate paths to helpers and scripts
  vl: relocate paths to data directories
  vl: relocate path to configuration file
  qemu-bridge-helper: relocate path to default ACL
  qga: relocate path to default configuration and hook
  ui: relocate paths to icons and translations
  configure: use a platform-neutral prefix

Philippe Mathieu-Daudé (11):
  configure: Do not intent to build WHPX on 32-bit host
  hw/mips/mipssim: Use MMIO serial device on fake ISA I/O
  hw/char/serial: Remove TYPE_SERIAL_IO
  hw/char/serial: Assert serial_ioport_read/write offset fits 8 bytes
  hw/char/serial: Replace commented DPRINTF() by trace event
  hw/char/serial: Remove old DEBUG_SERIAL commented code
  hw/char/serial: Rename I/O read/write trace events
  hw/char/serial: Make 'wakeup' property boolean
  hw/char/serial-{isa, pci}: Alias QDEV properties from generic serial 
object
  hw/i386/q35: Remove unreachable Xen code on Q35 machine
  exec: Remove MemoryRegion::global_locking field

Stefan Hajnoczi (2):
  MAINTAINERS: add Paolo Bonzini as RCU maintainer
  configure: rename QEMU_GA_MSI_ENABLED to CONFIG_QGA_MSI

Stefano Garzarella (1):
  checkpatch: avoid error on cover letter files

Sunil Muthuswamy (1):
  WHPX: vmware cpuid leaf for tsc and apic frequency

Thomas Huth (1):
  Simplify the .gitignore file

Vitaly Kuznetsov (1):
  target/i386: support KVM_FEATURE_ASYNC_PF_INT

Xiaoyao Li (1):
  i386/cpu: Clear FEAT_XSAVE_COMP_{LO,HI} when XSAVE is not available

 .gitignore| 152 --
 MAINTAINERS   |   8 ++
 Makefile  |   4 +-
 accel/tcg/cputlb.c|   4 +-
 configure | 237 ++
 docs/devel/build-system.rst   |   5 +
 docs/system/deprecated.rst|  44 ---
 exec.c|   2 +-
 hw/char/serial-isa.c  |   4 +-
 hw/char/serial-pci.c

[PULL 01/57] tests: add missing genh dependency

2020-09-19 Thread Paolo Bonzini 
From: Claudio Fontana 

Fix high-parallelism builds by forcing all generated headers
to be created before tests are compiled.

Reported-by: Claudio Fontana 
Signed-off-by: Paolo Bonzini 
Tested-by: Claudio Fontana 
Reviewed-by: Philippe Mathieu-Daudé 
---
 tests/meson.build | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/meson.build b/tests/meson.build
index dae8a77df1..7585d75982 100644
--- a/tests/meson.build
+++ b/tests/meson.build
@@ -56,7 +56,7 @@ test_qapi_files = custom_target('Test QAPI files',
 # perhaps change qapi_gen to replace / with _, like Meson itself does?
 subdir('include')
 
-libtestqapi = static_library('testqapi', sources: [test_qapi_files, 
test_qapi_outputs_extra])
+libtestqapi = static_library('testqapi', sources: [test_qapi_files, genh, 
test_qapi_outputs_extra])
 testqapi = declare_dependency(link_with: libtestqapi)
 
 testblock = declare_dependency(dependencies: [block], sources: 'iothread.c')
@@ -223,7 +223,7 @@ foreach test_name, extra: tests
 src += test_ss.all_sources()
 deps += test_ss.all_dependencies()
   endif
-  exe = executable(test_name, src, dependencies: deps)
+  exe = executable(test_name, src, genh, dependencies: deps)
 
   test(test_name, exe,
depends: test_deps.get(test_name, []),
-- 
2.26.2

[PULL 03/57] meson: clean up build_by_default

2020-09-19 Thread Paolo Bonzini 
Build all executables by default except for the known-broken ones.

This also allows running qemu-iotests without manually building
socket_scm_helper.

Reported-by: Max Reitz 
Tested-by: Max Reitz 
Signed-off-by: Paolo Bonzini 
---
 docs/devel/build-system.rst| 5 +
 tests/fp/meson.build   | 2 --
 tests/meson.build  | 5 ++---
 tests/qemu-iotests/meson.build | 3 +--
 trace/meson.build  | 1 -
 ui/shader/meson.build  | 1 -
 6 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/docs/devel/build-system.rst b/docs/devel/build-system.rst
index 08e85c69e1..2ee368fad6 100644
--- a/docs/devel/build-system.rst
+++ b/docs/devel/build-system.rst
@@ -193,6 +193,11 @@ compilation as possible. The Meson "sourceset" 
functionality is used
 to list the files and their dependency on various configuration  
 symbols.
 
+All executables are built by default, except for some `contrib/`
+binaries that are known to fail to build on some platforms (for example
+32-bit or big-endian platforms).  Tests are also built by default,
+though that might change in the future.
+
 Various subsystems that are common to both tools and emulators have
 their own sourceset, for example `block_ss` for the block device subsystem,
 `chardev_ss` for the character device subsystem, etc.  These sourcesets
diff --git a/tests/fp/meson.build b/tests/fp/meson.build
index 8779a17aab..24739ad421 100644
--- a/tests/fp/meson.build
+++ b/tests/fp/meson.build
@@ -541,7 +541,6 @@ fpcflags += [
 fptest = executable(
   'fp-test',
   ['fp-test.c', tfdir / 'slowfloat.c', '../../fpu/softfloat.c'],
-  build_by_default: false,
   link_with: [libtestfloat, libsoftfloat],
   dependencies: [qemuutil],
   include_directories: [sfinc, include_directories(tfdir)],
@@ -628,7 +627,6 @@ test('fp-test:mulAdd', fptest,
 fpbench = executable(
   'fp-bench',
   ['fp-bench.c', '../../fpu/softfloat.c'],
-  build_by_default: false,
   link_with: [libtestfloat, libsoftfloat],
   dependencies: [qemuutil],
   include_directories: [sfinc, include_directories(tfdir)],
diff --git a/tests/meson.build b/tests/meson.build
index 7585d75982..f1d474c8a9 100644
--- a/tests/meson.build
+++ b/tests/meson.build
@@ -242,12 +242,11 @@ foreach bench_name, deps: benchs
 suite: ['speed'])
 endforeach
 
-if have_tools and 'CONFIG_VHOST_USER' in config_host
+if have_tools and 'CONFIG_VHOST_USER' in config_host and 'CONFIG_LINUX' in 
config_host
   executable('vhost-user-bridge',
  sources: files('vhost-user-bridge.c'),
  link_with: [libvhost_user],
- dependencies: [qemuutil],
- build_by_default: false)
+ dependencies: [qemuutil])
 endif
 
 if have_system and 'CONFIG_POSIX' in config_host
diff --git a/tests/qemu-iotests/meson.build b/tests/qemu-iotests/meson.build
index 60470936b4..67aed1e492 100644
--- a/tests/qemu-iotests/meson.build
+++ b/tests/qemu-iotests/meson.build
@@ -1,6 +1,5 @@
 if 'CONFIG_LINUX' in config_host
-socket_scm_helper = executable('socket_scm_helper', 'socket_scm_helper.c',
-build_by_default: false)
+socket_scm_helper = executable('socket_scm_helper', 'socket_scm_helper.c')
 else
 socket_scm_helper = []
 endif
diff --git a/trace/meson.build b/trace/meson.build
index b36937d3a6..d5fc45c628 100644
--- a/trace/meson.build
+++ b/trace/meson.build
@@ -70,7 +70,6 @@ foreach d : [
 output: d[0],
 input: meson.source_root() / 'trace-events',
 command: [ tracetool, '--group=root', 
'--format=@0@'.format(d[1]), '@INPUT@' ],
-build_by_default: true, # to be removed when added to a target
 capture: true)
   specific_ss.add(gen)
 endforeach
diff --git a/ui/shader/meson.build b/ui/shader/meson.build
index f69e44ed89..592bf596b9 100644
--- a/ui/shader/meson.build
+++ b/ui/shader/meson.build
@@ -9,7 +9,6 @@ foreach e : shaders
   genh += custom_target(output,
 output: output,
 capture: true,
-build_by_default: true, # to be removed when added to a target
 input: files('@0@.@1@'.format(e[0], e[1])),
 command: [shaderinclude, '@INPUT0@'])
 endforeach
-- 
2.26.2

[PULL 12/57] vhost-scsi: support inflight io track

2020-09-19 Thread Paolo Bonzini 
From: Li Feng 

Qemu will send GET_INFLIGHT_FD and SET_INFLIGH_FD to backend, and
the backend setup the inflight memory to track the io.

Change-Id: I805d6189996f7a1b44c65f0b12ef7473b1789510
Signed-off-by: Li Feng 
Message-Id: <20200909122021.1055174-1-fen...@smartx.com>
Signed-off-by: Paolo Bonzini 
---
 hw/scsi/vhost-scsi-common.c   | 27 +++
 include/hw/virtio/vhost-scsi-common.h |  2 ++
 2 files changed, 29 insertions(+)

diff --git a/hw/scsi/vhost-scsi-common.c b/hw/scsi/vhost-scsi-common.c
index 8ec49d7fef..767f827e55 100644
--- a/hw/scsi/vhost-scsi-common.c
+++ b/hw/scsi/vhost-scsi-common.c
@@ -32,6 +32,8 @@ int vhost_scsi_common_start(VHostSCSICommon *vsc)
 BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(vdev)));
 VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus);
 
+VirtIOSCSICommon *vs = (VirtIOSCSICommon *)vsc;
+
 if (!k->set_guest_notifiers) {
 error_report("binding does not support guest notifiers");
 return -ENOSYS;
@@ -49,6 +51,23 @@ int vhost_scsi_common_start(VHostSCSICommon *vsc)
 }
 
 vsc->dev.acked_features = vdev->guest_features;
+
+assert(vsc->inflight == NULL);
+vsc->inflight = g_new0(struct vhost_inflight, 1);
+ret = vhost_dev_get_inflight(>dev,
+ vs->conf.virtqueue_size,
+ vsc->inflight);
+if (ret < 0) {
+error_report("Error get inflight: %d", -ret);
+goto err_guest_notifiers;
+}
+
+ret = vhost_dev_set_inflight(>dev, vsc->inflight);
+if (ret < 0) {
+error_report("Error set inflight: %d", -ret);
+goto err_guest_notifiers;
+}
+
 ret = vhost_dev_start(>dev, vdev);
 if (ret < 0) {
 error_report("Error start vhost dev");
@@ -66,6 +85,9 @@ int vhost_scsi_common_start(VHostSCSICommon *vsc)
 return ret;
 
 err_guest_notifiers:
+g_free(vsc->inflight);
+vsc->inflight = NULL;
+
 k->set_guest_notifiers(qbus->parent, vsc->dev.nvqs, false);
 err_host_notifiers:
 vhost_dev_disable_notifiers(>dev, vdev);
@@ -89,6 +111,11 @@ void vhost_scsi_common_stop(VHostSCSICommon *vsc)
 }
 assert(ret >= 0);
 
+if (vsc->inflight) {
+vhost_dev_free_inflight(vsc->inflight);
+vsc->inflight = NULL;
+}
+
 vhost_dev_disable_notifiers(>dev, vdev);
 }
 
diff --git a/include/hw/virtio/vhost-scsi-common.h 
b/include/hw/virtio/vhost-scsi-common.h
index 5f0bf73d9d..3be152e45b 100644
--- a/include/hw/virtio/vhost-scsi-common.h
+++ b/include/hw/virtio/vhost-scsi-common.h
@@ -37,6 +37,8 @@ struct VHostSCSICommon {
 int lun;
 uint64_t host_features;
 bool migratable;
+
+struct vhost_inflight *inflight;
 };
 
 int vhost_scsi_common_start(VHostSCSICommon *vsc);
-- 
2.26.2

[PULL 04/57] ninjatool: rebuild multi-output targets if outputs are missing

2020-09-19 Thread Paolo Bonzini 
The "stamp file trick" used to group targets of a single multi-output rule
prevents the user from deleting one such target in order to force its
rebuild.  Doing so will not touch the stamp file, and therefore only
the dummy ":" command will be executed.

With this patch, ninjatool writes rules that force-rebuild the stamp
file if any of its outputs are missing.  Rebuilding the missing
target therefore causes the stamp file to be rebuilt too.

Reported-by: Markus Armbruster 
Signed-off-by: Paolo Bonzini 
---
 scripts/ninjatool.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/scripts/ninjatool.py b/scripts/ninjatool.py
index 627a1cab45..6f0e35c727 100755
--- a/scripts/ninjatool.py
+++ b/scripts/ninjatool.py
@@ -908,6 +908,9 @@ class Ninja2Make(NinjaParserEventsWithVars):
 else:
 stamp = '%s@%s.stamp' % (rule, sha1_text(targets)[0:11])
 self.print('%s: %s; @:' % (targets, stamp))
+self.print('ifneq (%s, $(wildcard %s))' % (targets, targets))
+self.print('.PHONY: %s' % (stamp, ))
+self.print('endif')
 self.print('%s: %s | %s; ${ninja-command-restat}' % (stamp, 
inputs, orderonly))
 self.rule_targets[rule].append(stamp)
 self.stamp_targets[rule].append(stamp)
-- 
2.26.2

[PULL 16/57] doc: Cleanup "'-mem-path' fallback to RAM" deprecation text

2020-09-19 Thread Paolo Bonzini 
From: Igor Mammedov 

it was actually removed in 5.0,
commit 68a86dc15c (numa: remove deprecated -mem-path fallback to anonymous RAM)
clean up forgotten remnants in docs.

Signed-off-by: Igor Mammedov 
Message-Id: <20200911084410.788171-3-imamm...@redhat.com>
Signed-off-by: Paolo Bonzini 
---
 docs/system/deprecated.rst | 21 ++---
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
index bb59061c1b..4465eddcc3 100644
--- a/docs/system/deprecated.rst
+++ b/docs/system/deprecated.rst
@@ -104,17 +104,6 @@ error in the future.
 The ``-realtime mlock=on|off`` argument has been replaced by the
 ``-overcommit mem-lock=on|off`` argument.
 
-``-mem-path`` fallback to RAM (since 4.1)
-'
-
-Currently if guest RAM allocation from file pointed by ``mem-path``
-fails, QEMU falls back to allocating from RAM, which might result
-in unpredictable behavior since the backing file specified by the user
-is ignored. In the future, users will be responsible for making sure
-the backing storage specified with ``-mem-path`` can actually provide
-the guest RAM configured with ``-m`` and QEMU will fail to start up if
-RAM allocation is unsuccessful.
-
 RISC-V ``-bios`` (since 5.1)
 
 
@@ -647,6 +636,16 @@ New machine versions (since 5.1) will not accept the 
option but it will still
 work with old machine types. User can check the QAPI schema to see if the 
legacy
 option is supported by looking at MachineInfo::numa-mem-supported property.
 
+``-mem-path`` fallback to RAM (removed in 5.0)
+''
+
+If guest RAM allocation from file pointed by ``mem-path`` failed,
+QEMU was falling back to allocating from RAM, which might have resulted
+in unpredictable behavior since the backing file specified by the user
+as ignored. Currently, users are responsible for making sure the backing 
storage
+specified with ``-mem-path`` can actually provide the guest RAM configured with
+``-m`` and QEMU fails to start up if RAM allocation is unsuccessful.
+
 Block devices
 -
 
-- 
2.26.2

[PULL 02/57] iotests: Work around failing readlink -f

2020-09-19 Thread Paolo Bonzini 
From: Max Reitz 

On macOS, (out of the box) readlink does not have -f.  If the recent
"readlink -f" call introduced by b1cbc33a397 fails, just fall back to
the old behavior (which means you can run the iotests only from the
build tree, but that worked fine for six years, so it should be fine
still).

Keep any potential error message on stderr.  If users want to run the
iotests from outside the build tree, this may point them to what's wrong
(with their system).

Fixes: b1cbc33a3971b6bb005d5ac3569feae35a71de0f
   ("iotests: Allow running from different directory")
Reported-by: Claudio Fontana 
Reported-by: Thomas Huth 
Signed-off-by: Max Reitz 
---
 tests/qemu-iotests/check | 4 
 1 file changed, 4 insertions(+)

diff --git a/tests/qemu-iotests/check b/tests/qemu-iotests/check
index e14a1f354d..75675e1a18 100755
--- a/tests/qemu-iotests/check
+++ b/tests/qemu-iotests/check
@@ -45,6 +45,10 @@ then
 fi
 source_iotests=$(cd "$source_iotests"; pwd) || _init_error "failed to 
enter source tree"
 build_iotests=$(readlink -f $(dirname "$0"))
+if [ "$?" -ne 0 ]; then
+# Perhaps -f is unsupported, revert to pre-b1cbc33a397 behavior
+build_iotests=$PWD
+fi
 else
 # called from the source tree
 source_iotests=$PWD
-- 
2.26.2

[PATCH] configure: fix performance regression due to PIC objects

2020-09-19 Thread Paolo Bonzini 
Because most files in QEMU are grouped into static libraries, Meson 
conservatively
compiles them with -fPIC.  This is overkill and produces slowdowns up to 20% on
some TCG tests.

As a stopgap measure, use the b_staticpic option to limit the slowdown to
--enable-pie.  https://github.com/mesonbuild/meson/pull/7760 will allow
us to use b_staticpic=false and let Meson do the right thing.

Reported-by: Ahmed Karaman 
Signed-off-by: Paolo Bonzini 
---
 configure | 1 +
 1 file changed, 1 insertion(+)

diff --git a/configure b/configure
index 0004c46525..0786144043 100755
--- a/configure
+++ b/configure
@@ -7414,6 +7414,7 @@ NINJA=${ninja:-$PWD/ninjatool} $meson setup \
 -Dwerror=$(if test "$werror" = yes; then echo true; else echo false; 
fi) \
 -Dstrip=$(if test "$strip_opt" = yes; then echo true; else echo false; 
fi) \
 -Db_pie=$(if test "$pie" = yes; then echo true; else echo false; fi) \
+-Db_staticpic=$(if test "$pie" = yes; then echo true; else echo false; 
fi) \
 -Db_coverage=$(if test "$gcov" = yes; then echo true; else echo false; 
fi) \
-Dmalloc=$malloc -Dmalloc_trim=$malloc_trim -Dsparse=$sparse \
-Dkvm=$kvm -Dhax=$hax -Dwhpx=$whpx -Dhvf=$hvf \
-- 
2.26.2

[PATCH] qom: code hardening - have bound checking while looping with integer value

2020-09-19 Thread Ani Sinha 
Object property insertion code iterates over an integer to get an unused
index that can be used as an unique name for an object property. This loop
increments the integer value indefinitely. Although very unlikely, this can
still cause an integer overflow.
In this change, we fix the above code by checking against INT_MAX and making
sure that the interger index does not overflow beyond that value. If no
available index is found, the code would cause an assertion failure. This
assertion failure is necessary because the callers of the function do not check
the return value for NULL.

Signed-off-by: Ani Sinha 
---
 qom/object.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/qom/object.c b/qom/object.c
index 00fdf89b3b..62414da67f 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -1158,11 +1158,11 @@ object_property_try_add(Object *obj, const char *name, 
const char *type,
 
 if (name_len >= 3 && !memcmp(name + name_len - 3, "[*]", 4)) {
 int i;
-ObjectProperty *ret;
+ObjectProperty *ret = NULL;
 char *name_no_array = g_strdup(name);
 
 name_no_array[name_len - 3] = '\0';
-for (i = 0; ; ++i) {
+for (i = 0; i < INT_MAX; ++i) {
 char *full_name = g_strdup_printf("%s[%d]", name_no_array, i);
 
 ret = object_property_try_add(obj, full_name, type, get, set,
@@ -1173,6 +1173,7 @@ object_property_try_add(Object *obj, const char *name, 
const char *type,
 }
 }
 g_free(name_no_array);
+assert(ret);
 return ret;
 }
 
-- 
2.17.1

[PATCH 7/7] s390x/pci: get zPCI function info from host

2020-09-19 Thread Matthew Rosato 
We use the VFIO_REGION_SUBTYPE_ZDEV_CLP subregion of PCI_VENDOR_ID_IBM to
retrieve the CLP information the kernel exports.

To be compatible with previous kernel versions we fall back on previous
predefined values, same as the emulation values, when the region is not
found.  If individual CLP feature(s) are not found in the region, we fall
back on default values for only those features missing from the region.

This patch is based on work previously done by Pierre Morel.

Signed-off-by: Matthew Rosato 
---
 hw/s390x/meson.build |   1 +
 hw/s390x/s390-pci-bus.c  |  10 +-
 hw/s390x/s390-pci-bus.h  |   1 +
 hw/s390x/s390-pci-clp.h  |  12 ++-
 hw/s390x/s390-pci-vfio.c | 235 +++
 hw/s390x/s390-pci-vfio.h |  19 
 6 files changed, 271 insertions(+), 7 deletions(-)
 create mode 100644 hw/s390x/s390-pci-vfio.c
 create mode 100644 hw/s390x/s390-pci-vfio.h

diff --git a/hw/s390x/meson.build b/hw/s390x/meson.build
index b63782d..ed2f66b 100644
--- a/hw/s390x/meson.build
+++ b/hw/s390x/meson.build
@@ -10,6 +10,7 @@ s390x_ss.add(files(
   's390-ccw.c',
   's390-pci-bus.c',
   's390-pci-inst.c',
+  's390-pci-vfio.c',
   's390-skeys.c',
   's390-stattrib.c',
   's390-virtio-hcall.c',
diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index d5255ba..f1a9cd8 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -17,6 +17,7 @@
 #include "cpu.h"
 #include "s390-pci-bus.h"
 #include "s390-pci-inst.h"
+#include "s390-pci-vfio.h"
 #include "hw/pci/pci_bus.h"
 #include "hw/qdev-properties.h"
 #include "hw/pci/pci_bridge.h"
@@ -737,7 +738,7 @@ static void s390_pci_iommu_free(S390pciState *s, PCIBus 
*bus, int32_t devfn)
 object_unref(OBJECT(iommu));
 }
 
-static S390PCIGroup *s390_grp_create(int ug)
+S390PCIGroup *s390_grp_create(int ug)
 {
 S390PCIGroup *grp;
 S390pciState *s = s390_get_phb();
@@ -782,7 +783,7 @@ static void set_pbdev_info(S390PCIBusDevice *pbdev)
 pbdev->zpci_fn.sdma = ZPCI_SDMA_ADDR;
 pbdev->zpci_fn.edma = ZPCI_EDMA_ADDR;
 pbdev->zpci_fn.pchid = 0;
-pbdev->zpci_fn.ug = ZPCI_DEFAULT_FN_GRP;
+pbdev->zpci_fn.pfgid = ZPCI_DEFAULT_FN_GRP;
 pbdev->zpci_fn.fid = pbdev->fid;
 pbdev->zpci_fn.uid = pbdev->uid;
 pbdev->pci_grp = s390_grp_find(ZPCI_DEFAULT_FN_GRP);
@@ -861,7 +862,8 @@ static int s390_pci_msix_init(S390PCIBusDevice *pbdev)
 name = g_strdup_printf("msix-s390-%04x", pbdev->uid);
 memory_region_init_io(>msix_notify_mr, OBJECT(pbdev),
   _msi_ctrl_ops, pbdev, name, PAGE_SIZE);
-memory_region_add_subregion(>iommu->mr, ZPCI_MSI_ADDR,
+memory_region_add_subregion(>iommu->mr,
+pbdev->pci_grp->zpci_grp.msia,
 >msix_notify_mr);
 g_free(name);
 
@@ -1013,6 +1015,8 @@ static void s390_pcihost_plug(HotplugHandler 
*hotplug_dev, DeviceState *dev,
 
 if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) {
 pbdev->fh |= FH_SHM_VFIO;
+/* Fill in CLP information passed via the vfio region */
+s390_pci_get_clp_info(pbdev);
 } else {
 pbdev->fh |= FH_SHM_EMUL;
 }
diff --git a/hw/s390x/s390-pci-bus.h b/hw/s390x/s390-pci-bus.h
index 7821856..5c0519b 100644
--- a/hw/s390x/s390-pci-bus.h
+++ b/hw/s390x/s390-pci-bus.h
@@ -322,6 +322,7 @@ typedef struct S390PCIGroup {
 int ug;
 QTAILQ_ENTRY(S390PCIGroup) link;
 } S390PCIGroup;
+S390PCIGroup *s390_grp_create(int ug);
 S390PCIGroup *s390_grp_find(int ug);
 
 struct S390PCIBusDevice {
diff --git a/hw/s390x/s390-pci-clp.h b/hw/s390x/s390-pci-clp.h
index e442307..5dd87c8 100644
--- a/hw/s390x/s390-pci-clp.h
+++ b/hw/s390x/s390-pci-clp.h
@@ -79,6 +79,7 @@ typedef struct ClpFhListEntry {
 #define CLP_SET_DISABLE_PCI_FN 1 /* Yes, 1 disables it */
 
 #define CLP_UTIL_STR_LEN 64
+#define CLP_PFIP_NR_SEGMENTS 4
 
 #define CLP_MASK_FMT 0xf000
 
@@ -120,14 +121,17 @@ typedef struct ClpRspQueryPci {
 uint32_t fmt;
 uint64_t reserved1;
 uint16_t vfn; /* virtual fn number */
-#define CLP_RSP_QPCI_MASK_UTIL  0x100
-#define CLP_RSP_QPCI_MASK_PFGID 0xff
-uint16_t ug;
+#define CLP_RSP_QPCI_MASK_UTIL  0x01
+uint8_t flags;
+uint8_t pfgid;
 uint32_t fid; /* pci function id */
 uint8_t bar_size[PCI_BAR_COUNT];
 uint16_t pchid;
 uint32_t bar[PCI_BAR_COUNT];
-uint64_t reserved2;
+uint8_t pfip[CLP_PFIP_NR_SEGMENTS];
+uint16_t reserved2;
+uint8_t fmbl;
+uint8_t pft;
 uint64_t sdma; /* start dma as */
 uint64_t edma; /* end dma as */
 uint32_t reserved3[11];
diff --git a/hw/s390x/s390-pci-vfio.c b/hw/s390x/s390-pci-vfio.c
new file mode 100644
index 000..a18da63
--- /dev/null
+++ b/hw/s390x/s390-pci-vfio.c
@@ -0,0 +1,235 @@
+/*
+ * s390 vfio-pci interfaces
+ *
+ * Copyright 2020 IBM Corp.
+ * Author(s): Matthew Rosato 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at
+ * your option) any later

[PATCH 4/7] s390x/pci: use a PCI Group structure

2020-09-19 Thread Matthew Rosato 
From: Pierre Morel 

We use a S390PCIGroup structure to hold the information related to a
zPCI Function group.

This allows us to be ready to support multiple groups and to retrieve
the group information from the host.

Signed-off-by: Pierre Morel 
Signed-off-by: Matthew Rosato 
---
 hw/s390x/s390-pci-bus.c  | 42 ++
 hw/s390x/s390-pci-bus.h  | 10 ++
 hw/s390x/s390-pci-inst.c | 22 +-
 3 files changed, 65 insertions(+), 9 deletions(-)

diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index 92146a2..3015d86 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -737,6 +737,46 @@ static void s390_pci_iommu_free(S390pciState *s, PCIBus 
*bus, int32_t devfn)
 object_unref(OBJECT(iommu));
 }
 
+static S390PCIGroup *s390_grp_create(int ug)
+{
+S390PCIGroup *grp;
+S390pciState *s = s390_get_phb();
+
+grp = g_new0(S390PCIGroup, 1);
+grp->ug = ug;
+QTAILQ_INSERT_TAIL(>zpci_grps, grp, link);
+return grp;
+}
+
+S390PCIGroup *s390_grp_find(int ug)
+{
+S390PCIGroup *grp;
+S390pciState *s = s390_get_phb();
+
+QTAILQ_FOREACH(grp, >zpci_grps, link) {
+if ((grp->ug & CLP_REQ_QPCIG_MASK_PFGID) == ug) {
+return grp;
+}
+}
+return NULL;
+}
+
+static void s390_pci_init_default_group(void)
+{
+S390PCIGroup *grp;
+ClpRspQueryPciGrp *resgrp;
+
+grp = s390_grp_create(ZPCI_DEFAULT_FN_GRP);
+resgrp = >zpci_grp;
+resgrp->fr = 1;
+stq_p(>dasm, 0);
+stq_p(>msia, ZPCI_MSI_ADDR);
+stw_p(>mui, DEFAULT_MUI);
+stw_p(>i, 128);
+stw_p(>maxstbl, 128);
+resgrp->version = 0;
+}
+
 static void s390_pcihost_realize(DeviceState *dev, Error **errp)
 {
 PCIBus *b;
@@ -764,7 +804,9 @@ static void s390_pcihost_realize(DeviceState *dev, Error 
**errp)
 s->bus_no = 0;
 QTAILQ_INIT(>pending_sei);
 QTAILQ_INIT(>zpci_devs);
+QTAILQ_INIT(>zpci_grps);
 
+s390_pci_init_default_group();
 css_register_io_adapters(CSS_IO_ADAPTER_PCI, true, false,
  S390_ADAPTER_SUPPRESSIBLE, errp);
 }
diff --git a/hw/s390x/s390-pci-bus.h b/hw/s390x/s390-pci-bus.h
index da416cb..2399376 100644
--- a/hw/s390x/s390-pci-bus.h
+++ b/hw/s390x/s390-pci-bus.h
@@ -316,6 +316,14 @@ typedef struct ZpciFmb {
 } ZpciFmb;
 QEMU_BUILD_BUG_MSG(offsetof(ZpciFmb, fmt0) != 48, "padding in ZpciFmb");
 
+#define ZPCI_DEFAULT_FN_GRP 0x20
+typedef struct S390PCIGroup {
+ClpRspQueryPciGrp zpci_grp;
+int ug;
+QTAILQ_ENTRY(S390PCIGroup) link;
+} S390PCIGroup;
+S390PCIGroup *s390_grp_find(int ug);
+
 struct S390PCIBusDevice {
 DeviceState qdev;
 PCIDevice *pdev;
@@ -333,6 +341,7 @@ struct S390PCIBusDevice {
 uint16_t noi;
 uint16_t maxstbl;
 uint8_t sum;
+S390PCIGroup *pci_grp;
 S390MsixInfo msix;
 AdapterRoutes routes;
 S390PCIIOMMU *iommu;
@@ -357,6 +366,7 @@ struct S390pciState {
 GHashTable *zpci_table;
 QTAILQ_HEAD(, SeiContainer) pending_sei;
 QTAILQ_HEAD(, S390PCIBusDevice) zpci_devs;
+QTAILQ_HEAD(, S390PCIGroup) zpci_grps;
 };
 
 S390pciState *s390_get_phb(void);
diff --git a/hw/s390x/s390-pci-inst.c b/hw/s390x/s390-pci-inst.c
index 2f7a7d7..946de25 100644
--- a/hw/s390x/s390-pci-inst.c
+++ b/hw/s390x/s390-pci-inst.c
@@ -284,21 +284,25 @@ int clp_service_call(S390CPU *cpu, uint8_t r2, uintptr_t 
ra)
 stq_p(>edma, ZPCI_EDMA_ADDR);
 stl_p(>fid, pbdev->fid);
 stw_p(>pchid, 0);
-stw_p(>ug, 1);
+stw_p(>ug, ZPCI_DEFAULT_FN_GRP);
 stl_p(>uid, pbdev->uid);
 stw_p(>hdr.rsp, CLP_RC_OK);
 break;
 }
 case CLP_QUERY_PCI_FNGRP: {
 ClpRspQueryPciGrp *resgrp = (ClpRspQueryPciGrp *)resh;
-resgrp->fr = 1;
-stq_p(>dasm, 0);
-stq_p(>msia, ZPCI_MSI_ADDR);
-stw_p(>mui, DEFAULT_MUI);
-stw_p(>i, 128);
-stw_p(>maxstbl, 128);
-resgrp->version = 0;
 
+ClpReqQueryPciGrp *reqgrp = (ClpReqQueryPciGrp *)reqh;
+S390PCIGroup *grp;
+
+grp = s390_grp_find(reqgrp->g);
+if (!grp) {
+/* We do not allow access to unknown groups */
+/* The group must have been obtained with a vfio device */
+stw_p(>hdr.rsp, CLP_RC_QUERYPCIFG_PFGID);
+goto out;
+}
+memcpy(resgrp, >zpci_grp, sizeof(ClpRspQueryPciGrp));
 stw_p(>hdr.rsp, CLP_RC_OK);
 break;
 }
@@ -754,7 +758,7 @@ int pcistb_service_call(S390CPU *cpu, uint8_t r1, uint8_t 
r3, uint64_t gaddr,
 }
 /* Length must be greater than 8, a multiple of 8 */
 /* and not greater than maxstbl */
-if ((len <= 8) || (len % 8) || (len > pbdev->maxstbl)) {
+if ((len <= 8) || (len % 8) || (len > pbdev->pci_grp->zpci_grp.maxstbl)) {
 goto specification_error;
 }
 /* Do not cross a 4K-byte boundary */
-- 
1.8.3.1

[PATCH 6/7] s390x/pci: use a PCI Function structure

2020-09-19 Thread Matthew Rosato 
From: Pierre Morel 

We use a ClpRspQueryPci structure to hold the information related to a
zPCI Function.

This allows us to be ready to support different zPCI functions and to
retrieve the zPCI function information from the host.

Signed-off-by: Pierre Morel 
Signed-off-by: Matthew Rosato 
---
 hw/s390x/s390-pci-bus.c  | 22 +-
 hw/s390x/s390-pci-bus.h  |  1 +
 hw/s390x/s390-pci-inst.c |  8 ++--
 3 files changed, 20 insertions(+), 11 deletions(-)

diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index dc2..d5255ba 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -777,6 +777,17 @@ static void s390_pci_init_default_group(void)
 resgrp->version = 0;
 }
 
+static void set_pbdev_info(S390PCIBusDevice *pbdev)
+{
+pbdev->zpci_fn.sdma = ZPCI_SDMA_ADDR;
+pbdev->zpci_fn.edma = ZPCI_EDMA_ADDR;
+pbdev->zpci_fn.pchid = 0;
+pbdev->zpci_fn.ug = ZPCI_DEFAULT_FN_GRP;
+pbdev->zpci_fn.fid = pbdev->fid;
+pbdev->zpci_fn.uid = pbdev->uid;
+pbdev->pci_grp = s390_grp_find(ZPCI_DEFAULT_FN_GRP);
+}
+
 static void s390_pcihost_realize(DeviceState *dev, Error **errp)
 {
 PCIBus *b;
@@ -994,17 +1005,18 @@ static void s390_pcihost_plug(HotplugHandler 
*hotplug_dev, DeviceState *dev,
 }
 }
 
+pbdev->pdev = pdev;
+pbdev->iommu = s390_pci_get_iommu(s, pci_get_bus(pdev), pdev->devfn);
+pbdev->iommu->pbdev = pbdev;
+pbdev->state = ZPCI_FS_DISABLED;
+set_pbdev_info(pbdev);
+
 if (object_dynamic_cast(OBJECT(dev), "vfio-pci")) {
 pbdev->fh |= FH_SHM_VFIO;
 } else {
 pbdev->fh |= FH_SHM_EMUL;
 }
 
-pbdev->pdev = pdev;
-pbdev->iommu = s390_pci_get_iommu(s, pci_get_bus(pdev), pdev->devfn);
-pbdev->iommu->pbdev = pbdev;
-pbdev->state = ZPCI_FS_DISABLED;
-
 if (s390_pci_msix_init(pbdev)) {
 error_setg(errp, "MSI-X support is mandatory "
"in the S390 architecture");
diff --git a/hw/s390x/s390-pci-bus.h b/hw/s390x/s390-pci-bus.h
index 2399376..7821856 100644
--- a/hw/s390x/s390-pci-bus.h
+++ b/hw/s390x/s390-pci-bus.h
@@ -342,6 +342,7 @@ struct S390PCIBusDevice {
 uint16_t maxstbl;
 uint8_t sum;
 S390PCIGroup *pci_grp;
+ClpRspQueryPci zpci_fn;
 S390MsixInfo msix;
 AdapterRoutes routes;
 S390PCIIOMMU *iommu;
diff --git a/hw/s390x/s390-pci-inst.c b/hw/s390x/s390-pci-inst.c
index 946de25..22a0884 100644
--- a/hw/s390x/s390-pci-inst.c
+++ b/hw/s390x/s390-pci-inst.c
@@ -267,6 +267,8 @@ int clp_service_call(S390CPU *cpu, uint8_t r2, uintptr_t ra)
 goto out;
 }
 
+memcpy(resquery, >zpci_fn, sizeof(*resquery));
+
 for (i = 0; i < PCI_BAR_COUNT; i++) {
 uint32_t data = pci_get_long(pbdev->pdev->config +
 PCI_BASE_ADDRESS_0 + (i * 4));
@@ -280,12 +282,6 @@ int clp_service_call(S390CPU *cpu, uint8_t r2, uintptr_t 
ra)
 resquery->bar_size[i]);
 }
 
-stq_p(>sdma, ZPCI_SDMA_ADDR);
-stq_p(>edma, ZPCI_EDMA_ADDR);
-stl_p(>fid, pbdev->fid);
-stw_p(>pchid, 0);
-stw_p(>ug, ZPCI_DEFAULT_FN_GRP);
-stl_p(>uid, pbdev->uid);
 stw_p(>hdr.rsp, CLP_RC_OK);
 break;
 }
-- 
1.8.3.1

[PATCH 5/7] s390x/pci: clean up s390 PCI groups

2020-09-19 Thread Matthew Rosato 
Add a step to remove all stashed PCI groups to avoid stale data between
machine resets.

Signed-off-by: Matthew Rosato 
---
 hw/s390x/s390-pci-bus.c | 12 
 1 file changed, 12 insertions(+)

diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c
index 3015d86..dc2 100644
--- a/hw/s390x/s390-pci-bus.c
+++ b/hw/s390x/s390-pci-bus.c
@@ -811,6 +811,17 @@ static void s390_pcihost_realize(DeviceState *dev, Error 
**errp)
  S390_ADAPTER_SUPPRESSIBLE, errp);
 }
 
+static void s390_pcihost_unrealize(DeviceState *dev)
+{
+S390PCIGroup *grp;
+S390pciState *s = S390_PCI_HOST_BRIDGE(dev);
+
+while (!QTAILQ_EMPTY(>zpci_grps)) {
+grp = QTAILQ_FIRST(>zpci_grps);
+QTAILQ_REMOVE(>zpci_grps, grp, link);
+}
+}
+
 static int s390_pci_msix_init(S390PCIBusDevice *pbdev)
 {
 char *name;
@@ -1165,6 +1176,7 @@ static void s390_pcihost_class_init(ObjectClass *klass, 
void *data)
 
 dc->reset = s390_pcihost_reset;
 dc->realize = s390_pcihost_realize;
+dc->unrealize = s390_pcihost_unrealize;
 hc->pre_plug = s390_pcihost_pre_plug;
 hc->plug = s390_pcihost_plug;
 hc->unplug_request = s390_pcihost_unplug_request;
-- 
1.8.3.1

[PATCH 3/7] s390x/pci: create a header dedicated to PCI CLP

2020-09-19 Thread Matthew Rosato 
From: Pierre Morel 

To have a clean separation between s390-pci-bus.h and s390-pci-inst.h
headers we export the PCI CLP instructions in a dedicated header.

Signed-off-by: Pierre Morel 
Signed-off-by: Matthew Rosato 
---
 hw/s390x/s390-pci-bus.h  |   1 +
 hw/s390x/s390-pci-clp.h  | 211 +++
 hw/s390x/s390-pci-inst.h | 196 ---
 3 files changed, 212 insertions(+), 196 deletions(-)
 create mode 100644 hw/s390x/s390-pci-clp.h

diff --git a/hw/s390x/s390-pci-bus.h b/hw/s390x/s390-pci-bus.h
index 0458059..da416cb 100644
--- a/hw/s390x/s390-pci-bus.h
+++ b/hw/s390x/s390-pci-bus.h
@@ -20,6 +20,7 @@
 #include "hw/s390x/s390_flic.h"
 #include "hw/s390x/css.h"
 #include "qom/object.h"
+#include "s390-pci-clp.h"
 
 #define TYPE_S390_PCI_HOST_BRIDGE "s390-pcihost"
 #define TYPE_S390_PCI_BUS "s390-pcibus"
diff --git a/hw/s390x/s390-pci-clp.h b/hw/s390x/s390-pci-clp.h
new file mode 100644
index 000..e442307
--- /dev/null
+++ b/hw/s390x/s390-pci-clp.h
@@ -0,0 +1,211 @@
+/*
+ * s390 CLPinstruction definitions
+ *
+ * Copyright 2019 IBM Corp.
+ * Author(s): Pierre Morel 
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at
+ * your option) any later version. See the COPYING file in the top-level
+ * directory.
+ */
+
+#ifndef HW_S390_PCI_CLP
+#define HW_S390_PCI_CLP
+
+/* CLP common request & response block size */
+#define CLP_BLK_SIZE 4096
+#define PCI_BAR_COUNT 6
+#define PCI_MAX_FUNCTIONS 4096
+
+typedef struct ClpReqHdr {
+uint16_t len;
+uint16_t cmd;
+} QEMU_PACKED ClpReqHdr;
+
+typedef struct ClpRspHdr {
+uint16_t len;
+uint16_t rsp;
+} QEMU_PACKED ClpRspHdr;
+
+/* CLP Response Codes */
+#define CLP_RC_OK 0x0010  /* Command request successfully */
+#define CLP_RC_CMD0x0020  /* Command code not recognized */
+#define CLP_RC_PERM   0x0030  /* Command not authorized */
+#define CLP_RC_FMT0x0040  /* Invalid command request format */
+#define CLP_RC_LEN0x0050  /* Invalid command request length */
+#define CLP_RC_8K 0x0060  /* Command requires 8K LPCB */
+#define CLP_RC_RESNOT00x0070  /* Reserved field not zero */
+#define CLP_RC_NODATA 0x0080  /* No data available */
+#define CLP_RC_FC_UNKNOWN 0x0100  /* Function code not recognized */
+
+/*
+ * Call Logical Processor - Command Codes
+ */
+#define CLP_LIST_PCI0x0002
+#define CLP_QUERY_PCI_FN0x0003
+#define CLP_QUERY_PCI_FNGRP 0x0004
+#define CLP_SET_PCI_FN  0x0005
+
+/* PCI function handle list entry */
+typedef struct ClpFhListEntry {
+uint16_t device_id;
+uint16_t vendor_id;
+#define CLP_FHLIST_MASK_CONFIG 0x8000
+uint32_t config;
+uint32_t fid;
+uint32_t fh;
+} QEMU_PACKED ClpFhListEntry;
+
+#define CLP_RC_SETPCIFN_FH  0x0101 /* Invalid PCI fn handle */
+#define CLP_RC_SETPCIFN_FHOP0x0102 /* Fn handle not valid for op */
+#define CLP_RC_SETPCIFN_DMAAS   0x0103 /* Invalid DMA addr space */
+#define CLP_RC_SETPCIFN_RES 0x0104 /* Insufficient resources */
+#define CLP_RC_SETPCIFN_ALRDY   0x0105 /* Fn already in requested state */
+#define CLP_RC_SETPCIFN_ERR 0x0106 /* Fn in permanent error state */
+#define CLP_RC_SETPCIFN_RECPND  0x0107 /* Error recovery pending */
+#define CLP_RC_SETPCIFN_BUSY0x0108 /* Fn busy */
+#define CLP_RC_LISTPCI_BADRT0x010a /* Resume token not recognized */
+#define CLP_RC_QUERYPCIFG_PFGID 0x010b /* Unrecognized PFGID */
+
+/* request or response block header length */
+#define LIST_PCI_HDR_LEN 32
+
+/* Number of function handles fitting in response block */
+#define CLP_FH_LIST_NR_ENTRIES \
+((CLP_BLK_SIZE - 2 * LIST_PCI_HDR_LEN) \
+/ sizeof(ClpFhListEntry))
+
+#define CLP_SET_ENABLE_PCI_FN  0 /* Yes, 0 enables it */
+#define CLP_SET_DISABLE_PCI_FN 1 /* Yes, 1 disables it */
+
+#define CLP_UTIL_STR_LEN 64
+
+#define CLP_MASK_FMT 0xf000
+
+/* List PCI functions request */
+typedef struct ClpReqListPci {
+ClpReqHdr hdr;
+uint32_t fmt;
+uint64_t reserved1;
+uint64_t resume_token;
+uint64_t reserved2;
+} QEMU_PACKED ClpReqListPci;
+
+/* List PCI functions response */
+typedef struct ClpRspListPci {
+ClpRspHdr hdr;
+uint32_t fmt;
+uint64_t reserved1;
+uint64_t resume_token;
+uint32_t mdd;
+uint16_t max_fn;
+uint8_t flags;
+uint8_t entry_size;
+ClpFhListEntry fh_list[CLP_FH_LIST_NR_ENTRIES];
+} QEMU_PACKED ClpRspListPci;
+
+/* Query PCI function request */
+typedef struct ClpReqQueryPci {
+ClpReqHdr hdr;
+uint32_t fmt;
+uint64_t reserved1;
+uint32_t fh; /* function handle */
+uint32_t reserved2;
+uint64_t reserved3;
+} QEMU_PACKED ClpReqQueryPci;
+
+/* Query PCI function response */
+typedef struct ClpRspQueryPci {
+ClpRspHdr hdr;
+uint32_t fmt;
+uint64_t reserved1;
+uint16_t vfn; /* virtual fn number */
+#define CLP_RSP_QPCI_MASK_UTIL  0x100
+#define CLP_RSP_QPCI_MASK_PFGID 0xff
+

[PATCH 2/7] linux-headers: update against 5.9-rc5

2020-09-19 Thread Matthew Rosato 
PLACEHOLDER as the kernel patch driving the need for this ("vfio-pci/zdev:
define the vfio_zdev header") isn't merged yet.

Signed-off-by: Matthew Rosato 
---
 include/standard-headers/drm/drm_fourcc.h  | 140 +
 include/standard-headers/linux/ethtool.h   |  87 +
 include/standard-headers/linux/input-event-codes.h |   3 +-
 include/standard-headers/linux/vhost_types.h   |  11 ++
 include/standard-headers/linux/virtio_9p.h |   4 +-
 include/standard-headers/linux/virtio_blk.h|  26 ++--
 include/standard-headers/linux/virtio_config.h |   8 +-
 include/standard-headers/linux/virtio_console.h|   8 +-
 include/standard-headers/linux/virtio_net.h|   6 +-
 include/standard-headers/linux/virtio_scsi.h   |  20 +--
 linux-headers/asm-generic/unistd.h |   6 +-
 linux-headers/asm-mips/unistd_n32.h|   1 +
 linux-headers/asm-mips/unistd_n64.h|   1 +
 linux-headers/asm-mips/unistd_o32.h|   1 +
 linux-headers/asm-powerpc/kvm.h|   5 +
 linux-headers/asm-powerpc/unistd_32.h  |   1 +
 linux-headers/asm-powerpc/unistd_64.h  |   1 +
 linux-headers/asm-s390/kvm.h   |   7 +-
 linux-headers/asm-s390/unistd_32.h |   1 +
 linux-headers/asm-s390/unistd_64.h |   1 +
 linux-headers/asm-x86/unistd_32.h  |   1 +
 linux-headers/asm-x86/unistd_64.h  |   1 +
 linux-headers/asm-x86/unistd_x32.h |   1 +
 linux-headers/linux/kvm.h  |  10 +-
 linux-headers/linux/vfio.h |   7 +-
 linux-headers/linux/vfio_zdev.h| 116 +
 linux-headers/linux/vhost.h|   2 +
 27 files changed, 433 insertions(+), 43 deletions(-)
 create mode 100644 linux-headers/linux/vfio_zdev.h

diff --git a/include/standard-headers/drm/drm_fourcc.h 
b/include/standard-headers/drm/drm_fourcc.h
index 909a667..0de1a55 100644
--- a/include/standard-headers/drm/drm_fourcc.h
+++ b/include/standard-headers/drm/drm_fourcc.h
@@ -235,6 +235,12 @@ extern "C" {
 #define DRM_FORMAT_NV61fourcc_code('N', 'V', '6', '1') /* 2x1 
subsampled Cb:Cr plane */
 #define DRM_FORMAT_NV24fourcc_code('N', 'V', '2', '4') /* 
non-subsampled Cr:Cb plane */
 #define DRM_FORMAT_NV42fourcc_code('N', 'V', '4', '2') /* 
non-subsampled Cb:Cr plane */
+/*
+ * 2 plane YCbCr
+ * index 0 = Y plane, [39:0] Y3:Y2:Y1:Y0 little endian
+ * index 1 = Cr:Cb plane, [39:0] Cr1:Cb1:Cr0:Cb0 little endian
+ */
+#define DRM_FORMAT_NV15fourcc_code('N', 'V', '1', '5') /* 2x2 
subsampled Cr:Cb plane */
 
 /*
  * 2 plane YCbCr MSB aligned
@@ -264,6 +270,22 @@ extern "C" {
  */
 #define DRM_FORMAT_P016fourcc_code('P', '0', '1', '6') /* 2x2 
subsampled Cr:Cb plane 16 bits per channel */
 
+/* 3 plane non-subsampled (444) YCbCr
+ * 16 bits per component, but only 10 bits are used and 6 bits are padded
+ * index 0: Y plane, [15:0] Y:x [10:6] little endian
+ * index 1: Cb plane, [15:0] Cb:x [10:6] little endian
+ * index 2: Cr plane, [15:0] Cr:x [10:6] little endian
+ */
+#define DRM_FORMAT_Q410fourcc_code('Q', '4', '1', '0')
+
+/* 3 plane non-subsampled (444) YCrCb
+ * 16 bits per component, but only 10 bits are used and 6 bits are padded
+ * index 0: Y plane, [15:0] Y:x [10:6] little endian
+ * index 1: Cr plane, [15:0] Cr:x [10:6] little endian
+ * index 2: Cb plane, [15:0] Cb:x [10:6] little endian
+ */
+#define DRM_FORMAT_Q401fourcc_code('Q', '4', '0', '1')
+
 /*
  * 3 plane YCbCr
  * index 0: Y plane, [7:0] Y
@@ -308,6 +330,7 @@ extern "C" {
 #define DRM_FORMAT_MOD_VENDOR_BROADCOM 0x07
 #define DRM_FORMAT_MOD_VENDOR_ARM 0x08
 #define DRM_FORMAT_MOD_VENDOR_ALLWINNER 0x09
+#define DRM_FORMAT_MOD_VENDOR_AMLOGIC 0x0a
 
 /* add more to the end as needed */
 
@@ -322,8 +345,33 @@ extern "C" {
  * When adding a new token please document the layout with a code comment,
  * similar to the fourcc codes above. drm_fourcc.h is considered the
  * authoritative source for all of these.
+ *
+ * Generic modifier names:
+ *
+ * DRM_FORMAT_MOD_GENERIC_* definitions are used to provide vendor-neutral 
names
+ * for layouts which are common across multiple vendors. To preserve
+ * compatibility, in cases where a vendor-specific definition already exists 
and
+ * a generic name for it is desired, the common name is a purely symbolic alias
+ * and must use the same numerical value as the original definition.
+ *
+ * Note that generic names should only be used for modifiers which describe
+ * generic layouts (such as pixel re-ordering), which may have
+ * independently-developed support across multiple vendors.
+ *
+ * In future cases where a generic layout is identified before merging with a
+ * vendor-specific modifier, a new 'GENERIC' vendor or

[PATCH 1/7] update-linux-headers: Add vfio_zdev.h

2020-09-19 Thread Matthew Rosato 
vfio_zdev.h is used by s390x zPCI support to pass device-specific
CLP information between host and userspace.

Signed-off-by: Matthew Rosato 
---
 scripts/update-linux-headers.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/update-linux-headers.sh b/scripts/update-linux-headers.sh
index 29c27f4..9efbaf2 100755
--- a/scripts/update-linux-headers.sh
+++ b/scripts/update-linux-headers.sh
@@ -141,7 +141,7 @@ done
 
 rm -rf "$output/linux-headers/linux"
 mkdir -p "$output/linux-headers/linux"
-for header in kvm.h vfio.h vfio_ccw.h vhost.h \
+for header in kvm.h vfio.h vfio_ccw.h vfio_zdev.h vhost.h \
   psci.h psp-sev.h userfaultfd.h mman.h; do
 cp "$tmpdir/include/linux/$header" "$output/linux-headers/linux"
 done
-- 
1.8.3.1

[PATCH 0/7] Retrieve zPCI hardware information from VFIO

2020-09-19 Thread Matthew Rosato 
This patchset exploits the VFIO ZPCI CLP region, which provides hardware
information about passed-through s390 PCI devices that can be shared with
the guest.

The retrieval of this information is done once per function (and for a
subset of data, once per function group) and is performed at time of device
plug.  Some elements provided in the CLP region must still be forced to
default values for now to reflect what QEMU actually provides support for.

The original work for this feature was done by Pierre Morel.

Note: This patchset will overlap with "s390x/pci: Accomodate vfio DMA
limiting" because they both add hw/s390x/s390-pci-vfio.* - This is
intentional as both patchsets add functionality that belongs in these new
files.  Once one set is taken, I'll rebase the other on top of it.

Associated kernel patchset:
https://marc.info/?l=kvm=160052933112238=2

Matthew Rosato (4):
  update-linux-headers: Add vfio_zdev.h
  linux-headers: update against 5.9-rc5
  s390x/pci: clean up s390 PCI groups
  s390x/pci: get zPCI function info from host

Pierre Morel (3):
  s390x/pci: create a header dedicated to PCI CLP
  s390x/pci: use a PCI Group structure
  s390x/pci: use a PCI Function structure

 hw/s390x/meson.build   |   1 +
 hw/s390x/s390-pci-bus.c|  82 ++-
 hw/s390x/s390-pci-bus.h|  13 ++
 hw/s390x/s390-pci-clp.h| 215 +++
 hw/s390x/s390-pci-inst.c   |  28 +--
 hw/s390x/s390-pci-inst.h   | 196 -
 hw/s390x/s390-pci-vfio.c   | 235 +
 hw/s390x/s390-pci-vfio.h   |  19 ++
 include/standard-headers/drm/drm_fourcc.h  | 140 
 include/standard-headers/linux/ethtool.h   |  87 
 include/standard-headers/linux/input-event-codes.h |   3 +-
 include/standard-headers/linux/vhost_types.h   |  11 +
 include/standard-headers/linux/virtio_9p.h |   4 +-
 include/standard-headers/linux/virtio_blk.h|  26 +--
 include/standard-headers/linux/virtio_config.h |   8 +-
 include/standard-headers/linux/virtio_console.h|   8 +-
 include/standard-headers/linux/virtio_net.h|   6 +-
 include/standard-headers/linux/virtio_scsi.h   |  20 +-
 linux-headers/asm-generic/unistd.h |   6 +-
 linux-headers/asm-mips/unistd_n32.h|   1 +
 linux-headers/asm-mips/unistd_n64.h|   1 +
 linux-headers/asm-mips/unistd_o32.h|   1 +
 linux-headers/asm-powerpc/kvm.h|   5 +
 linux-headers/asm-powerpc/unistd_32.h  |   1 +
 linux-headers/asm-powerpc/unistd_64.h  |   1 +
 linux-headers/asm-s390/kvm.h   |   7 +-
 linux-headers/asm-s390/unistd_32.h |   1 +
 linux-headers/asm-s390/unistd_64.h |   1 +
 linux-headers/asm-x86/unistd_32.h  |   1 +
 linux-headers/asm-x86/unistd_64.h  |   1 +
 linux-headers/asm-x86/unistd_x32.h |   1 +
 linux-headers/linux/kvm.h  |  10 +-
 linux-headers/linux/vfio.h |   7 +-
 linux-headers/linux/vfio_zdev.h| 116 ++
 linux-headers/linux/vhost.h|   2 +
 scripts/update-linux-headers.sh|   2 +-
 36 files changed, 1007 insertions(+), 260 deletions(-)
 create mode 100644 hw/s390x/s390-pci-clp.h
 create mode 100644 hw/s390x/s390-pci-vfio.c
 create mode 100644 hw/s390x/s390-pci-vfio.h
 create mode 100644 linux-headers/linux/vfio_zdev.h

-- 
1.8.3.1

Re: [PATCH 0/6] Convert pc-bios Makefiles to meson

2020-09-19 Thread Paolo Bonzini 
On 19/09/20 17:15, Marc-André Lureau wrote:
> 
> 
> I don't know, the way pc-bios/ works seems just wrong to me.  pc-bios
> should IMO be its own build system with support for docker-based cross
> compilers similar to tests/tcg.
> 
> 
> It could still use meson to build the binaries though (like we did for
> qboot). It's more about setting up the environment for the build to
> compile for the target.

Yes, essentially it would set up the cross file.  However, to some
extent whether or not Meson is used would be of relative importance.

Step 1 would probably be to find a place for the common docker
infrastructure, moving the common parts of tests/docker and tests/tcg to
scripts/docker and de-Make-izing them.

Paolo

Re: [PATCH 1/2] file-posix: Correctly read max_segments of SG nodes

2020-09-19 Thread Paolo Bonzini 
On 17/09/20 18:44, Dmitry Fomichev wrote:
> 
> Maxim, looks like you are on top of this problem and your approach sounds
> sensible too me. Just FYI, it is also possible to avoid using 
> SG_GET_SG_TABLESIZE
> ioctl and rely entirely on sysfs, but the code gets a bit more complicated 
> (see below)

I would prefer to have the code in block/ but I have no problem if the
hardware limits are placed in a new field of bs->bl.  Then scsi-block
and scsi-generic can consult it instead of bs->bl.max_transfer.

Paolo

Re: [PATCH 1/2] file-posix: Correctly read max_segments of SG nodes

2020-09-19 Thread Paolo Bonzini 
On 17/09/20 15:16, Max Reitz wrote:
> So is this path ever taken, or can we just replace it all with the ioctl?
> 
> (Before 867eccfed84, this function was used for all host devices, which
> might explain why the code even exists.)

Because 867eccfed84 is wrong.  If you use /dev/sda* with SG_IO you do
need to take into account the hardware max segment size/max segment count.

Probably ->sg needs to be set by the front-end, not by the back-end.  An
even better way (but for which I'd leave the task to you and Kevin)
could be to have a new permission BLK_PERM_WRITE_BYPASS and to reduce
the limits to the hardware limits if anybody has requested that
permission.  I tried to implement that a couple years ago but I just
couldn't wrap my mind around the permission code.

Paolo

  1   2   >