Re: [PULL 4/5] contrib/gitdm: Add Facebook the domain map
> On Mar 10, 2023, at 7:57 AM, Alex Bennée wrote: > > A number of Facebook developers contribute to the project. Peter can > you confirm your want pjd.dev contributions counted here or as > an individual contributor? I want them counted as Facebook, for now. If I leave Facebook I’ll send an update Thanks! Peter > > Signed-off-by: Alex Bennée > Cc: Iris Chen > Cc: Daniel Müller > Reviewed-by: Peter Delevoryas > Message-Id: <20221219121914.851488-9-alex.ben...@linaro.org> > > diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map > index 1ea20b9890..8913a886c9 100644 > --- a/contrib/gitdm/domain-map > +++ b/contrib/gitdm/domain-map > @@ -12,6 +12,7 @@ citrix.com Citrix > crudebyte.com Crudebyte > chinatelecom.cn China Telecom > eldorado.org.br Instituto de Pesquisas Eldorado > +fb.com Facebook > fujitsu.com Fujitsu > google.com Google > greensocs.com GreenSocs > diff --git a/contrib/gitdm/group-map-facebook > b/contrib/gitdm/group-map-facebook > new file mode 100644 > index 00..38589f8fb9 > --- /dev/null > +++ b/contrib/gitdm/group-map-facebook > @@ -0,0 +1,5 @@ > +# > +# Some Facebook contributors also occasionally use personal email addresses. > +# > + > +pe...@pjd.dev > diff --git a/gitdm.config b/gitdm.config > index 288b100d89..907ffde017 100644 > --- a/gitdm.config > +++ b/gitdm.config > @@ -33,6 +33,7 @@ EmailMap contrib/gitdm/domain-map > > GroupMap contrib/gitdm/group-map-cadence Cadence Design Systems > GroupMap contrib/gitdm/group-map-codeweavers CodeWeavers > +GroupMap contrib/gitdm/group-map-facebook Facebook > GroupMap contrib/gitdm/group-map-ibm IBM > GroupMap contrib/gitdm/group-map-janustech Janus Technologies > GroupMap contrib/gitdm/group-map-netflix Netflix > -- > 2.39.2 >
Re: [PULL 3/5] contrib/gitdm: add Tsukasa as an individual contributor
On 2023/03/11 0:57, Alex Bennée wrote: > I wasn't sure if you want to be added as an individual contributor or > an academic so please confirm. Individual. > > Signed-off-by: Alex Bennée > Acked-by: Tsukasa OI > Message-Id: <20221219121914.851488-7-alex.ben...@linaro.org> > > diff --git a/contrib/gitdm/group-map-individuals > b/contrib/gitdm/group-map-individuals > index 53883cc526..e2263a5ee3 100644 > --- a/contrib/gitdm/group-map-individuals > +++ b/contrib/gitdm/group-map-individuals > @@ -37,3 +37,4 @@ akihiko.od...@gmail.com > p...@nowt.org > g...@xen0n.name > si...@simonsafar.com > +research_tra...@irq.a4lg.com
Re: [PATCH nbd 1/4] nbd: Add multi-conn option
On Fri, Mar 10, 2023 at 04:17:17PM -0600, Eric Blake wrote:
> On Thu, Mar 09, 2023 at 11:39:43AM +, Richard W.M. Jones wrote:
> > + * safe for multi-conn, force it to 1.
> > + */
> > +if (!(s->info.flags & NBD_FLAG_CAN_MULTI_CONN)) {
> > +s->multi_conn = 1;
> > +}
> > +
> > return 0;
>
> Is there an intended QAPI counterpart for this command? We'll need
> that if it is to be set during the command line of
> qemu-storage-daemon.
Does it just need to be added to qapi/block-core.json?
It's a shame we can't add the API in one place and have everything
generated from there. Like some kind of 'generator' ...
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html
Re: [PULL 00/73] virtio,pc,pci: features, fixes
Hi,
On 10/3/23 18:32, Peter Maydell wrote:
On Thu, 9 Mar 2023 at 14:47, Michael S. Tsirkin wrote:
I moved it one commit back, now at (96cb085897)
Cornelia posted some concerns about the last commit.
virtio,pc,pci: features, fixes
Several features that landed at the last possible moment:
Passthrough HDM decoder emulation
Refactor cryptodev
RAS error emulation and injection
acpi-index support on non-hotpluggable slots
Dynamically switch to vhost shadow virtqueues at vdpa net migration
Plus a couple of bugfixes that look important to have in the release.
Signed-off-by: Michael S. Tsirkin
Applied, thanks.
I'm getting this failure on Darwin (m1):
C compiler for the host machine: clang (clang 14.0.0 "Apple clang
version 14.0.0 (clang-1400.0.29.202)")
Program iasl found: YES (/opt/homebrew/bin/iasl)
$ make check-qtest-i386 V=1
...
3/61 qemu:qtest+qtest-i386 / qtest-i386/bios-tables-test
ERROR 17.52s killed by signal 6 SIGABRT
―
✀
――
stderr:
acpi-test: Warning! DSDT binary file mismatch. Actual
[aml:/var/folders/yj/r7khncsj4d77k04ybz9lw4tmgn/T/aml-HANQ11],
Expected [aml:tests/data/acpi/pc/DSDT.nosmm].
See source file tests/qtest/bios-tables-test.c for instructions on how
to update expected files.
acpi-test: Warning! DSDT mismatch. Actual
[asl:/var/folders/yj/r7khncsj4d77k04ybz9lw4tmgn/T/asl-1CNQ11.dsl,
aml:/var/folders/yj/r7khncsj4d77k04ybz9lw4tmgn/T/aml-HANQ11],
Expected
[asl:/var/folders/yj/r7khncsj4d77k04ybz9lw4tmgn/T/asl-XXGQ11.dsl,
aml:tests/data/acpi/pc/DSDT.nosmm].
--- /var/folders/yj/r7khncsj4d77k04ybz9lw4tmgn/T/asl-XXGQ11.dsl
2023-03-10 23:16:19
+++ /var/folders/yj/r7khncsj4d77k04ybz9lw4tmgn/T/asl-1CNQ11.dsl
2023-03-10 23:16:19
@@ -1,30 +1,30 @@
/*
* Intel ACPI Component Architecture
* AML/ASL+ Disassembler version 20221020 (64-bit version)
* Copyright (c) 2000 - 2022 Intel Corporation
*
* Disassembling to symbolic ASL+ operators
*
- * Disassembly of tests/data/acpi/pc/DSDT.nosmm, Fri Mar 10 23:16:19 2023
+ * Disassembly of
/var/folders/yj/r7khncsj4d77k04ybz9lw4tmgn/T/aml-HANQ11, Fri Mar 10
23:16:19 2023
*
* Original Table Header:
* Signature"DSDT"
- * Length 0x18D8 (6360)
+ * Length 0x1958 (6488)
* Revision 0x01 32-bit table (V1), no 64-bit math
support
- * Checksum 0xCE
+ * Checksum 0xAF
* OEM ID "BOCHS "
* OEM Table ID "BXPC"
* OEM Revision 0x0001 (1)
* Compiler ID "BXPC"
* Compiler Version 0x0001 (1)
*/
DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 0x0001)
{
Scope (\)
{
OperationRegion (DBG, SystemIO, 0x0402, One)
Field (DBG, ByteAcc, NoLock, Preserve)
{
DBGB, 8
}
@@ -38,32 +38,66 @@
{
DBGB = DerefOf (Local0 [Local2])
Local2++
}
DBGB = 0x0A
}
}
Scope (_SB)
{
Device (PCI0)
{
Name (_HID, EisaId ("PNP0A03") /* PCI Bus */) // _HID:
Hardware ID
Name (_ADR, Zero) // _ADR: Address
Name (_UID, Zero) // _UID: Unique ID
+Method (EDSM, 5, Serialized)
+{
+If ((Arg2 == Zero))
+{
+Local0 = Buffer (One)
+{
+ 0x00
// .
+}
+If ((Arg0 != ToUUID
("e5c937d0-3553-4d7a-9117-ea4d19c3434d") /* Device Labeling Interface */))
+{
+Return (Local0)
+}
+
+If ((Arg1 < 0x02))
+{
+Return (Local0)
+}
+
+Local0 [Zero] = 0x81
+Return (Local0)
+}
+
+If ((Arg2 == 0x07))
+{
+Local0 = Package (0x02)
+{
+Zero,
+""
+}
+Local1 = DerefOf (Arg4 [Zero])
+Local0 [Zero] = Local1
+Return (Local0)
+}
+}
}
}
Scope (_SB.PCI0)
{
OperationRegion (PCST, SystemIO, 0xAE00, 0x08)
Field (PCST, DWordAcc, NoLock, WriteAsZeros)
{
PCIU, 32,
PCID, 32
}
OperationRegion (SEJ, SystemIO, 0xAE08, 0x04)
Field (SEJ, DWordAcc, NoLock, WriteAsZeros)
{
B0EJ, 32
@@ -91,43 +125,43 @@
Acqu
Re: [PATCH nbd 1/4] nbd: Add multi-conn option
On Thu, Mar 09, 2023 at 11:39:43AM +, Richard W.M. Jones wrote:
> Add multi-conn option to the NBD client. This commit just adds the
> option, it is not functional.
Maybe add the phrase "until later in this patch series" ?
>
> Setting this to a value > 1 permits multiple connections to the NBD
> server; a typical value might be 4. The default is 1, meaning only a
> single connection is made. If the NBD server does not advertise that
> it is safe for multi-conn then this setting is forced to 1.
>
> Signed-off-by: Richard W.M. Jones
> ---
> block/nbd.c | 24
> 1 file changed, 24 insertions(+)
>
> diff --git a/block/nbd.c b/block/nbd.c
> index bf2894ad5c..5ffae0b798 100644
> --- a/block/nbd.c
> +++ b/block/nbd.c
> @@ -49,6 +49,7 @@
>
> #define EN_OPTSTR ":exportname="
> #define MAX_NBD_REQUESTS16
> +#define MAX_MULTI_CONN 16
>
> #define HANDLE_TO_INDEX(bs, handle) ((handle) ^ (uint64_t)(intptr_t)(bs))
> #define INDEX_TO_HANDLE(bs, index) ((index) ^ (uint64_t)(intptr_t)(bs))
> @@ -98,6 +99,7 @@ typedef struct BDRVNBDState {
> /* Connection parameters */
> uint32_t reconnect_delay;
> uint32_t open_timeout;
> +uint32_t multi_conn;
> SocketAddress *saddr;
> char *export;
> char *tlscredsid;
> @@ -1803,6 +1805,15 @@ static QemuOptsList nbd_runtime_opts = {
> "attempts until successful or until @open-timeout
> seconds "
> "have elapsed. Default 0",
> },
> +{
> +.name = "multi-conn",
> +.type = QEMU_OPT_NUMBER,
> +.help = "If > 1 permit up to this number of connections to the "
> +"server. The server must also advertise multi-conn "
> +"support. If <= 1, only a single connection is made "
> +"to the server even if the server advertises multi-conn.
> "
> +"Default 1",
> +},
> { /* end of list */ }
> },
> };
> @@ -1858,6 +1869,10 @@ static int nbd_process_options(BlockDriverState *bs,
> QDict *options,
>
> s->reconnect_delay = qemu_opt_get_number(opts, "reconnect-delay", 0);
> s->open_timeout = qemu_opt_get_number(opts, "open-timeout", 0);
> +s->multi_conn = qemu_opt_get_number(opts, "multi-conn", 1);
> +if (s->multi_conn > MAX_MULTI_CONN) {
> +s->multi_conn = MAX_MULTI_CONN;
> +}
This silently ignores out-of-range values (negative, greater than 16)
and treats 0 as a synonym for 1. The latter I'm okay with, the former
I wonder if we should instead raise an error that the user is
requesting something we can't honor, instead of silently bounding it.
>
> ret = 0;
>
> @@ -1912,6 +1927,15 @@ static int nbd_open(BlockDriverState *bs, QDict
> *options, int flags,
>
> nbd_client_connection_enable_retry(s->conn);
>
> +/*
> + * We set s->multi_conn in nbd_process_options above, but now that
> + * we have connected if the server doesn't advertise that it is
s/connected/connected,/
> + * safe for multi-conn, force it to 1.
> + */
> +if (!(s->info.flags & NBD_FLAG_CAN_MULTI_CONN)) {
> +s->multi_conn = 1;
> +}
> +
> return 0;
Is there an intended QAPI counterpart for this command? We'll need
that if it is to be set during the command line of
qemu-storage-daemon.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[PULL 22/28] linux-user/sparc: Handle priviledged opcode trap
From: Richard Henderson For the most part priviledged opcodes are ifdefed out of the user-only sparc translator, which will then incorrectly produce illegal opcode traps. But there are some code paths that properly raise TT_PRIV_INSN, so we must handle it. Signed-off-by: Richard Henderson Message-Id: <20230216054516.1267305-11-richard.hender...@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/sparc/cpu_loop.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c index a3edb353f6fd..61b6e81459be 100644 --- a/linux-user/sparc/cpu_loop.c +++ b/linux-user/sparc/cpu_loop.c @@ -303,6 +303,9 @@ void cpu_loop (CPUSPARCState *env) case TT_ILL_INSN: force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLOPC, env->pc); break; +case TT_PRIV_INSN: +force_sig_fault(TARGET_SIGILL, TARGET_ILL_PRVOPC, env->pc); +break; case EXCP_ATOMIC: cpu_exec_step_atomic(cs); break; -- 2.39.2
[PULL 16/28] linux-user/sparc: Use TT_TRAP for flush windows
From: Richard Henderson The v9 and pre-v9 code can be unified with this macro. Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20230216054516.1267305-5-richard.hender...@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/sparc/cpu_loop.c | 7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c index 051a292ce520..e1d08ff2045c 100644 --- a/linux-user/sparc/cpu_loop.c +++ b/linux-user/sparc/cpu_loop.c @@ -196,15 +196,14 @@ void cpu_loop (CPUSPARCState *env) env->pc = env->npc; env->npc = env->npc + 4; break; -case 0x83: /* flush windows */ -#ifdef TARGET_ABI32 -case 0x103: -#endif + +case TT_TRAP + 0x03: /* flush windows */ flush_windows(env); /* next instruction */ env->pc = env->npc; env->npc = env->npc + 4; break; + #ifndef TARGET_SPARC64 case TT_WIN_OVF: /* window overflow */ save_window(env); -- 2.39.2
[PULL 09/28] linux-user: Add strace for prlimit64() syscall
From: Helge Deller
Add proper prlimit64() strace output.
Signed-off-by: Helge Deller
Reviewed-by: Laurent Vivier
Message-Id: <20221222190639.124078-1-del...@gmx.de>
[lvivier: use print_raw_param64()]
Signed-off-by: Laurent Vivier
---
linux-user/strace.c| 88 ++
linux-user/strace.list | 3 +-
2 files changed, 90 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 5218e3fc33ac..e08bd53afb48 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -3866,6 +3866,94 @@ print_futex(CPUArchState *cpu_env, const struct
syscallname *name,
}
#endif
+#ifdef TARGET_NR_prlimit64
+static const char *target_ressource_string(abi_ulong r)
+{
+#define RET_RES_ENTRY(res) case TARGET_##res: return #res;
+switch (r) {
+RET_RES_ENTRY(RLIMIT_AS);
+RET_RES_ENTRY(RLIMIT_CORE);
+RET_RES_ENTRY(RLIMIT_CPU);
+RET_RES_ENTRY(RLIMIT_DATA);
+RET_RES_ENTRY(RLIMIT_FSIZE);
+RET_RES_ENTRY(RLIMIT_LOCKS);
+RET_RES_ENTRY(RLIMIT_MEMLOCK);
+RET_RES_ENTRY(RLIMIT_MSGQUEUE);
+RET_RES_ENTRY(RLIMIT_NICE);
+RET_RES_ENTRY(RLIMIT_NOFILE);
+RET_RES_ENTRY(RLIMIT_NPROC);
+RET_RES_ENTRY(RLIMIT_RSS);
+RET_RES_ENTRY(RLIMIT_RTPRIO);
+#ifdef RLIMIT_RTTIME
+RET_RES_ENTRY(RLIMIT_RTTIME);
+#endif
+RET_RES_ENTRY(RLIMIT_SIGPENDING);
+RET_RES_ENTRY(RLIMIT_STACK);
+default:
+return NULL;
+}
+#undef RET_RES_ENTRY
+}
+
+static void
+print_rlimit64(abi_ulong rlim_addr, int last)
+{
+if (rlim_addr) {
+struct target_rlimit64 *rl;
+
+rl = lock_user(VERIFY_READ, rlim_addr, sizeof(*rl), 1);
+if (!rl) {
+print_pointer(rlim_addr, last);
+return;
+}
+print_raw_param64("{rlim_cur=%" PRId64, tswap64(rl->rlim_cur), 0);
+print_raw_param64("rlim_max=%" PRId64 "}", tswap64(rl->rlim_max),
+last);
+unlock_user(rl, rlim_addr, 0);
+} else {
+qemu_log("NULL%s", get_comma(last));
+}
+}
+
+static void
+print_prlimit64(CPUArchState *cpu_env, const struct syscallname *name,
+ abi_long arg0, abi_long arg1, abi_long arg2,
+ abi_long arg3, abi_long arg4, abi_long arg5)
+{
+const char *rlim_name;
+
+print_syscall_prologue(name);
+print_raw_param("%d", arg0, 0);
+rlim_name = target_ressource_string(arg1);
+if (rlim_name) {
+qemu_log("%s,", rlim_name);
+} else {
+print_raw_param("%d", arg1, 0);
+}
+print_rlimit64(arg2, 0);
+print_pointer(arg3, 1);
+print_syscall_epilogue(name);
+}
+
+static void
+print_syscall_ret_prlimit64(CPUArchState *cpu_env,
+ const struct syscallname *name,
+ abi_long ret, abi_long arg0, abi_long arg1,
+ abi_long arg2, abi_long arg3, abi_long arg4,
+ abi_long arg5)
+{
+if (!print_syscall_err(ret)) {
+qemu_log(TARGET_ABI_FMT_ld, ret);
+if (arg3) {
+qemu_log(" (");
+print_rlimit64(arg3, 1);
+qemu_log(")");
+}
+}
+qemu_log("\n");
+}
+#endif
+
#ifdef TARGET_NR_kill
static void
print_kill(CPUArchState *cpu_env, const struct syscallname *name,
diff --git a/linux-user/strace.list b/linux-user/strace.list
index d8acbeec6093..f776c73fa04c 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -1074,7 +1074,8 @@
{ TARGET_NR_preadv, "preadv" , NULL, NULL, NULL },
#endif
#ifdef TARGET_NR_prlimit64
-{ TARGET_NR_prlimit64, "prlimit64" , NULL, NULL, NULL },
+{ TARGET_NR_prlimit64, "prlimit64" , NULL, print_prlimit64,
+print_syscall_ret_prlimit64 },
#endif
#ifdef TARGET_NR_process_vm_readv
{ TARGET_NR_process_vm_readv, "process_vm_readv" , NULL, NULL, NULL },
--
2.39.2
[PULL 24/28] linux-user/sparc: Handle coprocessor disabled trap
From: Richard Henderson Since qemu does not implement a sparc coprocessor, all such instructions raise this trap. Because of that, we never raise the coprocessor exception trap, which would be vector 0x28. Signed-off-by: Richard Henderson Message-Id: <20230216054516.1267305-13-richard.hender...@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/sparc/cpu_loop.c | 4 1 file changed, 4 insertions(+) diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c index 43f19fbd9141..bf7e10216fe1 100644 --- a/linux-user/sparc/cpu_loop.c +++ b/linux-user/sparc/cpu_loop.c @@ -311,6 +311,10 @@ void cpu_loop (CPUSPARCState *env) /* Note do_privact defers to do_privop. */ force_sig_fault(TARGET_SIGILL, TARGET_ILL_PRVOPC, env->pc); break; +#else +case TT_NCP_INSN: +force_sig_fault(TARGET_SIGILL, TARGET_ILL_COPROC, env->pc); +break; #endif case EXCP_ATOMIC: cpu_exec_step_atomic(cs); -- 2.39.2
[PULL 19/28] linux-user/sparc: Handle software breakpoint trap
From: Richard Henderson This is 'ta 1' for both v9 and pre-v9. Signed-off-by: Richard Henderson Message-Id: <20230216054516.1267305-8-richard.hender...@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/sparc/cpu_loop.c | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c index edbc4f3bdcbf..c14eaea16370 100644 --- a/linux-user/sparc/cpu_loop.c +++ b/linux-user/sparc/cpu_loop.c @@ -206,6 +206,11 @@ void cpu_loop (CPUSPARCState *env) env->npc = env->npc + 4; break; +case TT_TRAP + 0x01: /* breakpoint */ +case EXCP_DEBUG: +force_sig_fault(TARGET_SIGTRAP, TARGET_TRAP_BRKPT, env->pc); +break; + case TT_TRAP + 0x03: /* flush windows */ flush_windows(env); /* next instruction */ @@ -237,9 +242,6 @@ void cpu_loop (CPUSPARCState *env) case TT_ILL_INSN: force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLOPC, env->pc); break; -case EXCP_DEBUG: -force_sig_fault(TARGET_SIGTRAP, TARGET_TRAP_BRKPT, env->pc); -break; case EXCP_ATOMIC: cpu_exec_step_atomic(cs); break; -- 2.39.2
[PULL 18/28] linux-user/sparc: Fix sparc64_{get, set}_context traps
From: Richard Henderson
These traps are present for sparc64 with ilp32, aka sparc32plus.
Enabling them means adjusting the defines over in signal.c,
and fixing an incorrect usage of abi_ulong when we really meant
the full register, target_ulong.
Signed-off-by: Richard Henderson
Message-Id: <20230216054516.1267305-7-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier
---
linux-user/sparc/cpu_loop.c | 21 ++---
linux-user/sparc/signal.c | 36 +++-
2 files changed, 29 insertions(+), 28 deletions(-)
diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index 2bcf32590fa1..edbc4f3bdcbf 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -213,25 +213,24 @@ void cpu_loop (CPUSPARCState *env)
env->npc = env->npc + 4;
break;
-case TARGET_TT_SPILL: /* window overflow */
-save_window(env);
-break;
-case TARGET_TT_FILL: /* window underflow */
-restore_window(env);
-break;
-
#ifdef TARGET_SPARC64
-#ifndef TARGET_ABI32
-case 0x16e:
+case TT_TRAP + 0x6e:
flush_windows(env);
sparc64_get_context(env);
break;
-case 0x16f:
+case TT_TRAP + 0x6f:
flush_windows(env);
sparc64_set_context(env);
break;
#endif
-#endif
+
+case TARGET_TT_SPILL: /* window overflow */
+save_window(env);
+break;
+case TARGET_TT_FILL: /* window underflow */
+restore_window(env);
+break;
+
case EXCP_INTERRUPT:
/* just indicate that signals should be handled asap */
break;
diff --git a/linux-user/sparc/signal.c b/linux-user/sparc/signal.c
index b501750fe0f1..2be9000b9e04 100644
--- a/linux-user/sparc/signal.c
+++ b/linux-user/sparc/signal.c
@@ -503,7 +503,23 @@ long do_rt_sigreturn(CPUSPARCState *env)
return -QEMU_ESIGRETURN;
}
-#if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
+#ifdef TARGET_ABI32
+void setup_sigtramp(abi_ulong sigtramp_page)
+{
+uint32_t *tramp = lock_user(VERIFY_WRITE, sigtramp_page, 2 * 8, 0);
+assert(tramp != NULL);
+
+default_sigreturn = sigtramp_page;
+install_sigtramp(tramp, TARGET_NR_sigreturn);
+
+default_rt_sigreturn = sigtramp_page + 8;
+install_sigtramp(tramp + 2, TARGET_NR_rt_sigreturn);
+
+unlock_user(tramp, sigtramp_page, 2 * 8);
+}
+#endif
+
+#ifdef TARGET_SPARC64
#define SPARC_MC_TSTATE 0
#define SPARC_MC_PC 1
#define SPARC_MC_NPC 2
@@ -575,7 +591,7 @@ void sparc64_set_context(CPUSPARCState *env)
struct target_ucontext *ucp;
target_mc_gregset_t *grp;
target_mc_fpu_t *fpup;
-abi_ulong pc, npc, tstate;
+target_ulong pc, npc, tstate;
unsigned int i;
unsigned char fenab;
@@ -773,18 +789,4 @@ do_sigsegv:
unlock_user_struct(ucp, ucp_addr, 1);
force_sig(TARGET_SIGSEGV);
}
-#else
-void setup_sigtramp(abi_ulong sigtramp_page)
-{
-uint32_t *tramp = lock_user(VERIFY_WRITE, sigtramp_page, 2 * 8, 0);
-assert(tramp != NULL);
-
-default_sigreturn = sigtramp_page;
-install_sigtramp(tramp, TARGET_NR_sigreturn);
-
-default_rt_sigreturn = sigtramp_page + 8;
-install_sigtramp(tramp + 2, TARGET_NR_rt_sigreturn);
-
-unlock_user(tramp, sigtramp_page, 2 * 8);
-}
-#endif
+#endif /* TARGET_SPARC64 */
--
2.39.2
[PULL 26/28] linux-user/sparc: Handle floating-point exceptions
From: Richard Henderson
Raise SIGFPE for ieee exceptions.
The other types, such as FSR_FTT_UNIMPFPOP, should not appear,
because we enable normal emulation of missing insns at the
start of sparc_cpu_realizefn().
Signed-off-by: Richard Henderson
Message-Id: <20230216054516.1267305-15-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier
---
linux-user/sparc/cpu_loop.c | 22 ++
target/sparc/cpu.h | 3 +--
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index 093358a39a4a..5a8a71e976bc 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -297,6 +297,28 @@ void cpu_loop (CPUSPARCState *env)
restore_window(env);
break;
+case TT_FP_EXCP:
+{
+int code = TARGET_FPE_FLTUNK;
+target_ulong fsr = env->fsr;
+
+if ((fsr & FSR_FTT_MASK) == FSR_FTT_IEEE_EXCP) {
+if (fsr & FSR_NVC) {
+code = TARGET_FPE_FLTINV;
+} else if (fsr & FSR_OFC) {
+code = TARGET_FPE_FLTOVF;
+} else if (fsr & FSR_UFC) {
+code = TARGET_FPE_FLTUND;
+} else if (fsr & FSR_DZC) {
+code = TARGET_FPE_FLTDIV;
+} else if (fsr & FSR_NXC) {
+code = TARGET_FPE_FLTRES;
+}
+}
+force_sig_fault(TARGET_SIGFPE, code, env->pc);
+}
+break;
+
case EXCP_INTERRUPT:
/* just indicate that signals should be handled asap */
break;
diff --git a/target/sparc/cpu.h b/target/sparc/cpu.h
index ed0069d0b196..fb98843dad53 100644
--- a/target/sparc/cpu.h
+++ b/target/sparc/cpu.h
@@ -197,8 +197,7 @@ enum {
#define FSR_FTT2 (1ULL << 16)
#define FSR_FTT1 (1ULL << 15)
#define FSR_FTT0 (1ULL << 14)
-//gcc warns about constant overflow for ~FSR_FTT_MASK
-//#define FSR_FTT_MASK (FSR_FTT2 | FSR_FTT1 | FSR_FTT0)
+#define FSR_FTT_MASK (FSR_FTT2 | FSR_FTT1 | FSR_FTT0)
#ifdef TARGET_SPARC64
#define FSR_FTT_NMASK 0xfffe3fffULL
#define FSR_FTT_CEXC_NMASK 0xfffe3fe0ULL
--
2.39.2
[PULL 04/28] linux-user: Fix unaligned memory access in prlimit64 syscall
From: Ilya Leoshkevich
target_rlimit64 contains uint64_t fields, so it's 8-byte aligned on
some hosts, while some guests may align their respective type on a
4-byte boundary. This may lead to an unaligned access, which is an UB.
Fix by defining the fields as abi_ullong. This makes the host alignment
match that of the guest, and lets the compiler know that it should emit
code that can deal with the guest alignment.
While at it, also use __get_user() and __put_user() instead of
tswap64().
Fixes: 163a05a8398b ("linux-user: Implement prlimit64 syscall")
Reported-by: Richard Henderson
Signed-off-by: Ilya Leoshkevich
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Laurent Vivier
Message-Id: <20230224003907.263914-2-...@linux.ibm.com>
Signed-off-by: Laurent Vivier
---
linux-user/generic/target_resource.h | 4 ++--
linux-user/syscall.c | 8
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/linux-user/generic/target_resource.h
b/linux-user/generic/target_resource.h
index 539d8c46772e..37d3eb09b3b3 100644
--- a/linux-user/generic/target_resource.h
+++ b/linux-user/generic/target_resource.h
@@ -12,8 +12,8 @@ struct target_rlimit {
};
struct target_rlimit64 {
-uint64_t rlim_cur;
-uint64_t rlim_max;
+abi_ullong rlim_cur;
+abi_ullong rlim_max;
};
#define TARGET_RLIM_INFINITY((abi_ulong)-1)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 64b71b1ff94b..69cc4b6e4219 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -12876,8 +12876,8 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int
num, abi_long arg1,
if (!lock_user_struct(VERIFY_READ, target_rnew, arg3, 1)) {
return -TARGET_EFAULT;
}
-rnew.rlim_cur = tswap64(target_rnew->rlim_cur);
-rnew.rlim_max = tswap64(target_rnew->rlim_max);
+__get_user(rnew.rlim_cur, &target_rnew->rlim_cur);
+__get_user(rnew.rlim_max, &target_rnew->rlim_max);
unlock_user_struct(target_rnew, arg3, 0);
rnewp = &rnew;
}
@@ -12887,8 +12887,8 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int
num, abi_long arg1,
if (!lock_user_struct(VERIFY_WRITE, target_rold, arg4, 1)) {
return -TARGET_EFAULT;
}
-target_rold->rlim_cur = tswap64(rold.rlim_cur);
-target_rold->rlim_max = tswap64(rold.rlim_max);
+__put_user(rold.rlim_cur, &target_rold->rlim_cur);
+__put_user(rold.rlim_max, &target_rold->rlim_max);
unlock_user_struct(target_rold, arg4, 1);
}
return ret;
--
2.39.2
[PULL 27/28] linux-user/sparc: Handle tag overflow traps
From: Richard Henderson
This trap is raised by taddcctv and tsubcctv insns.
Signed-off-by: Richard Henderson
Message-Id: <20230216054516.1267305-16-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier
---
linux-user/sparc/cpu_loop.c | 3 +++
linux-user/sparc/target_signal.h | 2 +-
linux-user/syscall_defs.h| 5 +
3 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index 5a8a71e976bc..b36bb2574b94 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -328,6 +328,9 @@ void cpu_loop (CPUSPARCState *env)
case TT_PRIV_INSN:
force_sig_fault(TARGET_SIGILL, TARGET_ILL_PRVOPC, env->pc);
break;
+case TT_TOVF:
+force_sig_fault(TARGET_SIGEMT, TARGET_EMT_TAGOVF, env->pc);
+break;
#ifdef TARGET_SPARC64
case TT_PRIV_ACT:
/* Note do_privact defers to do_privop. */
diff --git a/linux-user/sparc/target_signal.h b/linux-user/sparc/target_signal.h
index 87757f0c4e76..f223eb4af6a5 100644
--- a/linux-user/sparc/target_signal.h
+++ b/linux-user/sparc/target_signal.h
@@ -8,7 +8,7 @@
#define TARGET_SIGTRAP 5
#define TARGET_SIGABRT 6
#define TARGET_SIGIOT6
-#define TARGET_SIGSTKFLT 7 /* actually EMT */
+#define TARGET_SIGEMT7
#define TARGET_SIGFPE8
#define TARGET_SIGKILL 9
#define TARGET_SIGBUS 10
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 77864de57fb6..614a1cbc8e3a 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -717,6 +717,11 @@ typedef struct target_siginfo {
#define TARGET_TRAP_HWBKPT (4) /* hardware breakpoint/watchpoint */
#define TARGET_TRAP_UNK (5) /* undiagnosed trap */
+/*
+ * SIGEMT si_codes
+ */
+#define TARGET_EMT_TAGOVF 1 /* tag overflow */
+
#include "target_resource.h"
struct target_pollfd {
--
2.39.2
[PULL 23/28] linux-user/sparc: Handle privilidged action trap
From: Richard Henderson This is raised by using an %asi < 0x80 in user-mode. Signed-off-by: Richard Henderson Message-Id: <20230216054516.1267305-12-richard.hender...@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/sparc/cpu_loop.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c index 61b6e81459be..43f19fbd9141 100644 --- a/linux-user/sparc/cpu_loop.c +++ b/linux-user/sparc/cpu_loop.c @@ -306,6 +306,12 @@ void cpu_loop (CPUSPARCState *env) case TT_PRIV_INSN: force_sig_fault(TARGET_SIGILL, TARGET_ILL_PRVOPC, env->pc); break; +#ifdef TARGET_SPARC64 +case TT_PRIV_ACT: +/* Note do_privact defers to do_privop. */ +force_sig_fault(TARGET_SIGILL, TARGET_ILL_PRVOPC, env->pc); +break; +#endif case EXCP_ATOMIC: cpu_exec_step_atomic(cs); break; -- 2.39.2
[PULL 15/28] linux-user/sparc: Tidy syscall error return
From: Richard Henderson
Reduce ifdefs with #define syscall_cc.
Signed-off-by: Richard Henderson
Message-Id: <20230216054516.1267305-4-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier
---
linux-user/sparc/cpu_loop.c | 15 +--
1 file changed, 5 insertions(+), 10 deletions(-)
diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index d31ea057dba1..051a292ce520 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -149,10 +149,13 @@ static void flush_windows(CPUSPARCState *env)
#endif
}
+/* Avoid ifdefs below for the abi32 and abi64 paths. */
#ifdef TARGET_ABI32
#define TARGET_TT_SYSCALL (TT_TRAP + 0x10) /* t_linux */
+#define syscall_cc psr
#else
#define TARGET_TT_SYSCALL (TT_TRAP + 0x6d) /* tl0_linux64 */
+#define syscall_cc xcc
#endif
void cpu_loop (CPUSPARCState *env)
@@ -183,18 +186,10 @@ void cpu_loop (CPUSPARCState *env)
break;
}
if ((abi_ulong)ret >= (abi_ulong)(-515)) {
-#if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
-env->xcc |= PSR_CARRY;
-#else
-env->psr |= PSR_CARRY;
-#endif
+env->syscall_cc |= PSR_CARRY;
ret = -ret;
} else {
-#if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
-env->xcc &= ~PSR_CARRY;
-#else
-env->psr &= ~PSR_CARRY;
-#endif
+env->syscall_cc &= ~PSR_CARRY;
}
env->regwptr[0] = ret;
/* next instruction */
--
2.39.2
[PULL 25/28] linux-user/sparc: Handle unimplemented flush trap
From: Richard Henderson For sparc64, TT_UNIMP_FLUSH == TT_ILL_INSN, so this is already handled. For sparc32, the kernel uses SKIP_TRAP. Signed-off-by: Richard Henderson Message-Id: <20230216054516.1267305-14-richard.hender...@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/sparc/cpu_loop.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c index bf7e10216fe1..093358a39a4a 100644 --- a/linux-user/sparc/cpu_loop.c +++ b/linux-user/sparc/cpu_loop.c @@ -315,6 +315,9 @@ void cpu_loop (CPUSPARCState *env) case TT_NCP_INSN: force_sig_fault(TARGET_SIGILL, TARGET_ILL_COPROC, env->pc); break; +case TT_UNIMP_FLUSH: +next_instruction(env); +break; #endif case EXCP_ATOMIC: cpu_exec_step_atomic(cs); -- 2.39.2
[PULL 14/28] linux-user/sparc: Tidy syscall trap
From: Richard Henderson
Use TT_TRAP.
For sparc32, 0x88 is the "Slowaris" system call, currently BAD_TRAP
in the kernel's ttable_32.S. For sparc64, 0x110 is tl0_linux32, the
sparc32 trap, now folded into the TARGET_ABI32 case via TT_TRAP.
For sparc64, there does still exist trap 0x111 as tl0_oldlinux64,
which was replaced by 0x16d as tl0_linux64 in 1998. Since no one
has noticed, don't bother implementing it now.
Signed-off-by: Richard Henderson
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20230216054516.1267305-3-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier
---
linux-user/sparc/cpu_loop.c | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index c120c422786a..d31ea057dba1 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -149,6 +149,12 @@ static void flush_windows(CPUSPARCState *env)
#endif
}
+#ifdef TARGET_ABI32
+#define TARGET_TT_SYSCALL (TT_TRAP + 0x10) /* t_linux */
+#else
+#define TARGET_TT_SYSCALL (TT_TRAP + 0x6d) /* tl0_linux64 */
+#endif
+
void cpu_loop (CPUSPARCState *env)
{
CPUState *cs = env_cpu(env);
@@ -167,13 +173,7 @@ void cpu_loop (CPUSPARCState *env)
}
switch (trapnr) {
-#ifndef TARGET_SPARC64
-case 0x88:
-case 0x90:
-#else
-case 0x110:
-case 0x16d:
-#endif
+case TARGET_TT_SYSCALL:
ret = do_syscall (env, env->gregs[1],
env->regwptr[0], env->regwptr[1],
env->regwptr[2], env->regwptr[3],
--
2.39.2
[PULL 07/28] linux-user: Fix brk() to release pages
From: Helge Deller
The current brk() implementation does not de-allocate pages if a lower
address is given compared to earlier brk() calls.
But according to the manpage, brk() shall deallocate memory in this case
and currently it breaks a real-world application, specifically building
the debian gcl package in qemu-user.
Fix this issue by reworking the qemu brk() implementation.
Tested with the C-code testcase included in qemu commit 4d1de87c750, and
by building debian package of gcl in a hppa-linux guest on a x86-64
host.
Signed-off-by: Helge Deller
Message-Id:
Signed-off-by: Laurent Vivier
---
linux-user/syscall.c | 69 ++--
1 file changed, 35 insertions(+), 34 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 49a4fee89918..931f9db47552 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -795,49 +795,52 @@ static inline int host_to_target_sock_type(int host_type)
}
static abi_ulong target_brk;
-static abi_ulong target_original_brk;
static abi_ulong brk_page;
void target_set_brk(abi_ulong new_brk)
{
-target_original_brk = target_brk = HOST_PAGE_ALIGN(new_brk);
+target_brk = new_brk;
brk_page = HOST_PAGE_ALIGN(target_brk);
}
-//#define DEBUGF_BRK(message, args...) do { fprintf(stderr, (message), ##
args); } while (0)
-#define DEBUGF_BRK(message, args...)
-
/* do_brk() must return target values and target errnos. */
-abi_long do_brk(abi_ulong new_brk)
+abi_long do_brk(abi_ulong brk_val)
{
abi_long mapped_addr;
abi_ulong new_alloc_size;
+abi_ulong new_brk, new_host_brk_page;
/* brk pointers are always untagged */
-DEBUGF_BRK("do_brk(" TARGET_ABI_FMT_lx ") -> ", new_brk);
-
-if (!new_brk) {
-DEBUGF_BRK(TARGET_ABI_FMT_lx " (!new_brk)\n", target_brk);
+/* return old brk value if brk_val unchanged or zero */
+if (!brk_val || brk_val == target_brk) {
return target_brk;
}
-if (new_brk < target_original_brk) {
-DEBUGF_BRK(TARGET_ABI_FMT_lx " (new_brk < target_original_brk)\n",
- target_brk);
+
+new_brk = TARGET_PAGE_ALIGN(brk_val);
+new_host_brk_page = HOST_PAGE_ALIGN(brk_val);
+
+/* brk_val and old target_brk might be on the same page */
+if (new_brk == TARGET_PAGE_ALIGN(target_brk)) {
+if (brk_val > target_brk) {
+/* empty remaining bytes in (possibly larger) host page */
+memset(g2h_untagged(target_brk), 0, new_host_brk_page -
target_brk);
+}
+target_brk = brk_val;
return target_brk;
}
-/* If the new brk is less than the highest page reserved to the
- * target heap allocation, set it and we're almost done... */
-if (new_brk <= brk_page) {
-/* Heap contents are initialized to zero, as for anonymous
- * mapped pages. */
-if (new_brk > target_brk) {
-memset(g2h_untagged(target_brk), 0, new_brk - target_brk);
-}
- target_brk = new_brk;
-DEBUGF_BRK(TARGET_ABI_FMT_lx " (new_brk <= brk_page)\n", target_brk);
- return target_brk;
+/* Release heap if necesary */
+if (new_brk < target_brk) {
+/* empty remaining bytes in (possibly larger) host page */
+memset(g2h_untagged(brk_val), 0, new_host_brk_page - brk_val);
+
+/* free unused host pages and set new brk_page */
+target_munmap(new_host_brk_page, brk_page - new_host_brk_page);
+brk_page = new_host_brk_page;
+
+target_brk = brk_val;
+return target_brk;
}
/* We need to allocate more memory after the brk... Note that
@@ -846,10 +849,14 @@ abi_long do_brk(abi_ulong new_brk)
* itself); instead we treat "mapped but at wrong address" as
* a failure and unmap again.
*/
-new_alloc_size = HOST_PAGE_ALIGN(new_brk - brk_page);
-mapped_addr = get_errno(target_mmap(brk_page, new_alloc_size,
+new_alloc_size = new_host_brk_page - brk_page;
+if (new_alloc_size) {
+mapped_addr = get_errno(target_mmap(brk_page, new_alloc_size,
PROT_READ|PROT_WRITE,
MAP_ANON|MAP_PRIVATE, 0, 0));
+} else {
+mapped_addr = brk_page;
+}
if (mapped_addr == brk_page) {
/* Heap contents are initialized to zero, as for anonymous
@@ -861,10 +868,8 @@ abi_long do_brk(abi_ulong new_brk)
* then shrunken). */
memset(g2h_untagged(target_brk), 0, brk_page - target_brk);
-target_brk = new_brk;
-brk_page = HOST_PAGE_ALIGN(target_brk);
-DEBUGF_BRK(TARGET_ABI_FMT_lx " (mapped_addr == brk_page)\n",
-target_brk);
+target_brk = brk_val;
+brk_page = new_host_brk_page;
return target_brk;
} else if (mapped_addr != -1) {
/* Mapped but at wrong address, meaning there wasn't actually
@@ -872,10 +877,6 @@ abi_long do_brk(abi_ulong new_brk)
*/
[PULL 17/28] linux-user/sparc: Tidy window spill/fill traps
From: Richard Henderson
Add some macros to localize the hw difference between v9 and pre-v9.
Signed-off-by: Richard Henderson
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20230216054516.1267305-6-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier
---
linux-user/sparc/cpu_loop.c | 23 +--
1 file changed, 13 insertions(+), 10 deletions(-)
diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index e1d08ff2045c..2bcf32590fa1 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -158,6 +158,15 @@ static void flush_windows(CPUSPARCState *env)
#define syscall_cc xcc
#endif
+/* Avoid ifdefs below for the v9 and pre-v9 hw traps. */
+#ifdef TARGET_SPARC64
+#define TARGET_TT_SPILL TT_SPILL
+#define TARGET_TT_FILL TT_FILL
+#else
+#define TARGET_TT_SPILL TT_WIN_OVF
+#define TARGET_TT_FILL TT_WIN_UNF
+#endif
+
void cpu_loop (CPUSPARCState *env)
{
CPUState *cs = env_cpu(env);
@@ -204,20 +213,14 @@ void cpu_loop (CPUSPARCState *env)
env->npc = env->npc + 4;
break;
-#ifndef TARGET_SPARC64
-case TT_WIN_OVF: /* window overflow */
-save_window(env);
-break;
-case TT_WIN_UNF: /* window underflow */
-restore_window(env);
-break;
-#else
-case TT_SPILL: /* window overflow */
+case TARGET_TT_SPILL: /* window overflow */
save_window(env);
break;
-case TT_FILL: /* window underflow */
+case TARGET_TT_FILL: /* window underflow */
restore_window(env);
break;
+
+#ifdef TARGET_SPARC64
#ifndef TARGET_ABI32
case 0x16e:
flush_windows(env);
--
2.39.2
[PULL 08/28] linux-user: Provide print_raw_param64() for 64-bit values
From: Helge Deller
Add a new function print_raw_param64() to print 64-bit values in the
same way as print_raw_param(). This prevents that qemu_log() is used to
work around the problem that print_raw_param() can only print 32-bit
values when compiled for 32-bit targets.
Additionally convert the existing 64-bit users in print_timespec64(),
print_rlimit64() and print_preadwrite64() over to this new function and
drop some unneccessary spaces.
Suggested-by: Laurent Vivier
Signed-off-by: Helge Deller
Reviewed-by: Laurent Vivier
Message-Id:
[lvivier: remove print_preadwrite64 and print_rlimit64 part]
Signed-off-by: Laurent Vivier
---
linux-user/strace.c | 20
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index 340010661c4f..5218e3fc33ac 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -81,6 +81,7 @@ UNUSED static void print_syscall_epilogue(const struct
syscallname *);
UNUSED static void print_string(abi_long, int);
UNUSED static void print_buf(abi_long addr, abi_long len, int last);
UNUSED static void print_raw_param(const char *, abi_long, int);
+UNUSED static void print_raw_param64(const char *, long long, int last);
UNUSED static void print_timeval(abi_ulong, int);
UNUSED static void print_timespec(abi_ulong, int);
UNUSED static void print_timespec64(abi_ulong, int);
@@ -1642,6 +1643,19 @@ print_raw_param(const char *fmt, abi_long param, int
last)
qemu_log(format, param);
}
+/*
+ * Same as print_raw_param() but prints out raw 64-bit parameter.
+ */
+static void
+print_raw_param64(const char *fmt, long long param, int last)
+{
+char format[64];
+
+(void)snprintf(format, sizeof(format), "%s%s", fmt, get_comma(last));
+qemu_log(format, param);
+}
+
+
static void
print_pointer(abi_long p, int last)
{
@@ -1718,10 +1732,8 @@ print_timespec64(abi_ulong ts_addr, int last)
print_pointer(ts_addr, last);
return;
}
-qemu_log("{tv_sec = %lld"
- ",tv_nsec = %lld}%s",
- (long long)tswap64(ts->tv_sec), (long
long)tswap64(ts->tv_nsec),
- get_comma(last));
+print_raw_param64("{tv_sec=%" PRId64, tswap64(ts->tv_sec), 0);
+print_raw_param64("tv_nsec=%" PRId64 "}", tswap64(ts->tv_nsec), last);
unlock_user(ts, ts_addr, 0);
} else {
qemu_log("NULL%s", get_comma(last));
--
2.39.2
[PULL 12/28] linux-user: Add translation for argument of msync()
From: Helge Deller
msync() uses the flags MS_ASYNC, MS_INVALIDATE and MS_SYNC, which differ
between platforms, specifcally on alpha and hppa.
Add a target to host translation for those and wire up a nicer strace
output.
This fixes the testsuite of the macaulay2 debian package with a hppa-linux
guest on a x86-64 host.
Signed-off-by: Helge Deller
Reviewed-by: Laurent Vivier
Message-Id:
Signed-off-by: Laurent Vivier
---
linux-user/alpha/target_mman.h | 4
linux-user/generic/target_mman.h | 13 +
linux-user/hppa/target_mman.h| 4
linux-user/strace.list | 2 +-
linux-user/syscall.c | 12 +++-
5 files changed, 33 insertions(+), 2 deletions(-)
diff --git a/linux-user/alpha/target_mman.h b/linux-user/alpha/target_mman.h
index cd6e3d70a604..051544f5abd8 100644
--- a/linux-user/alpha/target_mman.h
+++ b/linux-user/alpha/target_mman.h
@@ -3,6 +3,10 @@
#define TARGET_MADV_DONTNEED 6
+#define TARGET_MS_ASYNC 1
+#define TARGET_MS_SYNC 2
+#define TARGET_MS_INVALIDATE 4
+
#include "../generic/target_mman.h"
#endif
diff --git a/linux-user/generic/target_mman.h b/linux-user/generic/target_mman.h
index 1436a3c54308..32bf1a52d07e 100644
--- a/linux-user/generic/target_mman.h
+++ b/linux-user/generic/target_mman.h
@@ -89,4 +89,17 @@
#define TARGET_MADV_DONTNEED_LOCKED 24
#endif
+
+#ifndef TARGET_MS_ASYNC
+#define TARGET_MS_ASYNC 1
+#endif
+
+#ifndef TARGET_MS_INVALIDATE
+#define TARGET_MS_INVALIDATE 2
+#endif
+
+#ifndef TARGET_MS_SYNC
+#define TARGET_MS_SYNC 4
+#endif
+
#endif
diff --git a/linux-user/hppa/target_mman.h b/linux-user/hppa/target_mman.h
index 66dd9f79414e..f9b6b9703255 100644
--- a/linux-user/hppa/target_mman.h
+++ b/linux-user/hppa/target_mman.h
@@ -10,6 +10,10 @@
#define TARGET_MADV_WIPEONFORK 71
#define TARGET_MADV_KEEPONFORK 72
+#define TARGET_MS_SYNC 1
+#define TARGET_MS_ASYNC 2
+#define TARGET_MS_INVALIDATE 4
+
#include "../generic/target_mman.h"
#endif
diff --git a/linux-user/strace.list b/linux-user/strace.list
index f776c73fa04c..c7808ea118f9 100644
--- a/linux-user/strace.list
+++ b/linux-user/strace.list
@@ -656,7 +656,7 @@
{ TARGET_NR_msgsnd, "msgsnd" , NULL, NULL, NULL },
#endif
#ifdef TARGET_NR_msync
-{ TARGET_NR_msync, "msync" , NULL, NULL, NULL },
+{ TARGET_NR_msync, "msync" , "%s(%p,%u,%d)", NULL, NULL },
#endif
#ifdef TARGET_NR_multiplexer
{ TARGET_NR_multiplexer, "multiplexer" , NULL, NULL, NULL },
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 05c81079e745..dad2c3312032 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -22,6 +22,7 @@
#include "qemu/path.h"
#include "qemu/memfd.h"
#include "qemu/queue.h"
+#include "target_mman.h"
#include
#include
#include
@@ -7612,6 +7613,14 @@ static inline int target_to_host_mlockall_arg(int arg)
}
#endif
+static inline int target_to_host_msync_arg(abi_long arg)
+{
+return ((arg & TARGET_MS_ASYNC) ? MS_ASYNC : 0) |
+ ((arg & TARGET_MS_INVALIDATE) ? MS_INVALIDATE : 0) |
+ ((arg & TARGET_MS_SYNC) ? MS_SYNC : 0) |
+ (arg & ~(TARGET_MS_ASYNC | TARGET_MS_INVALIDATE | TARGET_MS_SYNC));
+}
+
#if (defined(TARGET_NR_stat64) || defined(TARGET_NR_lstat64) || \
defined(TARGET_NR_fstat64) || defined(TARGET_NR_fstatat64) || \
defined(TARGET_NR_newfstatat))
@@ -10128,7 +10137,8 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int
num, abi_long arg1,
/* ??? msync/mlock/munlock are broken for softmmu. */
#ifdef TARGET_NR_msync
case TARGET_NR_msync:
-return get_errno(msync(g2h(cpu, arg1), arg2, arg3));
+return get_errno(msync(g2h(cpu, arg1), arg2,
+ target_to_host_msync_arg(arg3)));
#endif
#ifdef TARGET_NR_mlock
case TARGET_NR_mlock:
--
2.39.2
[PULL 21/28] linux-user/sparc: Handle getcc, setcc, getpsr traps
From: Richard Henderson
These are really only meaningful for sparc32, but they're
still present for backward compatibility for sparc64.
Signed-off-by: Richard Henderson
Message-Id: <20230216054516.1267305-10-richard.hender...@linaro.org>
Signed-off-by: Laurent Vivier
---
linux-user/sparc/cpu_loop.c | 62 +++--
1 file changed, 59 insertions(+), 3 deletions(-)
diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index e04c84286769..a3edb353f6fd 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -149,6 +149,51 @@ static void flush_windows(CPUSPARCState *env)
#endif
}
+static void next_instruction(CPUSPARCState *env)
+{
+env->pc = env->npc;
+env->npc = env->npc + 4;
+}
+
+static uint32_t do_getcc(CPUSPARCState *env)
+{
+#ifdef TARGET_SPARC64
+return cpu_get_ccr(env) & 0xf;
+#else
+return extract32(cpu_get_psr(env), 20, 4);
+#endif
+}
+
+static void do_setcc(CPUSPARCState *env, uint32_t icc)
+{
+#ifdef TARGET_SPARC64
+cpu_put_ccr(env, (cpu_get_ccr(env) & 0xf0) | (icc & 0xf));
+#else
+cpu_put_psr(env, deposit32(cpu_get_psr(env), 20, 4, icc));
+#endif
+}
+
+static uint32_t do_getpsr(CPUSPARCState *env)
+{
+#ifdef TARGET_SPARC64
+const uint64_t TSTATE_CWP = 0x1f;
+const uint64_t TSTATE_ICC = 0xfull << 32;
+const uint64_t TSTATE_XCC = 0xfull << 36;
+const uint32_t PSR_S = 0x0080u;
+const uint32_t PSR_V8PLUS = 0xff00u;
+uint64_t tstate = sparc64_tstate(env);
+
+/* See , tstate_to_psr. */
+return ((tstate & TSTATE_CWP) |
+PSR_S |
+((tstate & TSTATE_ICC) >> 12) |
+((tstate & TSTATE_XCC) >> 20) |
+PSR_V8PLUS);
+#else
+return (cpu_get_psr(env) & (PSR_ICC | PSR_CWP)) | PSR_S;
+#endif
+}
+
/* Avoid ifdefs below for the abi32 and abi64 paths. */
#ifdef TARGET_ABI32
#define TARGET_TT_SYSCALL (TT_TRAP + 0x10) /* t_linux */
@@ -218,9 +263,20 @@ void cpu_loop (CPUSPARCState *env)
case TT_TRAP + 0x03: /* flush windows */
flush_windows(env);
-/* next instruction */
-env->pc = env->npc;
-env->npc = env->npc + 4;
+next_instruction(env);
+break;
+
+case TT_TRAP + 0x20: /* getcc */
+env->gregs[1] = do_getcc(env);
+next_instruction(env);
+break;
+case TT_TRAP + 0x21: /* setcc */
+do_setcc(env, env->gregs[1]);
+next_instruction(env);
+break;
+case TT_TRAP + 0x22: /* getpsr */
+env->gregs[1] = do_getpsr(env);
+next_instruction(env);
break;
#ifdef TARGET_SPARC64
--
2.39.2
[PULL 11/28] linux-user: handle netlink flag NLA_F_NESTED
From: Mathis Marion
Newer kernel versions require this flag to be present contrary to older
ones. Depending on the libnl version it is added or not.
Typically when using rtnl_link_inet6_set_addr_gen_mode, the netlink
packet generated may contain the following attribute:
with libnl 3.4
{nla_len=16, nla_type=IFLA_AF_SPEC},
[
{nla_len=12, nla_type=AF_INET6},
[{nla_len=5, nla_type=IFLA_INET6_ADDR_GEN_MODE}, IN6_ADDR_GEN_MODE_NONE]
]
with libnl 3.7
{nla_len=16, nla_type=NLA_F_NESTED|IFLA_AF_SPEC},
[
{nla_len=12, nla_type=NLA_F_NESTED|AF_INET6},
[{nla_len=5, nla_type=IFLA_INET6_ADDR_GEN_MODE}, IN6_ADDR_GEN_MODE_NONE]]
]
Masking the type is likely needed in other places. Only the above cases
are implemented in this patch.
Signed-off-by: Mathis Marion
Reviewed-by: Laurent Vivier
Message-Id: <20230307154256.101528-3-mathis.mar...@silabs.com>
Signed-off-by: Laurent Vivier
---
linux-user/fd-trans.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/linux-user/fd-trans.c b/linux-user/fd-trans.c
index 4852a75d9dcc..c04a97c73a31 100644
--- a/linux-user/fd-trans.c
+++ b/linux-user/fd-trans.c
@@ -1359,7 +1359,7 @@ static abi_long target_to_host_for_each_rtattr(struct
rtattr *rtattr,
static abi_long target_to_host_data_spec_nlattr(struct nlattr *nlattr)
{
-switch (nlattr->nla_type) {
+switch (nlattr->nla_type & NLA_TYPE_MASK) {
case AF_INET6:
return target_to_host_for_each_nlattr(NLA_DATA(nlattr),
nlattr->nla_len,
target_to_host_data_inet6_nlattr);
@@ -1375,7 +1375,7 @@ static abi_long target_to_host_data_link_rtattr(struct
rtattr *rtattr)
{
uint32_t *u32;
-switch (rtattr->rta_type) {
+switch (rtattr->rta_type & NLA_TYPE_MASK) {
/* uint32_t */
case QEMU_IFLA_MTU:
case QEMU_IFLA_TXQLEN:
--
2.39.2
[PULL 00/28] Linux user for 8.0 patches
The following changes since commit 817fd33836e73812df2f1907612b57750fcb9491:
Merge tag 'audio-pull-request' of https://gitlab.com/marcandre.lureau/qemu
into staging (2023-03-06 14:06:06 +)
are available in the Git repository at:
https://gitlab.com/laurent_vivier/qemu.git
tags/linux-user-for-8.0-pull-request
for you to fetch changes up to 2732c739d846fc7a1972e984d71a3de0d3eef77b:
linux-user: fix bug about incorrect base addresss of gdt on i386 and x86_64
(2023-03-10 20:50:11 +0100)
Pull request linux-user 20230308-v2
Fix gdt on i386/x86_64
Handle traps on sparc
Add translation for argument of msync
Emulate CLONE_PIDFD flag in clone
handle netlink flag NLA_F_NESTED
fix sockaddr_in6 endianness
Fix brk() to release pages
fill out task state in /proc/self/stat
add support for xtensa FDPIC
Fix unaligned memory access in prlimit64 syscall
add target to host netlink conversions
fix timerfd read endianness conversion
Fix access to /proc/self/exe
Add strace for prlimit64() syscall
Andreas Schwab (1):
linux-user: fill out task state in /proc/self/stat
Helge Deller (6):
linux-user: Fix access to /proc/self/exe
linux-user: Fix brk() to release pages
linux-user: Provide print_raw_param64() for 64-bit values
linux-user: Add strace for prlimit64() syscall
linux-user: Add translation for argument of msync()
linux-user: Emulate CLONE_PIDFD flag in clone()
Ilya Leoshkevich (1):
linux-user: Fix unaligned memory access in prlimit64 syscall
Mathis Marion (4):
linux-user: fix timerfd read endianness conversion
linux-user: add target to host netlink conversions
linux-user: fix sockaddr_in6 endianness
linux-user: handle netlink flag NLA_F_NESTED
Max Filippov (1):
linux-user: add support for xtensa FDPIC
Richard Henderson (14):
linux-user/sparc: Tidy syscall trap
linux-user/sparc: Tidy syscall error return
linux-user/sparc: Use TT_TRAP for flush windows
linux-user/sparc: Tidy window spill/fill traps
linux-user/sparc: Fix sparc64_{get, set}_context traps
linux-user/sparc: Handle software breakpoint trap
linux-user/sparc: Handle division by zero traps
linux-user/sparc: Handle getcc, setcc, getpsr traps
linux-user/sparc: Handle priviledged opcode trap
linux-user/sparc: Handle privilidged action trap
linux-user/sparc: Handle coprocessor disabled trap
linux-user/sparc: Handle unimplemented flush trap
linux-user/sparc: Handle floating-point exceptions
linux-user/sparc: Handle tag overflow traps
fa...@mail.ustc.edu.cn (1):
linux-user: fix bug about incorrect base addresss of gdt on i386 and
x86_64
include/elf.h| 1 +
linux-user/alpha/target_mman.h | 4 +
linux-user/elfload.c | 16 ++-
linux-user/fd-trans.c| 74 ++-
linux-user/fd-trans.h| 1 +
linux-user/generic/target_mman.h | 13 ++
linux-user/generic/target_resource.h | 4 +-
linux-user/hppa/target_mman.h| 4 +
linux-user/i386/cpu_loop.c | 9 ++
linux-user/main.c| 14 +++
linux-user/sparc/cpu_loop.c | 182 +--
linux-user/sparc/signal.c| 36 +++---
linux-user/sparc/target_signal.h | 2 +-
linux-user/strace.c | 113 -
linux-user/strace.list | 5 +-
linux-user/syscall.c | 174 +++--
linux-user/syscall_defs.h| 5 +
target/sparc/cpu.h | 3 +-
18 files changed, 520 insertions(+), 140 deletions(-)
--
2.39.2
[PULL 20/28] linux-user/sparc: Handle division by zero traps
From: Richard Henderson In addition to the hw trap vector, there is a software trap assigned for older sparc without hw division instructions. Signed-off-by: Richard Henderson Message-Id: <20230216054516.1267305-9-richard.hender...@linaro.org> Signed-off-by: Laurent Vivier --- linux-user/sparc/cpu_loop.c | 5 + 1 file changed, 5 insertions(+) diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c index c14eaea16370..e04c84286769 100644 --- a/linux-user/sparc/cpu_loop.c +++ b/linux-user/sparc/cpu_loop.c @@ -211,6 +211,11 @@ void cpu_loop (CPUSPARCState *env) force_sig_fault(TARGET_SIGTRAP, TARGET_TRAP_BRKPT, env->pc); break; +case TT_TRAP + 0x02: /* div0 */ +case TT_DIV_ZERO: +force_sig_fault(TARGET_SIGFPE, TARGET_FPE_INTDIV, env->pc); +break; + case TT_TRAP + 0x03: /* flush windows */ flush_windows(env); /* next instruction */ -- 2.39.2
[PULL 05/28] linux-user: add support for xtensa FDPIC
From: Max Filippov
Define xtensa-specific info_is_fdpic and fill in FDPIC-specific
registers in the xtensa version of init_thread.
Signed-off-by: Max Filippov
Message-Id: <20230205061230.544451-1-jcmvb...@gmail.com>
Signed-off-by: Laurent Vivier
---
include/elf.h| 1 +
linux-user/elfload.c | 16 +++-
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/include/elf.h b/include/elf.h
index 8bf1e72720d5..e8bfe38a9fbd 100644
--- a/include/elf.h
+++ b/include/elf.h
@@ -1619,6 +1619,7 @@ typedef struct elf64_shdr {
#define ELFOSABI_MODESTO11 /* Novell Modesto. */
#define ELFOSABI_OPENBSD12 /* OpenBSD. */
#define ELFOSABI_ARM_FDPIC 65 /* ARM FDPIC */
+#define ELFOSABI_XTENSA_FDPIC 65 /* Xtensa FDPIC */
#define ELFOSABI_ARM97 /* ARM */
#define ELFOSABI_STANDALONE 255 /* Standalone (embedded) application */
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 5928c14dfc97..150d1d450396 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1748,6 +1748,15 @@ static inline void init_thread(struct target_pt_regs
*regs,
regs->windowstart = 1;
regs->areg[1] = infop->start_stack;
regs->pc = infop->entry;
+if (info_is_fdpic(infop)) {
+regs->areg[4] = infop->loadmap_addr;
+regs->areg[5] = infop->interpreter_loadmap_addr;
+if (infop->interpreter_loadmap_addr) {
+regs->areg[6] = infop->interpreter_pt_dynamic_addr;
+} else {
+regs->areg[6] = infop->pt_dynamic_addr;
+}
+}
}
/* See linux kernel: arch/xtensa/include/asm/elf.h. */
@@ -2207,11 +2216,16 @@ static void zero_bss(abi_ulong elf_bss, abi_ulong
last_bss, int prot)
}
}
-#ifdef TARGET_ARM
+#if defined(TARGET_ARM)
static int elf_is_fdpic(struct elfhdr *exec)
{
return exec->e_ident[EI_OSABI] == ELFOSABI_ARM_FDPIC;
}
+#elif defined(TARGET_XTENSA)
+static int elf_is_fdpic(struct elfhdr *exec)
+{
+return exec->e_ident[EI_OSABI] == ELFOSABI_XTENSA_FDPIC;
+}
#else
/* Default implementation, always false. */
static int elf_is_fdpic(struct elfhdr *exec)
--
2.39.2
[PULL 06/28] linux-user: fill out task state in /proc/self/stat
From: Andreas Schwab
Some programs want to match an actual task state character.
Signed-off-by: Andreas Schwab
Reviewed-by: Laurent Vivier
Message-Id:
Signed-off-by: Laurent Vivier
---
linux-user/syscall.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 69cc4b6e4219..49a4fee89918 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8079,6 +8079,9 @@ static int open_self_stat(CPUArchState *cpu_env, int fd)
gchar *bin = g_strrstr(ts->bprm->argv[0], "/");
bin = bin ? bin + 1 : ts->bprm->argv[0];
g_string_printf(buf, "(%.15s) ", bin);
+} else if (i == 2) {
+/* task state */
+g_string_assign(buf, "R "); /* we are running right now */
} else if (i == 3) {
/* ppid */
g_string_printf(buf, FMT_pid " ", getppid());
--
2.39.2
[PULL 01/28] linux-user: Fix access to /proc/self/exe
From: Helge Deller
When accsssing /proc/self/exe from a userspace program, linux-user tries
to resolve the name via realpath(), which may fail if the process
changed the working directory in the meantime.
An example:
- a userspace program ist started with ./testprogram
- the program runs chdir("/tmp")
- then the program calls readlink("/proc/self/exe")
- linux-user tries to run realpath("./testprogram") which fails
because ./testprogram isn't in /tmp
- readlink() will return -ENOENT back to the program
Avoid this issue by resolving the full path name of the started process
at startup of linux-user and store it in real_exec_path[]. This then
simplifies the emulation of readlink() and readlinkat() as well, because
they can simply copy the path string to userspace.
I noticed this bug because the testsuite of the debian package "pandoc"
failed on linux-user while it succeeded on real hardware. The full log
is here:
https://buildd.debian.org/status/fetch.php?pkg=pandoc&arch=hppa&ver=2.17.1.1-1.1%2Bb1&stamp=1670153210&raw=0
Signed-off-by: Helge Deller
Reviewed-by: Laurent Vivier
Message-Id: <20221205113825.20615-1-del...@gmx.de>
Signed-off-by: Laurent Vivier
---
linux-user/main.c| 6 ++
linux-user/syscall.c | 38 ++
2 files changed, 20 insertions(+), 24 deletions(-)
diff --git a/linux-user/main.c b/linux-user/main.c
index 4ff30ff98066..798fdc0bce8e 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -65,6 +65,7 @@
#endif
char *exec_path;
+char real_exec_path[PATH_MAX];
int singlestep;
static const char *argv0;
@@ -739,6 +740,11 @@ int main(int argc, char **argv, char **envp)
}
}
+/* Resolve executable file name to full path name */
+if (realpath(exec_path, real_exec_path)) {
+exec_path = real_exec_path;
+}
+
/*
* get binfmt_misc flags
*/
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index a6c426d73cfe..cc650d4ccbd6 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -9989,18 +9989,13 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int
num, abi_long arg1,
/* Short circuit this for the magic exe check. */
ret = -TARGET_EINVAL;
} else if (is_proc_myself((const char *)p, "exe")) {
-char real[PATH_MAX], *temp;
-temp = realpath(exec_path, real);
-/* Return value is # of bytes that we wrote to the buffer. */
-if (temp == NULL) {
-ret = get_errno(-1);
-} else {
-/* Don't worry about sign mismatch as earlier mapping
- * logic would have thrown a bad address error. */
-ret = MIN(strlen(real), arg3);
-/* We cannot NUL terminate the string. */
-memcpy(p2, real, ret);
-}
+/*
+ * Don't worry about sign mismatch as earlier mapping
+ * logic would have thrown a bad address error.
+ */
+ret = MIN(strlen(exec_path), arg3);
+/* We cannot NUL terminate the string. */
+memcpy(p2, exec_path, ret);
} else {
ret = get_errno(readlink(path(p), p2, arg3));
}
@@ -10021,18 +10016,13 @@ static abi_long do_syscall1(CPUArchState *cpu_env,
int num, abi_long arg1,
/* Short circuit this for the magic exe check. */
ret = -TARGET_EINVAL;
} else if (is_proc_myself((const char *)p, "exe")) {
-char real[PATH_MAX], *temp;
-temp = realpath(exec_path, real);
-/* Return value is # of bytes that we wrote to the buffer. */
-if (temp == NULL) {
-ret = get_errno(-1);
-} else {
-/* Don't worry about sign mismatch as earlier mapping
- * logic would have thrown a bad address error. */
-ret = MIN(strlen(real), arg4);
-/* We cannot NUL terminate the string. */
-memcpy(p2, real, ret);
-}
+/*
+ * Don't worry about sign mismatch as earlier mapping
+ * logic would have thrown a bad address error.
+ */
+ret = MIN(strlen(exec_path), arg4);
+/* We cannot NUL terminate the string. */
+memcpy(p2, exec_path, ret);
} else {
ret = get_errno(readlinkat(arg1, path(p), p2, arg4));
}
--
2.39.2
[PULL 28/28] linux-user: fix bug about incorrect base addresss of gdt on i386 and x86_64
From: "fa...@mail.ustc.edu.cn"
On linux user mode, CPUX86State::gdt::base from Different CPUX86State
Objects have same value, It is incorrect! Every CPUX86State::gdt::base
Must points to independent memory space.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1405
Signed-off-by: fanwenjie
Message-Id: <4172b90.58b08.18631b77860.coremail.fa...@mail.ustc.edu.cn>
[lv: remove unnecessary casts, split overlong line]
Signed-off-by: Laurent Vivier
---
linux-user/i386/cpu_loop.c | 9 +
linux-user/main.c | 8
2 files changed, 17 insertions(+)
diff --git a/linux-user/i386/cpu_loop.c b/linux-user/i386/cpu_loop.c
index 865413c08f07..2d0918a93ff6 100644
--- a/linux-user/i386/cpu_loop.c
+++ b/linux-user/i386/cpu_loop.c
@@ -314,8 +314,17 @@ void cpu_loop(CPUX86State *env)
}
}
+static void target_cpu_free(void *obj)
+{
+CPUArchState *env = ((CPUState *)obj)->env_ptr;
+target_munmap(env->gdt.base, sizeof(uint64_t) * TARGET_GDT_ENTRIES);
+g_free(obj);
+}
+
void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
{
+CPUState *cpu = env_cpu(env);
+OBJECT(cpu)->free = target_cpu_free;
env->cr[0] = CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK;
env->hflags |= HF_PE_MASK | HF_CPL_MASK;
if (env->features[FEAT_1_EDX] & CPUID_SSE) {
diff --git a/linux-user/main.c b/linux-user/main.c
index 798fdc0bce8e..47b0c0fc4394 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -238,6 +238,14 @@ CPUArchState *cpu_copy(CPUArchState *env)
new_cpu->tcg_cflags = cpu->tcg_cflags;
memcpy(new_env, env, sizeof(CPUArchState));
+#if defined(TARGET_I386) || defined(TARGET_X86_64)
+new_env->gdt.base = target_mmap(0, sizeof(uint64_t) * TARGET_GDT_ENTRIES,
+PROT_READ | PROT_WRITE,
+MAP_ANONYMOUS | MAP_PRIVATE, -1, 0);
+memcpy(g2h_untagged(new_env->gdt.base), g2h_untagged(env->gdt.base),
+ sizeof(uint64_t) * TARGET_GDT_ENTRIES);
+OBJECT(new_cpu)->free = OBJECT(cpu)->free;
+#endif
/* Clone all break/watchpoints.
Note: Once we support ptrace with hw-debug register access, make sure
--
2.39.2
[PULL 10/28] linux-user: fix sockaddr_in6 endianness
From: Mathis Marion
The sin6_scope_id field uses the host byte order, so there is a
conversion to be made when host and target endianness differ.
Signed-off-by: Mathis Marion
Reviewed-by: Laurent Vivier
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20230307154256.101528-2-mathis.mar...@silabs.com>
Signed-off-by: Laurent Vivier
---
linux-user/syscall.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 931f9db47552..05c81079e745 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -1714,6 +1714,11 @@ static inline abi_long target_to_host_sockaddr(int fd,
struct sockaddr *addr,
lladdr = (struct target_sockaddr_ll *)addr;
lladdr->sll_ifindex = tswap32(lladdr->sll_ifindex);
lladdr->sll_hatype = tswap16(lladdr->sll_hatype);
+} else if (sa_family == AF_INET6) {
+struct sockaddr_in6 *in6addr;
+
+in6addr = (struct sockaddr_in6 *)addr;
+in6addr->sin6_scope_id = tswap32(in6addr->sin6_scope_id);
}
unlock_user(target_saddr, target_addr, 0);
--
2.39.2
[PULL 02/28] linux-user: fix timerfd read endianness conversion
From: Mathis Marion
When reading the expiration count from a timerfd, the endianness of the
64bit value read is the one of the host, just as for eventfds.
Signed-off-by: Mathis Marion
Reviewed-by: Laurent Vivier
Message-Id: <20230220085822.626798-2-mathis.mar...@silabs.com>
Signed-off-by: Laurent Vivier
---
linux-user/fd-trans.c | 10 +++---
linux-user/fd-trans.h | 1 +
linux-user/syscall.c | 8 ++--
3 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/linux-user/fd-trans.c b/linux-user/fd-trans.c
index 7b25468d0208..146faa13 100644
--- a/linux-user/fd-trans.c
+++ b/linux-user/fd-trans.c
@@ -1622,7 +1622,7 @@ TargetFdTrans target_signalfd_trans = {
.host_to_target_data = host_to_target_data_signalfd,
};
-static abi_long swap_data_eventfd(void *buf, size_t len)
+static abi_long swap_data_u64(void *buf, size_t len)
{
uint64_t *counter = buf;
int i;
@@ -1640,8 +1640,12 @@ static abi_long swap_data_eventfd(void *buf, size_t len)
}
TargetFdTrans target_eventfd_trans = {
-.host_to_target_data = swap_data_eventfd,
-.target_to_host_data = swap_data_eventfd,
+.host_to_target_data = swap_data_u64,
+.target_to_host_data = swap_data_u64,
+};
+
+TargetFdTrans target_timerfd_trans = {
+.host_to_target_data = swap_data_u64,
};
#if defined(CONFIG_INOTIFY) && (defined(TARGET_NR_inotify_init) || \
diff --git a/linux-user/fd-trans.h b/linux-user/fd-trans.h
index 1b9fa2041c06..910faaf237cc 100644
--- a/linux-user/fd-trans.h
+++ b/linux-user/fd-trans.h
@@ -130,6 +130,7 @@ extern TargetFdTrans target_netlink_route_trans;
extern TargetFdTrans target_netlink_audit_trans;
extern TargetFdTrans target_signalfd_trans;
extern TargetFdTrans target_eventfd_trans;
+extern TargetFdTrans target_timerfd_trans;
#if (defined(TARGET_NR_inotify_init) && defined(__NR_inotify_init)) || \
(defined(CONFIG_INOTIFY1) && defined(TARGET_NR_inotify_init1) && \
defined(__NR_inotify_init1))
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index cc650d4ccbd6..64b71b1ff94b 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -13108,8 +13108,12 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int
num, abi_long arg1,
#if defined(TARGET_NR_timerfd_create) && defined(CONFIG_TIMERFD)
case TARGET_NR_timerfd_create:
-return get_errno(timerfd_create(arg1,
- target_to_host_bitmask(arg2, fcntl_flags_tbl)));
+ret = get_errno(timerfd_create(arg1,
+target_to_host_bitmask(arg2, fcntl_flags_tbl)));
+if (ret >= 0) {
+fd_trans_register(ret, &target_timerfd_trans);
+}
+return ret;
#endif
#if defined(TARGET_NR_timerfd_gettime) && defined(CONFIG_TIMERFD)
--
2.39.2
[PULL 03/28] linux-user: add target to host netlink conversions
From: Mathis Marion
Added conversions for:
- IFLA_MTU
- IFLA_TXQLEN
- IFLA_AF_SPEC AF_INET6 IFLA_INET6_ADDR_GEN_MODE
These relate to the libnl functions rtnl_link_set_mtu,
rtnl_link_set_txqlen, and rtnl_link_inet6_set_addr_gen_mode.
Signed-off-by: Mathis Marion
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Laurent Vivier
Message-Id: <20230220085822.626798-4-mathis.mar...@silabs.com>
Signed-off-by: Laurent Vivier
---
linux-user/fd-trans.c | 62 +++
1 file changed, 62 insertions(+)
diff --git a/linux-user/fd-trans.c b/linux-user/fd-trans.c
index 146faa13..4852a75d9dcc 100644
--- a/linux-user/fd-trans.c
+++ b/linux-user/fd-trans.c
@@ -1284,6 +1284,49 @@ static inline abi_long host_to_target_nlmsg_route(struct
nlmsghdr *nlh,
return host_to_target_for_each_nlmsg(nlh, len, host_to_target_data_route);
}
+static abi_long target_to_host_for_each_nlattr(struct nlattr *nlattr,
+ size_t len,
+ abi_long
(*target_to_host_nlattr)
+(struct nlattr *))
+{
+unsigned short aligned_nla_len;
+abi_long ret;
+
+while (len > sizeof(struct nlattr)) {
+if (tswap16(nlattr->nla_len) < sizeof(struct rtattr) ||
+tswap16(nlattr->nla_len) > len) {
+break;
+}
+nlattr->nla_len = tswap16(nlattr->nla_len);
+nlattr->nla_type = tswap16(nlattr->nla_type);
+ret = target_to_host_nlattr(nlattr);
+if (ret < 0) {
+return ret;
+}
+
+aligned_nla_len = NLA_ALIGN(nlattr->nla_len);
+if (aligned_nla_len >= len) {
+break;
+}
+len -= aligned_nla_len;
+nlattr = (struct nlattr *)(((char *)nlattr) + aligned_nla_len);
+}
+return 0;
+}
+
+static abi_long target_to_host_data_inet6_nlattr(struct nlattr *nlattr)
+{
+switch (nlattr->nla_type) {
+/* uint8_t */
+case QEMU_IFLA_INET6_ADDR_GEN_MODE:
+break;
+default:
+qemu_log_mask(LOG_UNIMP, "Unknown target AF_INET6 type: %d\n",
+ nlattr->nla_type);
+}
+return 0;
+}
+
static abi_long target_to_host_for_each_rtattr(struct rtattr *rtattr,
size_t len,
abi_long
(*target_to_host_rtattr)
@@ -1314,16 +1357,35 @@ static abi_long target_to_host_for_each_rtattr(struct
rtattr *rtattr,
return 0;
}
+static abi_long target_to_host_data_spec_nlattr(struct nlattr *nlattr)
+{
+switch (nlattr->nla_type) {
+case AF_INET6:
+return target_to_host_for_each_nlattr(NLA_DATA(nlattr),
nlattr->nla_len,
+
target_to_host_data_inet6_nlattr);
+default:
+qemu_log_mask(LOG_UNIMP, "Unknown target AF_SPEC type: %d\n",
+ nlattr->nla_type);
+break;
+}
+return 0;
+}
+
static abi_long target_to_host_data_link_rtattr(struct rtattr *rtattr)
{
uint32_t *u32;
switch (rtattr->rta_type) {
/* uint32_t */
+case QEMU_IFLA_MTU:
+case QEMU_IFLA_TXQLEN:
case QEMU_IFLA_EXT_MASK:
u32 = RTA_DATA(rtattr);
*u32 = tswap32(*u32);
break;
+case QEMU_IFLA_AF_SPEC:
+return target_to_host_for_each_nlattr(RTA_DATA(rtattr),
rtattr->rta_len,
+ target_to_host_data_spec_nlattr);
default:
qemu_log_mask(LOG_UNIMP, "Unknown target QEMU_IFLA type: %d\n",
rtattr->rta_type);
--
2.39.2
[PULL 13/28] linux-user: Emulate CLONE_PIDFD flag in clone()
From: Helge Deller
Add emulation for the CLONE_PIDFD flag of the clone() syscall.
This flag was added in Linux kernel 5.2.
Successfully tested on a x86-64 Linux host with hppa-linux target.
Can be verified by running the testsuite of the qcoro debian package,
which breaks hard and kills the currently logged-in user without this
patch.
Signed-off-by: Helge Deller
Reviewed-by: Laurent Vivier
Message-Id:
[lv: define CLONE_PIDFD if it is not]
Signed-off-by: Laurent Vivier
---
linux-user/strace.c | 5 +
linux-user/syscall.c | 31 ++-
2 files changed, 35 insertions(+), 1 deletion(-)
diff --git a/linux-user/strace.c b/linux-user/strace.c
index e08bd53afb48..aad2b62ca416 100644
--- a/linux-user/strace.c
+++ b/linux-user/strace.c
@@ -,11 +,16 @@ UNUSED static const struct flags mmap_flags[] = {
FLAG_END,
};
+#ifndef CLONE_PIDFD
+# define CLONE_PIDFD 0x1000
+#endif
+
UNUSED static const struct flags clone_flags[] = {
FLAG_GENERIC(CLONE_VM),
FLAG_GENERIC(CLONE_FS),
FLAG_GENERIC(CLONE_FILES),
FLAG_GENERIC(CLONE_SIGHAND),
+FLAG_GENERIC(CLONE_PIDFD),
FLAG_GENERIC(CLONE_PTRACE),
FLAG_GENERIC(CLONE_VFORK),
FLAG_GENERIC(CLONE_PARENT),
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index dad2c3312032..24cea6fb6a63 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -169,9 +169,13 @@
#define CLONE_IGNORED_FLAGS \
(CLONE_DETACHED | CLONE_IO)
+#ifndef CLONE_PIDFD
+# define CLONE_PIDFD 0x1000
+#endif
+
/* Flags for fork which we can implement within QEMU itself */
#define CLONE_OPTIONAL_FORK_FLAGS \
-(CLONE_SETTLS | CLONE_PARENT_SETTID | \
+(CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_PIDFD | \
CLONE_CHILD_CLEARTID | CLONE_CHILD_SETTID)
/* Flags for thread creation which we can implement within QEMU itself */
@@ -6730,6 +6734,17 @@ static int do_fork(CPUArchState *env, unsigned int
flags, abi_ulong newsp,
return -TARGET_EINVAL;
}
+#if !defined(__NR_pidfd_open) || !defined(TARGET_NR_pidfd_open)
+if (flags & CLONE_PIDFD) {
+return -TARGET_EINVAL;
+}
+#endif
+
+/* Can not allow CLONE_PIDFD with CLONE_PARENT_SETTID */
+if ((flags & CLONE_PIDFD) && (flags & CLONE_PARENT_SETTID)) {
+return -TARGET_EINVAL;
+}
+
if (block_signals()) {
return -QEMU_ERESTARTSYS;
}
@@ -6757,6 +6772,20 @@ static int do_fork(CPUArchState *env, unsigned int
flags, abi_ulong newsp,
ts->child_tidptr = child_tidptr;
} else {
cpu_clone_regs_parent(env, flags);
+if (flags & CLONE_PIDFD) {
+int pid_fd = 0;
+#if defined(__NR_pidfd_open) && defined(TARGET_NR_pidfd_open)
+int pid_child = ret;
+pid_fd = pidfd_open(pid_child, 0);
+if (pid_fd >= 0) {
+fcntl(pid_fd, F_SETFD, fcntl(pid_fd, F_GETFL)
+ | FD_CLOEXEC);
+} else {
+pid_fd = 0;
+}
+#endif
+put_user_u32(pid_fd, parent_tidptr);
+}
fork_end(0);
}
g_assert(!cpu_in_exclusive_context(cpu));
--
2.39.2
Re: [PATCH v2 7/7] include/qemu/plugin: Inline qemu_plugin_disable_mem_helpers
On 10/3/23 20:52, Richard Henderson wrote: Now that we've broken the include loop with cpu.h, we can bring this inline. Signed-off-by: Richard Henderson --- include/qemu/plugin.h | 6 +- plugins/core.c| 11 --- 2 files changed, 5 insertions(+), 12 deletions(-) Reviewed-by: Philippe Mathieu-Daudé
Re: [PATCH v2 6/7] include/qemu: Split out plugin-event.h
On 10/3/23 20:52, Richard Henderson wrote: The usage in hw/core/cpu.h only requires QEMU_PLUGIN_EV_MAX. Signed-off-by: Richard Henderson --- include/hw/core/cpu.h | 2 +- include/qemu/plugin-event.h | 26 ++ include/qemu/plugin.h | 17 + 3 files changed, 28 insertions(+), 17 deletions(-) create mode 100644 include/qemu/plugin-event.h diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h index 75689bff02..821e937020 100644 --- a/include/hw/core/cpu.h +++ b/include/hw/core/cpu.h @@ -30,7 +30,7 @@ #include "qemu/rcu_queue.h" #include "qemu/queue.h" #include "qemu/thread.h" -#include "qemu/plugin.h" \o/ Reviewed-by: Philippe Mathieu-Daudé
Re: [PATCH v2 5/7] *: Add missing includes of qemu/plugin.h
On 10/3/23 20:52, Richard Henderson wrote: This had been pulled in from hw/core/cpu.h, but that will be removed. Signed-off-by: Richard Henderson --- accel/tcg/cpu-exec-common.c | 1 + cpu.c | 1 + linux-user/exit.c | 1 + linux-user/syscall.c| 1 + 4 files changed, 4 insertions(+) Reviewed-by: Philippe Mathieu-Daudé
Re: [PATCH v2 4/7] *: Add missing includes of qemu/error-report.h
On 10/3/23 20:52, Richard Henderson wrote: This had been pulled in via qemu/plugin.h from hw/core/cpu.h, but that will be removed. Signed-off-by: Richard Henderson --- accel/accel-softmmu.c | 2 +- block/monitor/block-hmp-cmds.c | 1 + dump/dump.c| 1 + dump/win_dump.c| 1 + hw/arm/collie.c| 2 ++ hw/arm/cubieboard.c| 1 + hw/arm/musicpal.c | 2 ++ hw/arm/npcm7xx_boards.c| 2 ++ hw/arm/nseries.c | 2 ++ hw/arm/omap_sx1.c | 2 ++ hw/arm/orangepi.c | 1 + hw/arm/palm.c | 2 ++ hw/core/machine-smp.c | 2 ++ hw/i386/sgx.c | 1 + hw/loongarch/acpi-build.c | 1 + hw/loongarch/virt.c| 2 ++ hw/m68k/next-cube.c| 1 + hw/m68k/q800.c | 1 + hw/m68k/virt.c | 1 + hw/openrisc/boot.c | 1 + hw/ppc/spapr_softmmu.c | 2 ++ hw/riscv/opentitan.c | 1 + hw/riscv/shakti_c.c| 1 + hw/riscv/virt-acpi-build.c | 1 + linux-user/elfload.c | 1 + target/i386/cpu.c | 1 + target/i386/host-cpu.c | 1 + target/s390x/cpu_models.c | 1 + target/s390x/diag.c| 2 ++ 29 files changed, 39 insertions(+), 1 deletion(-) Reviewed-by: Philippe Mathieu-Daudé
Re: [PATCH v2 05/10] contrib/gitdm: Add SYRMIA to the domain map
On 10/3/23 19:03, Alex Bennée wrote: The company website lists QEMU amongst the things they work on so I assume these are corporate contributions. Signed-off-by: Alex Bennée Cc: Milica Lazarevic --- contrib/gitdm/domain-map | 1 + 1 file changed, 1 insertion(+) Reviewed-by: Philippe Mathieu-Daudé
Re: [PATCH v2 06/10] contrib/gitdm: add Amazon to the domain map
On 10/3/23 19:03, Alex Bennée wrote: We have multiple contributors from both .co.uk and .com versions of the address. Signed-off-by: Alex Bennée Cc: Alexander Graf Cc: Paul Durrant Cc: David Wooodhouse --- contrib/gitdm/domain-map | 2 ++ 1 file changed, 2 insertions(+) Reviewed-by: Philippe Mathieu-Daudé
Re: [PATCH v2 08/10] contrib/gitdm: add revng to domain map
On Fri, 10 Mar 2023 18:03:30 + Alex Bennée wrote: > +rev.ng revng Please use "rev.ng Labs". Thanks! Reviewed-by: Alessandro Di Federico -- Alessandro Di Federico rev.ng Labs
Re: [PULL 3/3] edk2: update firmware binaries
Hi Gerd, On Thu, 9 Mar 2023 at 22:38, Gerd Hoffmann wrote: > > On Thu, Mar 09, 2023 at 02:09:30PM -0800, Simon Glass wrote: > > Hi Gerd, > > > > Where did these binaries come from? What commit and how were they built? > > See patch 1/3 for the source (edk2 submodule) update and patch 2/3 for > the build scripts. OK, got it, thank you. I made a few comments. This script is very, very useful. I wonder if it could end up in the edk repo? Regards, Simon
Re: [RFC PATCH] intel-iommu: Report interrupt remapping faults
On Fri, Mar 10, 2023 at 05:49:38PM +, David Woodhouse wrote:
> From: David Woodhouse
>
> There is more work to be done here, as pretranslations for the KVM IRQ
> routing table can't fault yet; they should be handled in userspace and
> the fault raised only when the IRQ actually happens (if indeed the IRTE
> is still not valid at that time). But we can work on that later; we can
> at least raise faults for the direct case.
>
> Signed-off-by: David Woodhouse
> ---
>
> Seemed like a good place to start.
>
> Utterly untested yet except for building it. Do we have unit tests for
> this; anything which will deliberately cause DMA faults that I can
> extend to also do IR faults? Or should I resort to just hacking a Linux
> kernel to do things wrong?
>
I am not aware of anything besides the test in kvm-unit-tests..
https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/blob/master/x86/intel-iommu.c
> Also, why does the generic X86IOMMUClass->int_remap function return
> VTD-specific values? Shouldn't it just return true or false, or an
> actual error from the system errno space?
Agree, a boolean seems to be enough. Not a huge problem, I guess.
>
> I also think we're allowing Compatibility Format MSIs when we shouldn't
> (when GSTS_CFIS is clear); the reporting of VTD_FR_IR_REQ_COMPAT is
> conspicuous in its absence. But I can fix that in a separate commit.
Yes, thanks.
>
>
> hw/i386/intel_iommu.c | 115 +
> hw/i386/intel_iommu_internal.h | 1 +
> 2 files changed, 89 insertions(+), 27 deletions(-)
>
> diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
> index faade7def8..946f6008fe 100644
> --- a/hw/i386/intel_iommu.c
> +++ b/hw/i386/intel_iommu.c
> @@ -468,21 +468,12 @@ static void vtd_set_frcd_and_update_ppf(IntelIOMMUState
> *s, uint16_t index)
>
> /* Must not update F field now, should be done later */
> static void vtd_record_frcd(IntelIOMMUState *s, uint16_t index,
> -uint16_t source_id, hwaddr addr,
> -VTDFaultReason fault, bool is_write,
> -bool is_pasid, uint32_t pasid)
> +uint64_t hi, uint64_t lo)
> {
> -uint64_t hi = 0, lo;
> hwaddr frcd_reg_addr = DMAR_FRCD_REG_OFFSET + (((uint64_t)index) << 4);
>
> assert(index < DMAR_FRCD_REG_NR);
>
> -lo = VTD_FRCD_FI(addr);
> -hi = VTD_FRCD_SID(source_id) | VTD_FRCD_FR(fault) |
> - VTD_FRCD_PV(pasid) | VTD_FRCD_PP(is_pasid);
> -if (!is_write) {
> -hi |= VTD_FRCD_T;
> -}
> vtd_set_quad_raw(s, frcd_reg_addr, lo);
> vtd_set_quad_raw(s, frcd_reg_addr + 8, hi);
>
> @@ -508,17 +499,11 @@ static bool vtd_try_collapse_fault(IntelIOMMUState *s,
> uint16_t source_id)
> }
>
> /* Log and report an DMAR (address translation) fault to software */
> -static void vtd_report_dmar_fault(IntelIOMMUState *s, uint16_t source_id,
> - hwaddr addr, VTDFaultReason fault,
> - bool is_write, bool is_pasid,
> - uint32_t pasid)
> +static void vtd_report_frcd_fault(IntelIOMMUState *s, uint64_t source_id,
> + uint64_t hi, uint64_t lo)
> {
> uint32_t fsts_reg = vtd_get_long_raw(s, DMAR_FSTS_REG);
>
> -assert(fault < VTD_FR_MAX);
> -
> -trace_vtd_dmar_fault(source_id, fault, addr, is_write);
> -
> if (fsts_reg & VTD_FSTS_PFO) {
> error_report_once("New fault is not recorded due to "
>"Primary Fault Overflow");
> @@ -538,8 +523,7 @@ static void vtd_report_dmar_fault(IntelIOMMUState *s,
> uint16_t source_id,
> return;
> }
>
> -vtd_record_frcd(s, s->next_frcd_reg, source_id, addr, fault,
> -is_write, is_pasid, pasid);
> +vtd_record_frcd(s, s->next_frcd_reg, hi, lo);
>
> if (fsts_reg & VTD_FSTS_PPF) {
> error_report_once("There are pending faults already, "
> @@ -564,6 +548,42 @@ static void vtd_report_dmar_fault(IntelIOMMUState *s,
> uint16_t source_id,
> }
> }
>
> +/* Log and report an DMAR (address translation) fault to software */
> +static void vtd_report_dmar_fault(IntelIOMMUState *s, uint16_t source_id,
> + hwaddr addr, VTDFaultReason fault,
> + bool is_write, bool is_pasid,
> + uint32_t pasid)
> +{
> +uint64_t hi, lo;
> +
> +assert(fault < VTD_FR_MAX);
> +
> +trace_vtd_dmar_fault(source_id, fault, addr, is_write);
> +
> +lo = VTD_FRCD_FI(addr);
> +hi = VTD_FRCD_SID(source_id) | VTD_FRCD_FR(fault) |
> + VTD_FRCD_PV(pasid) | VTD_FRCD_PP(is_pasid);
> +if (!is_write) {
> +hi |= VTD_FRCD_T;
> +}
> +
> +vtd_report_frcd_fault(s, source_id, hi, lo);
> +}
> +
> +
> +static void vtd_report_ir_fault(IntelIOMMUState *s, uint64_t source_id,
> +
Re: [PATCH] hw/intc/ioapic: Update KVM routes before redelivering IRQ, on RTE update
On Fri, Mar 10, 2023 at 05:52:57PM +, David Woodhouse wrote: > On Thu, 2023-03-09 at 11:55 -0500, Peter Xu wrote: > > > > There're four devices that can hook onto this, IIUC. Besides IOAPIC and > > VFIO, there's also ivshmem and vhost. IIUC we'll need to change all the > > four devices to implement this. > > If you grep for kvm_irqchip_add_irqfd_notifier() there are more than that. Looks right to me. I assume they're all line based IRQs routed later to IOAPIC, so they're the real devices consuming the IOAPIC entries. > There's a bunch of largely duplicated code, with different code paths > for kvm_irqfds_enabled() and other variants. In code that I don't think > should even have to *know* about KVM, should it? > > I think I'd like to provide a generic set of helpers which just allow > callers to register a virtual IRQ and then trigger it manually and/or > attach an irqfd (and a resamplefd, qv) to it. > > This new helper code can then cope with listening in userspace on that > fd if/when it needs to, and can even work for the non-KVM case. The > actual devices get a *lot* simpler. > > It'll *broadly* look like the existing kvm_irqchip_* functions but be a > lot simpler to use. IIUC what's missing is the reverse chain of notifications from e.g. IRTE to the device, either via MSIs or via some pins of IOAPIC. I don't think I have very good knowledge on the whole IRQ path yet so I can't really tell anything useful, but what you said looks like a good thing to have. If it can cleanup things besides achieving the goal of fault irq reporting it could be more worthwhile. Thanks, -- Peter Xu
Re: [PATCH 01/12] target/s390x: Handle branching to odd addresses
On 3/10/23 11:34, Ilya Leoshkevich wrote:
On Fri, 2023-03-10 at 11:24 -0800, Richard Henderson wrote:
On 3/10/23 09:42, Ilya Leoshkevich wrote:
@@ -381,6 +382,14 @@ static inline int cpu_mmu_index(CPUS390XState
*env, bool ifetch)
static inline void cpu_get_tb_cpu_state(CPUS390XState* env,
target_ulong *pc,
target_ulong *cs_base,
uint32_t *flags)
{
+ if (env->psw.addr & 1) {
+ /*
+ * Instructions must be at even addresses.
+ * This needs to be checked before address translation.
+ */
+ env->int_pgm_ilen = 2; /* see s390_cpu_tlb_fill() */
+ tcg_s390_program_interrupt(env, PGM_SPECIFICATION, 0);
+ }
This is incorrect placement. You can't raise an exception from all
of the places from
which this is called.
You need to do this at the start of s390x_tr_translate_insn.
Compare aarch64_tr_translate_insn and the test for (pc & 3).
r~
The problem is that it's too late - for non-mapped memory we would get
a translation exception instead of a specification exception.
Ah. I wonder if I've got the placement right for arm.
I see the following call sites:
- HELPER(lookup_tb_ptr) - for helpers the exceptions should work;
- cpu_exec_loop(), cpu_exec_step_atomic - these are wrapped in setjmp,
so it should be ok too?
- tb_check_watchpoint() - is this the problematic one?
Am I missing something?
Apparently not. I thought the ones except for lookup_tb_ptr would be outside the setjmp,
but I was wrong.
[PATCH v2 4/7] *: Add missing includes of qemu/error-report.h
This had been pulled in via qemu/plugin.h from hw/core/cpu.h,
but that will be removed.
Signed-off-by: Richard Henderson
---
accel/accel-softmmu.c | 2 +-
block/monitor/block-hmp-cmds.c | 1 +
dump/dump.c| 1 +
dump/win_dump.c| 1 +
hw/arm/collie.c| 2 ++
hw/arm/cubieboard.c| 1 +
hw/arm/musicpal.c | 2 ++
hw/arm/npcm7xx_boards.c| 2 ++
hw/arm/nseries.c | 2 ++
hw/arm/omap_sx1.c | 2 ++
hw/arm/orangepi.c | 1 +
hw/arm/palm.c | 2 ++
hw/core/machine-smp.c | 2 ++
hw/i386/sgx.c | 1 +
hw/loongarch/acpi-build.c | 1 +
hw/loongarch/virt.c| 2 ++
hw/m68k/next-cube.c| 1 +
hw/m68k/q800.c | 1 +
hw/m68k/virt.c | 1 +
hw/openrisc/boot.c | 1 +
hw/ppc/spapr_softmmu.c | 2 ++
hw/riscv/opentitan.c | 1 +
hw/riscv/shakti_c.c| 1 +
hw/riscv/virt-acpi-build.c | 1 +
linux-user/elfload.c | 1 +
target/i386/cpu.c | 1 +
target/i386/host-cpu.c | 1 +
target/s390x/cpu_models.c | 1 +
target/s390x/diag.c| 2 ++
29 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/accel/accel-softmmu.c b/accel/accel-softmmu.c
index f9cdafb148..9c804ba9e3 100644
--- a/accel/accel-softmmu.c
+++ b/accel/accel-softmmu.c
@@ -27,7 +27,7 @@
#include "qemu/accel.h"
#include "hw/boards.h"
#include "sysemu/cpus.h"
-
+#include "qemu/error-report.h"
#include "accel-softmmu.h"
int accel_init_machine(AccelState *accel, MachineState *ms)
diff --git a/block/monitor/block-hmp-cmds.c b/block/monitor/block-hmp-cmds.c
index 6aa5f1be0c..2846083546 100644
--- a/block/monitor/block-hmp-cmds.c
+++ b/block/monitor/block-hmp-cmds.c
@@ -48,6 +48,7 @@
#include "qemu/option.h"
#include "qemu/sockets.h"
#include "qemu/cutils.h"
+#include "qemu/error-report.h"
#include "sysemu/sysemu.h"
#include "monitor/monitor.h"
#include "monitor/hmp.h"
diff --git a/dump/dump.c b/dump/dump.c
index 544d5bce3a..1f1a6edcab 100644
--- a/dump/dump.c
+++ b/dump/dump.c
@@ -24,6 +24,7 @@
#include "qapi/qapi-commands-dump.h"
#include "qapi/qapi-events-dump.h"
#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
#include "qemu/main-loop.h"
#include "hw/misc/vmcoreinfo.h"
#include "migration/blocker.h"
diff --git a/dump/win_dump.c b/dump/win_dump.c
index 0152f7330a..b7bfaff379 100644
--- a/dump/win_dump.c
+++ b/dump/win_dump.c
@@ -11,6 +11,7 @@
#include "qemu/osdep.h"
#include "sysemu/dump.h"
#include "qapi/error.h"
+#include "qemu/error-report.h"
#include "qapi/qmp/qerror.h"
#include "exec/cpu-defs.h"
#include "hw/core/cpu.h"
diff --git a/hw/arm/collie.c b/hw/arm/collie.c
index 9edff59370..a0ad1b8dc7 100644
--- a/hw/arm/collie.c
+++ b/hw/arm/collie.c
@@ -19,6 +19,8 @@
#include "exec/address-spaces.h"
#include "cpu.h"
#include "qom/object.h"
+#include "qemu/error-report.h"
+
#define RAM_SIZE(512 * MiB)
#define FLASH_SIZE (32 * MiB)
diff --git a/hw/arm/cubieboard.c b/hw/arm/cubieboard.c
index 71a7df1508..8c7fa91529 100644
--- a/hw/arm/cubieboard.c
+++ b/hw/arm/cubieboard.c
@@ -17,6 +17,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
+#include "qemu/error-report.h"
#include "hw/boards.h"
#include "hw/qdev-properties.h"
#include "hw/arm/allwinner-a10.h"
diff --git a/hw/arm/musicpal.c b/hw/arm/musicpal.c
index 06d9add7c7..c9010b2ffb 100644
--- a/hw/arm/musicpal.c
+++ b/hw/arm/musicpal.c
@@ -37,6 +37,8 @@
#include "qemu/cutils.h"
#include "qom/object.h"
#include "hw/net/mv88w8618_eth.h"
+#include "qemu/error-report.h"
+
#define MP_MISC_BASE0x80002000
#define MP_MISC_SIZE0x1000
diff --git a/hw/arm/npcm7xx_boards.c b/hw/arm/npcm7xx_boards.c
index 9b31207a06..2aef579aac 100644
--- a/hw/arm/npcm7xx_boards.c
+++ b/hw/arm/npcm7xx_boards.c
@@ -30,6 +30,8 @@
#include "sysemu/blockdev.h"
#include "sysemu/sysemu.h"
#include "sysemu/block-backend.h"
+#include "qemu/error-report.h"
+
#define NPCM7XX_POWER_ON_STRAPS_DEFAULT ( \
NPCM7XX_PWRON_STRAP_SPI0F18 | \
diff --git a/hw/arm/nseries.c b/hw/arm/nseries.c
index c9df063a08..9e49e9e177 100644
--- a/hw/arm/nseries.c
+++ b/hw/arm/nseries.c
@@ -45,6 +45,8 @@
#include "hw/loader.h"
#include "hw/sysbus.h"
#include "qemu/log.h"
+#include "qemu/error-report.h"
+
/* Nokia N8x0 support */
struct n800_s {
diff --git a/hw/arm/omap_sx1.c b/hw/arm/omap_sx1.c
index e721292079..4bf1579f8c 100644
--- a/hw/arm/omap_sx1.c
+++ b/hw/arm/omap_sx1.c
@@ -37,6 +37,8 @@
#include "exec/address-spaces.h"
#include "cpu.h"
#include "qemu/cutils.h"
+#include "qemu/error-report.h"
+
/*/
/* Siemens SX1 Cellphone V1 */
diff --git a/hw/arm/orangepi.c b/hw/arm/orangepi.c
index 3ace474870..10653361ed 100644
--- a/hw/arm/orangepi
[PATCH v2 5/7] *: Add missing includes of qemu/plugin.h
This had been pulled in from hw/core/cpu.h, but that will be removed. Signed-off-by: Richard Henderson --- accel/tcg/cpu-exec-common.c | 1 + cpu.c | 1 + linux-user/exit.c | 1 + linux-user/syscall.c| 1 + 4 files changed, 4 insertions(+) diff --git a/accel/tcg/cpu-exec-common.c b/accel/tcg/cpu-exec-common.c index 176ea57281..e7962c9348 100644 --- a/accel/tcg/cpu-exec-common.c +++ b/accel/tcg/cpu-exec-common.c @@ -21,6 +21,7 @@ #include "sysemu/cpus.h" #include "sysemu/tcg.h" #include "exec/exec-all.h" +#include "qemu/plugin.h" bool tcg_allowed; diff --git a/cpu.c b/cpu.c index 567b23af46..849bac062c 100644 --- a/cpu.c +++ b/cpu.c @@ -42,6 +42,7 @@ #include "hw/core/accel-cpu.h" #include "trace/trace-root.h" #include "qemu/accel.h" +#include "qemu/plugin.h" uintptr_t qemu_host_page_size; intptr_t qemu_host_page_mask; diff --git a/linux-user/exit.c b/linux-user/exit.c index fd49d76f45..3017d28a3c 100644 --- a/linux-user/exit.c +++ b/linux-user/exit.c @@ -21,6 +21,7 @@ #include "gdbstub/syscalls.h" #include "qemu.h" #include "user-internals.h" +#include "qemu/plugin.h" #ifdef CONFIG_GPROF #include #endif diff --git a/linux-user/syscall.c b/linux-user/syscall.c index a6c426d73c..38f3f5f784 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -22,6 +22,7 @@ #include "qemu/path.h" #include "qemu/memfd.h" #include "qemu/queue.h" +#include "qemu/plugin.h" #include #include #include -- 2.34.1
[PATCH v2 2/7] tcg: Drop plugin_gen_disable_mem_helpers from tcg_gen_exit_tb
Now that we call qemu_plugin_disable_mem_helpers in cpu_tb_exec, we don't need to do this in generated code as well. Signed-off-by: Richard Henderson --- tcg/tcg-op.c | 1 - 1 file changed, 1 deletion(-) diff --git a/tcg/tcg-op.c b/tcg/tcg-op.c index 77658a88f0..cc8fdb0e46 100644 --- a/tcg/tcg-op.c +++ b/tcg/tcg-op.c @@ -2813,7 +2813,6 @@ void tcg_gen_exit_tb(const TranslationBlock *tb, unsigned idx) tcg_debug_assert(idx == TB_EXIT_REQUESTED); } -plugin_gen_disable_mem_helpers(); tcg_gen_op1i(INDEX_op_exit_tb, val); } -- 2.34.1
[PATCH v2 7/7] include/qemu/plugin: Inline qemu_plugin_disable_mem_helpers
Now that we've broken the include loop with cpu.h,
we can bring this inline.
Signed-off-by: Richard Henderson
---
include/qemu/plugin.h | 6 +-
plugins/core.c| 11 ---
2 files changed, 5 insertions(+), 12 deletions(-)
diff --git a/include/qemu/plugin.h b/include/qemu/plugin.h
index 6bf4bce188..bc0781cab8 100644
--- a/include/qemu/plugin.h
+++ b/include/qemu/plugin.h
@@ -14,6 +14,7 @@
#include "qemu/option.h"
#include "qemu/plugin-event.h"
#include "exec/memopidx.h"
+#include "hw/core/cpu.h"
/*
* Option parsing/processing.
@@ -204,7 +205,10 @@ void qemu_plugin_atexit_cb(void);
void qemu_plugin_add_dyn_cb_arr(GArray *arr);
-void qemu_plugin_disable_mem_helpers(CPUState *cpu);
+static inline void qemu_plugin_disable_mem_helpers(CPUState *cpu)
+{
+cpu->plugin_mem_cbs = NULL;
+}
/**
* qemu_plugin_user_exit(): clean-up callbacks before calling exit callbacks
diff --git a/plugins/core.c b/plugins/core.c
index 04632886b9..9912f2cfdb 100644
--- a/plugins/core.c
+++ b/plugins/core.c
@@ -553,17 +553,6 @@ void qemu_plugin_user_postfork(bool is_child)
}
}
-
-/*
- * Call this function after longjmp'ing to the main loop. It's possible that
the
- * last instruction of a TB might have used helpers, and therefore the
- * "disable" instruction will never execute because it ended up as dead code.
- */
-void qemu_plugin_disable_mem_helpers(CPUState *cpu)
-{
-cpu->plugin_mem_cbs = NULL;
-}
-
static bool plugin_dyn_cb_arr_cmp(const void *ap, const void *bp)
{
return ap == bp;
--
2.34.1
[PATCH v2 0/7] plugin: fix clearing of plugin_mem_cbs on TB exit
Changes for v2: * Use plugin_gen_disable_mem_helpers, * Remove plugin_gen_disable_mem_helpers from tcg_gen_exit_tb. * Break include loop with hw/core/cpu.h and qemu/plugins.h. * Inline plugin_gen_disable_mem_helpers. r~ Richard Henderson (7): tcg: Clear plugin_mem_cbs on TB exit tcg: Drop plugin_gen_disable_mem_helpers from tcg_gen_exit_tb include/qemu/plugin: Remove QEMU_PLUGIN_ASSERT *: Add missing includes of qemu/error-report.h *: Add missing includes of qemu/plugin.h include/qemu: Split out plugin-event.h include/qemu/plugin: Inline qemu_plugin_disable_mem_helpers include/hw/core/cpu.h | 2 +- include/qemu/plugin-event.h| 26 ++ include/qemu/plugin.h | 27 ++- accel/accel-softmmu.c | 2 +- accel/tcg/cpu-exec-common.c| 3 +++ accel/tcg/cpu-exec.c | 5 + block/monitor/block-hmp-cmds.c | 1 + cpu.c | 1 + dump/dump.c| 1 + dump/win_dump.c| 1 + hw/arm/collie.c| 2 ++ hw/arm/cubieboard.c| 1 + hw/arm/musicpal.c | 2 ++ hw/arm/npcm7xx_boards.c| 2 ++ hw/arm/nseries.c | 2 ++ hw/arm/omap_sx1.c | 2 ++ hw/arm/orangepi.c | 1 + hw/arm/palm.c | 2 ++ hw/core/machine-smp.c | 2 ++ hw/i386/sgx.c | 1 + hw/loongarch/acpi-build.c | 1 + hw/loongarch/virt.c| 2 ++ hw/m68k/next-cube.c| 1 + hw/m68k/q800.c | 1 + hw/m68k/virt.c | 1 + hw/openrisc/boot.c | 1 + hw/ppc/spapr_softmmu.c | 2 ++ hw/riscv/opentitan.c | 1 + hw/riscv/shakti_c.c| 1 + hw/riscv/virt-acpi-build.c | 1 + linux-user/elfload.c | 1 + linux-user/exit.c | 1 + linux-user/syscall.c | 1 + plugins/core.c | 11 --- target/i386/cpu.c | 1 + target/i386/host-cpu.c | 1 + target/s390x/cpu_models.c | 1 + target/s390x/diag.c| 2 ++ tcg/tcg-op.c | 1 - 39 files changed, 79 insertions(+), 39 deletions(-) create mode 100644 include/qemu/plugin-event.h -- 2.34.1
[PATCH v2 6/7] include/qemu: Split out plugin-event.h
The usage in hw/core/cpu.h only requires QEMU_PLUGIN_EV_MAX.
Signed-off-by: Richard Henderson
---
include/hw/core/cpu.h | 2 +-
include/qemu/plugin-event.h | 26 ++
include/qemu/plugin.h | 17 +
3 files changed, 28 insertions(+), 17 deletions(-)
create mode 100644 include/qemu/plugin-event.h
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 75689bff02..821e937020 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -30,7 +30,7 @@
#include "qemu/rcu_queue.h"
#include "qemu/queue.h"
#include "qemu/thread.h"
-#include "qemu/plugin.h"
+#include "qemu/plugin-event.h"
#include "qom/object.h"
typedef int (*WriteCoreDumpFunction)(const void *buf, size_t size,
diff --git a/include/qemu/plugin-event.h b/include/qemu/plugin-event.h
new file mode 100644
index 00..7056d8427b
--- /dev/null
+++ b/include/qemu/plugin-event.h
@@ -0,0 +1,26 @@
+/*
+ * Copyright (C) 2017, Emilio G. Cota
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#ifndef QEMU_PLUGIN_EVENT_H
+#define QEMU_PLUGIN_EVENT_H
+
+/*
+ * Events that plugins can subscribe to.
+ */
+enum qemu_plugin_event {
+QEMU_PLUGIN_EV_VCPU_INIT,
+QEMU_PLUGIN_EV_VCPU_EXIT,
+QEMU_PLUGIN_EV_VCPU_TB_TRANS,
+QEMU_PLUGIN_EV_VCPU_IDLE,
+QEMU_PLUGIN_EV_VCPU_RESUME,
+QEMU_PLUGIN_EV_VCPU_SYSCALL,
+QEMU_PLUGIN_EV_VCPU_SYSCALL_RET,
+QEMU_PLUGIN_EV_FLUSH,
+QEMU_PLUGIN_EV_ATEXIT,
+QEMU_PLUGIN_EV_MAX, /* total number of plugin events we support */
+};
+
+#endif /* QEMU_PLUGIN_EVENT_H */
diff --git a/include/qemu/plugin.h b/include/qemu/plugin.h
index e0ebedef84..6bf4bce188 100644
--- a/include/qemu/plugin.h
+++ b/include/qemu/plugin.h
@@ -12,24 +12,9 @@
#include "qemu/error-report.h"
#include "qemu/queue.h"
#include "qemu/option.h"
+#include "qemu/plugin-event.h"
#include "exec/memopidx.h"
-/*
- * Events that plugins can subscribe to.
- */
-enum qemu_plugin_event {
-QEMU_PLUGIN_EV_VCPU_INIT,
-QEMU_PLUGIN_EV_VCPU_EXIT,
-QEMU_PLUGIN_EV_VCPU_TB_TRANS,
-QEMU_PLUGIN_EV_VCPU_IDLE,
-QEMU_PLUGIN_EV_VCPU_RESUME,
-QEMU_PLUGIN_EV_VCPU_SYSCALL,
-QEMU_PLUGIN_EV_VCPU_SYSCALL_RET,
-QEMU_PLUGIN_EV_FLUSH,
-QEMU_PLUGIN_EV_ATEXIT,
-QEMU_PLUGIN_EV_MAX, /* total number of plugin events we support */
-};
-
/*
* Option parsing/processing.
* Note that we can load an arbitrary number of plugins.
--
2.34.1
[PATCH v2 1/7] tcg: Clear plugin_mem_cbs on TB exit
Do this in cpu_tb_exec (normal exit) and cpu_loop_exit (exception),
adjacent to where we reset can_do_io.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1381
Signed-off-by: Richard Henderson
---
accel/tcg/cpu-exec-common.c | 2 ++
accel/tcg/cpu-exec.c| 5 +
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/accel/tcg/cpu-exec-common.c b/accel/tcg/cpu-exec-common.c
index c7bc8c6efa..176ea57281 100644
--- a/accel/tcg/cpu-exec-common.c
+++ b/accel/tcg/cpu-exec-common.c
@@ -65,6 +65,8 @@ void cpu_loop_exit(CPUState *cpu)
{
/* Undo the setting in cpu_tb_exec. */
cpu->can_do_io = 1;
+/* Undo any setting in generated code. */
+qemu_plugin_disable_mem_helpers(cpu);
siglongjmp(cpu->jmp_env, 1);
}
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 56aaf58b9d..c815f2dbfd 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -459,6 +459,7 @@ cpu_tb_exec(CPUState *cpu, TranslationBlock *itb, int
*tb_exit)
qemu_thread_jit_execute();
ret = tcg_qemu_tb_exec(env, tb_ptr);
cpu->can_do_io = 1;
+qemu_plugin_disable_mem_helpers(cpu);
/*
* TODO: Delay swapping back to the read-write region of the TB
* until we actually need to modify the TB. The read-only copy,
@@ -526,7 +527,6 @@ static void cpu_exec_exit(CPUState *cpu)
if (cc->tcg_ops->cpu_exec_exit) {
cc->tcg_ops->cpu_exec_exit(cpu);
}
-QEMU_PLUGIN_ASSERT(cpu->plugin_mem_cbs == NULL);
}
void cpu_exec_step_atomic(CPUState *cpu)
@@ -580,7 +580,6 @@ void cpu_exec_step_atomic(CPUState *cpu)
qemu_mutex_unlock_iothread();
}
assert_no_pages_locked();
-qemu_plugin_disable_mem_helpers(cpu);
}
/*
@@ -1004,7 +1003,6 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc)
cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit);
-QEMU_PLUGIN_ASSERT(cpu->plugin_mem_cbs == NULL);
/* Try to align the host and virtual clocks
if the guest is in advance */
align_clocks(sc, cpu);
@@ -1029,7 +1027,6 @@ static int cpu_exec_setjmp(CPUState *cpu, SyncClocks *sc)
if (qemu_mutex_iothread_locked()) {
qemu_mutex_unlock_iothread();
}
-qemu_plugin_disable_mem_helpers(cpu);
assert_no_pages_locked();
}
--
2.34.1
[PATCH v2 3/7] include/qemu/plugin: Remove QEMU_PLUGIN_ASSERT
This macro is no longer used.
Signed-off-by: Richard Henderson
---
include/qemu/plugin.h | 4
1 file changed, 4 deletions(-)
diff --git a/include/qemu/plugin.h b/include/qemu/plugin.h
index fb338ba576..e0ebedef84 100644
--- a/include/qemu/plugin.h
+++ b/include/qemu/plugin.h
@@ -59,8 +59,6 @@ get_plugin_meminfo_rw(qemu_plugin_meminfo_t i)
#ifdef CONFIG_PLUGIN
extern QemuOptsList qemu_plugin_opts;
-#define QEMU_PLUGIN_ASSERT(cond) g_assert(cond)
-
static inline void qemu_plugin_add_opts(void)
{
qemu_add_opts(&qemu_plugin_opts);
@@ -252,8 +250,6 @@ void qemu_plugin_user_postfork(bool is_child);
#else /* !CONFIG_PLUGIN */
-#define QEMU_PLUGIN_ASSERT(cond)
-
static inline void qemu_plugin_add_opts(void)
{ }
--
2.34.1
Re: [PATCH 11/12] target/s390x: Update do_unaligned_access() comment
On 3/10/23 09:42, Ilya Leoshkevich wrote: Relative long instructions now depend on do_unaligned_access() too. Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/excp_helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 01/12] target/s390x: Handle branching to odd addresses
On Fri, 2023-03-10 at 11:24 -0800, Richard Henderson wrote:
> On 3/10/23 09:42, Ilya Leoshkevich wrote:
> > @@ -381,6 +382,14 @@ static inline int cpu_mmu_index(CPUS390XState
> > *env, bool ifetch)
> > static inline void cpu_get_tb_cpu_state(CPUS390XState* env,
> > target_ulong *pc,
> > target_ulong *cs_base,
> > uint32_t *flags)
> > {
> > + if (env->psw.addr & 1) {
> > + /*
> > + * Instructions must be at even addresses.
> > + * This needs to be checked before address translation.
> > + */
> > + env->int_pgm_ilen = 2; /* see s390_cpu_tlb_fill() */
> > + tcg_s390_program_interrupt(env, PGM_SPECIFICATION, 0);
> > + }
>
> This is incorrect placement. You can't raise an exception from all
> of the places from
> which this is called.
>
> You need to do this at the start of s390x_tr_translate_insn.
> Compare aarch64_tr_translate_insn and the test for (pc & 3).
>
>
> r~
The problem is that it's too late - for non-mapped memory we would get
a translation exception instead of a specification exception.
I see the following call sites:
- HELPER(lookup_tb_ptr) - for helpers the exceptions should work;
- cpu_exec_loop(), cpu_exec_step_atomic - these are wrapped in setjmp,
so it should be ok too?
- tb_check_watchpoint() - is this the problematic one?
Am I missing something?
Re: [PATCH 10/12] target/s390x: Handle STGRL to non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_8 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/insn-data.h.inc | 8 target/s390x/tcg/translate.c | 3 ++- 2 files changed, 6 insertions(+), 5 deletions(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 09/12] target/s390x: Handle STRL to non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_4 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/insn-data.h.inc | 12 ++-- target/s390x/tcg/translate.c | 3 ++- 2 files changed, 8 insertions(+), 7 deletions(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 08/12] target/s390x: Handle CLRL and CLGFRL with non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_4 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/translate.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 07/12] target/s390x: Handle CGRL and CLGRL with non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_8 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/translate.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 06/12] target/s390x: Handle CRL and CGFRL with non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_4 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/translate.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) MO_ALIGN again, but otherwise Reviewed-by: Richard Henderson r~
Re: [PATCH 02/12] target/s390x: Handle EXECUTE of odd addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Generate a specification exception in the helper before trying to fetch the instruction. Reported-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/mem_helper.c | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 04/12] target/s390x: Handle LRL and LGFRL from non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_4 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/insn-data.h.inc | 14 +++--- target/s390x/tcg/translate.c | 3 ++- 2 files changed, 9 insertions(+), 8 deletions(-) Reviewed-by: Richard Henderson Note that both this and the previous could use MO_ALIGN, getting the required alignment from the operand size. r~
Re: [PATCH 05/12] target/s390x: Handle LLGFRL from non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_4 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/insn-data.h.inc | 6 +++--- target/s390x/tcg/translate.c | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 03/12] target/s390x: Handle LGRL from non-aligned addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote: Use MO_ALIGN_8 and let do_unaligned_access() generate a specification exception. Reported-by: Nina Schoetterl-Glausch Suggested-by: Nina Schoetterl-Glausch Signed-off-by: Ilya Leoshkevich --- target/s390x/tcg/insn-data.h.inc | 6 +++--- target/s390x/tcg/translate.c | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) Reviewed-by: Richard Henderson r~
Re: [PATCH 01/12] target/s390x: Handle branching to odd addresses
On 3/10/23 09:42, Ilya Leoshkevich wrote:
@@ -381,6 +382,14 @@ static inline int cpu_mmu_index(CPUS390XState *env, bool
ifetch)
static inline void cpu_get_tb_cpu_state(CPUS390XState* env, target_ulong *pc,
target_ulong *cs_base, uint32_t
*flags)
{
+if (env->psw.addr & 1) {
+/*
+ * Instructions must be at even addresses.
+ * This needs to be checked before address translation.
+ */
+env->int_pgm_ilen = 2; /* see s390_cpu_tlb_fill() */
+tcg_s390_program_interrupt(env, PGM_SPECIFICATION, 0);
+}
This is incorrect placement. You can't raise an exception from all of the places from
which this is called.
You need to do this at the start of s390x_tr_translate_insn.
Compare aarch64_tr_translate_insn and the test for (pc & 3).
r~
RE: [PATCH v2] TCG plugin API extension to read guest memory content by an address
> > Do you mean concurrent access to the same memory block by multiple > > threads? > > Yes - although we also see MMU changes updating a mapping for a given > vaddr -> phys address. > > > > > I think , for guest threads/cores if we observe mismatch of memory content > > read by a plugin and instruction > > itself, then it should clearly indicate that guest software has true data > > race problem sitting somewhere > > in its code. Otherwise other threads would wait on a synchronization object > > to let current thread > > perform both memory operations (plugin callback + instruction). > > Other threads don't pause at all (unless you do something in the plugin > to force that) By correct multi-threaded code I mean that two concurrent accesses should be synchronized by the application itself to ensure it correctness. For example two thread access the same memory using a lock: T1: Lock read mem Unlock T2: Lock write mem Unlock If a plugin inserts memory callback at read/write mem instruction, it will be implicitly synchronized with another thread. On the other hand, if application misses the lock, it has data race regardless of inserted callbacks. So, the plugin will get undefined content anyway. T1 T2 read memwrite mem > > On the other hand, concurrent access > > using atomic operation will indeed cause either plugin or instruction to > > read invalid memory content. > > > > Isn’t it the same problem as we face in case of GDB attached to running > > Qemu instance (gdbserver) and > > asking it to read some memory? How is it solved there? > > Yes and it's not solved except usually most interactions with the guest > during debugging are while the system is paused. > > -- > Alex Bennée > Virtualisation Tech Lead @ Linaro
Re: [PATCH nbd 0/4] Enable multi-conn NBD [for discussion only]
On Fri, Mar 10, 2023 at 01:04:12PM -0600, Eric Blake wrote: > How many of these timing numbers can be repeated with TLS in the mix? While I have been playing with TLS and kTLS recently, it's not something that is especially important to v2v since all NBD traffic goes over Unix domain sockets only (ie. it's used as kind of interprocess communication). I could certainly provide benchmarks, although as I'm going on holiday shortly it may be a little while. > > Curl local server test (./multi-conn.pl curlhttp) > > = > > > > Localhost Apache serving a file over http > > | > > | http > > v > > nbdkit-curl-plugin or qemu-nbd > > | > > | nbd+unix > > v > > qemu-img convert or nbdcopy > > > > We download an image from a local web server through > > nbdkit-curl-plugin or qemu-nbd using the curl block driver, over NBD. > > The image is copied to /dev/null. > > > > server clientmulti-conn > > --- > > qemu-nbd nbdcopy 1 8.88s > > qemu-nbd nbdcopy 2 8.64s > > qemu-nbd nbdcopy 4 8.37s > > qemu-nbdqemu-img [u/s] 6.47s > > Do we have any good feel for why qemu-img is faster than nbdcopy in > the baseline? But improving that is orthogonal to this series. I do not, but we have in the past found that results can be very sensitive to request size. By default (and also in all of these tests) nbdcopy is using a request size of 256K, and qemu-img is using a request size of 2M. > > qemu-nbdqemu-img 1 6.56s > > qemu-nbdqemu-img 2 6.63s > > qemu-nbdqemu-img 4 6.50s > > nbdkit nbdcopy 1 12.15s > > I'm assuming this is nbdkit with your recent in-progress patches to > have the curl plugin serve parallel requests. But another place where > we can investigate why nbdkit is not as performant as qemu-nbd at > utilizing curl. > > > nbdkit nbdcopy 2 7.05s (72.36% better) > > nbdkit nbdcopy 4 3.54s (242.90% better) > > That one is impressive! > > > nbdkitqemu-img [u/s] 6.90s > > nbdkitqemu-img 1 7.00s > > Minimal penalty for adding the code but not utilizing it... [u/s] and qemu-img with multi-conn:1 ought to be identical actually. After all, the only difference should be the restructuring of the code to add the intermediate NBDConnState struct In this case it's probably just measurement error. > > nbdkitqemu-img 2 3.85s (79.15% better) > > nbdkitqemu-img 4 3.85s (79.15% better) > > ...and definitely shows its worth. > > > > > > > Curl local file test (./multi-conn.pl curlfile) > > === > > > > nbdkit-curl-plugin using file:/// URI > > | > > | nbd+unix > > v > > qemu-img convert or nbdcopy > > > > We download from a file:/// URI. This test is designed to exercise > > NBD and some curl internal paths without the overhead from an external > > server. qemu-nbd doesn't support file:/// URIs so we cannot duplicate > > the test for qemu as server. > > > > server clientmulti-conn > > --- > > nbdkit nbdcopy 1 31.32s > > nbdkit nbdcopy 2 20.29s (54.38% better) > > nbdkit nbdcopy 4 13.22s (136.91% better) > > nbdkitqemu-img [u/s] 31.55s > > Here, the baseline is already comparable; both nbdcopy and qemu-img > are parsing the image off nbdkit in about the same amount of time. > > > nbdkitqemu-img 1 31.70s > > And again, minimal penalty for having the new code in place but not > exploiting it. > > > nbdkitqemu-img 2 21.60s (46.07% better) > > nbdkitqemu-img 4 13.88s (127.25% better) > > Plus an obvious benefit when the parallel sockets matter. > > > > > > > Curl remote server test (./multi-conn.pl curlremote) > > > > > > nbdkit-curl-plugin using http://remote/*.qcow2 URI > > | > > | nbd+unix > > v > > qemu-img convert > > > > We download from a remote qcow2 file to a local raw file, converting > > between formats during copying. > > > > qemu-nbd using http://remote/*.qcow2 URI > > | > > | nbd+unix > > v > > qemu-img convert > > > > Similarly, replacing nbdkit with qemu-nbd (treating the remote file as > > if it is raw, so the conversion is still done by qemu-img). > > > > Additionally we compare downloading the file with wget (note this > > doesn't include the time for conversion, but that
Re: [PATCH nbd 0/4] Enable multi-conn NBD [for discussion only]
On Thu, Mar 09, 2023 at 11:39:42AM +, Richard W.M. Jones wrote: > [ Patch series also available here, along with this cover letter and the > script used to generate test results: > https://gitlab.com/rwmjones/qemu/-/commits/2023-nbd-multi-conn-v1 ] > > This patch series adds multi-conn support to the NBD block driver in > qemu. It is only meant for discussion and testing because it has a > number of obvious shortcomings (see "XXX" in commit messages and > code). If we decided this was a good idea, we can work on a better > patch. Overall, I'm in favor of this. A longer term project might be to have qemu's NBD client code call into libnbd instead of reimplementing things itself, at which point having libnbd manage multi-conn under the hood would be awesome, but as that's a much bigger effort, a shorter-term task of having qemu itself handle parallel sockets seems worthwhile. > > - It works effectively for qemu client & nbdkit server, especially in >cases where the server does large, heavyweight requests. This is >important for us because virt-v2v uses an nbdkit Python plugin and >various other heavyweight plugins (eg. plugins that access remote >servers for each request). > > - It seems to make little or no difference with qemu + qemu-nbd >server. I speculate that's because qemu-nbd doesn't support system >threads, so networking is bottlenecked through a single core. Even >though there are coroutines handling different sockets, they must >all wait in turn to issue send(3) or recv(3) calls on the same >core. Is the current work to teach qemu to do multi-queue (that is, spread the I/O load for a single block device across multiple cores) going to help here? I haven't been following the multi-queue efforts closely enough to know if the approach used in this series will play nicely, or need even further overhaul. > > - qemu-img unfortunately uses a single thread for all coroutines so >it suffers from a similar problem to qemu-nbd. This change would >be much more effective if we could distribute coroutines across >threads. qemu-img uses the same client code as qemu-nbd; any multi-queue improvements that can spread the send()/recv() load of multiple sockets across multiple cores will benefit both programs simultaneously. > > - For tests which are highly bottlenecked on disk I/O (eg. the large >local file test and null test) multi-conn doesn't make much >difference. As long as it isn't adding to much penalty, that's okay. If the saturation is truly at the point of how fast disk requests can be served, it doesn't matter if we can queue up more of those requests in parallel across multiple NBD sockets. > > - Multi-conn even with only 2 connections can make up for the >overhead of range requests, exceeding the performance of wget. That alone is a rather cool result, and an argument in favor of further developing this. > > - In the curlremote test, qemu-nbd is especially slow, for unknown >reasons. > > > Integrity test (./multi-conn.pl integrity) > == > > nbdkit-sparse-random-plugin > | ^ > | nbd+unix| nbd+unix > v | >qemu-img convert > > Reading from and writing the same data back to nbdkit sparse-random > plugin checks that the data written is the same as the data read. > This uses two Unix domain sockets, with or without multi-conn. This > test is mainly here to check we don't crash or corrupt data with this > patch. > > server clientmulti-conn > --- > nbdkit qemu-img [u/s] 9.07s > nbdkit qemu-img 1 9.05s > nbdkit qemu-img 2 9.02s > nbdkit qemu-img 4 8.98s > > [u/s] = upstream qemu 7.2.0 How many of these timing numbers can be repeated with TLS in the mix? > > > Curl local server test (./multi-conn.pl curlhttp) > = > > Localhost Apache serving a file over http > | > | http > v > nbdkit-curl-plugin or qemu-nbd > | > | nbd+unix > v > qemu-img convert or nbdcopy > > We download an image from a local web server through > nbdkit-curl-plugin or qemu-nbd using the curl block driver, over NBD. > The image is copied to /dev/null. > > server clientmulti-conn > --- > qemu-nbd nbdcopy 1 8.88s > qemu-nbd nbdcopy 2 8.64s > qemu-nbd nbdcopy 4 8.37s > qemu-nbd qemu-img [u/s] 6.47s Do we have any good feel for why qemu-img is faster than nbdcopy in the baseline? But improving that is orthogonal to this series. > qemu-nbd qemu-img
[PATCH v2] Fix incorrect register name in disassembler for fmv,fabs,fneg instructions
Fix incorrect register name in RISC-V disassembler for fmv,fabs,fneg
instructions
Signed-off-by: Mikhail Tyutin
Reviewed-by: Alistair Francis
---
disas/riscv.c | 19 ++-
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/disas/riscv.c b/disas/riscv.c
index 544558..882594c1be 100644
--- a/disas/riscv.c
+++ b/disas/riscv.c
@@ -1014,6 +1014,7 @@ static const char rv_vreg_name_sym[32][4] = {
#define rv_fmt_rd_offset "O\t0,o"
#define rv_fmt_rd_rs1_rs2 "O\t0,1,2"
#define rv_fmt_frd_rs1"O\t3,1"
+#define rv_fmt_frd_frs1 "O\t3,4"
#define rv_fmt_rd_frs1"O\t0,4"
#define rv_fmt_rd_frs1_frs2 "O\t0,4,5"
#define rv_fmt_frd_frs1_frs2 "O\t3,4,5"
@@ -1580,15 +1581,15 @@ const rv_opcode_data opcode_data[] = {
{ "snez", rv_codec_r, rv_fmt_rd_rs2, NULL, 0, 0, 0 },
{ "sltz", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
{ "sgtz", rv_codec_r, rv_fmt_rd_rs2, NULL, 0, 0, 0 },
-{ "fmv.s", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fabs.s", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fneg.s", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fmv.d", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fabs.d", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fneg.d", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fmv.q", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fabs.q", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
-{ "fneg.q", rv_codec_r, rv_fmt_rd_rs1, NULL, 0, 0, 0 },
+{ "fmv.s", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fabs.s", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fneg.s", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fmv.d", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fabs.d", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fneg.d", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fmv.q", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fabs.q", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
+{ "fneg.q", rv_codec_r, rv_fmt_frd_frs1, NULL, 0, 0, 0 },
{ "beqz", rv_codec_sb, rv_fmt_rs1_offset, NULL, 0, 0, 0 },
{ "bnez", rv_codec_sb, rv_fmt_rs1_offset, NULL, 0, 0, 0 },
{ "blez", rv_codec_sb, rv_fmt_rs2_offset, NULL, 0, 0, 0 },
--
2.34.1
Re: [PATCH 09/11] tests/tcg: disable pauth for aarch64 gdb tests
(adding some more gdb types to CC) Fabiano Rosas writes: > Peter Maydell writes: > >> On Fri, 10 Mar 2023 at 10:31, Alex Bennée wrote: >>> >>> You need a very new gdb to be able to run with pauth support otherwise >>> your likely to hit asserts and aborts. Disable pauth for now until we >>> can properly probe support in gdb. >>> >>> Signed-off-by: Alex Bennée >> >> If it makes gdb fall over, then shouldn't we be disabling >> the pauth gdbstub stuff entirely ? Otherwise even if our >> tests are fine our users will not be... >> > > Have you seem my message on IRC about changing the feature name in the > XML? I think the issue is that we're putting the .xml in a "namespace" > where GDB expects to only find stuff which it has code to > support. Changing from "org.gnu.gdb.aarch64.pauth" to > "org.qemu.aarch64.pauth" made it stop crashing and I can read the > registers just fine. That would work, although I would prefer to probe support so we can use the official namespace. We went through something similar with SVE until: 797920b952 (target/arm: use official org.gnu.gdb.aarch64.sve layout for registers) which required: b1863ccc95 (configure: gate our use of GDB to 8.3.1 or above) Since then we've introduced: ./scripts/probe-gdb-support.py which given the runes to check for pauth support in gdb could expose a symbol and we get the best of both worlds. Of course if this keeps happening we could throw up our hands and just use custom XML for all the extra register sets. -- Alex Bennée Virtualisation Tech Lead @ Linaro
Re: [PATCH 09/11] tests/tcg: disable pauth for aarch64 gdb tests
Peter Maydell writes: > On Fri, 10 Mar 2023 at 18:00, Fabiano Rosas wrote: >> >> Peter Maydell writes: >> >> > On Fri, 10 Mar 2023 at 10:31, Alex Bennée wrote: >> >> >> >> You need a very new gdb to be able to run with pauth support otherwise >> >> your likely to hit asserts and aborts. Disable pauth for now until we >> >> can properly probe support in gdb. >> >> >> >> Signed-off-by: Alex Bennée >> > >> > If it makes gdb fall over, then shouldn't we be disabling >> > the pauth gdbstub stuff entirely ? Otherwise even if our >> > tests are fine our users will not be... >> > >> >> Have you seem my message on IRC about changing the feature name in the >> XML? I think the issue is that we're putting the .xml in a "namespace" >> where GDB expects to only find stuff which it has code to >> support. Changing from "org.gnu.gdb.aarch64.pauth" to >> "org.qemu.aarch64.pauth" made it stop crashing and I can read the >> registers just fine. > > But then presumably a pauth-aware GDB won't actually know > the values it needs to be able to convert between with-PAC > and without-PAC addresses for backtracing? > Good question. Although that feels to me more like a GDB feature. If we don't break it even worse by doing that, the QEMU side which is more about reading the registers should be fine. Note that we already have other .xml files using a .qemu namespace in the codebase. As I understand it, gdb simply treats these as extra registers not tied to any specific feature.
Re: [PATCH 09/11] tests/tcg: disable pauth for aarch64 gdb tests
On 3/10/23 09:47, Peter Maydell wrote: On Fri, 10 Mar 2023 at 10:31, Alex Bennée wrote: You need a very new gdb to be able to run with pauth support otherwise your likely to hit asserts and aborts. Disable pauth for now until we can properly probe support in gdb. Signed-off-by: Alex Bennée If it makes gdb fall over, then shouldn't we be disabling the pauth gdbstub stuff entirely ? Otherwise even if our tests are fine our users will not be... It is, annoyingly, a bug in gdb 12 alone. Before gdb 12, the pauth extension isn't recognized and so it gets treated as non-special registers. From gdb 13, whatever lead to the internal_error() is fixed and the extension works swimmingly. r~
Re: [PATCH 09/11] tests/tcg: disable pauth for aarch64 gdb tests
On Fri, 10 Mar 2023 at 18:00, Fabiano Rosas wrote: > > Peter Maydell writes: > > > On Fri, 10 Mar 2023 at 10:31, Alex Bennée wrote: > >> > >> You need a very new gdb to be able to run with pauth support otherwise > >> your likely to hit asserts and aborts. Disable pauth for now until we > >> can properly probe support in gdb. > >> > >> Signed-off-by: Alex Bennée > > > > If it makes gdb fall over, then shouldn't we be disabling > > the pauth gdbstub stuff entirely ? Otherwise even if our > > tests are fine our users will not be... > > > > Have you seem my message on IRC about changing the feature name in the > XML? I think the issue is that we're putting the .xml in a "namespace" > where GDB expects to only find stuff which it has code to > support. Changing from "org.gnu.gdb.aarch64.pauth" to > "org.qemu.aarch64.pauth" made it stop crashing and I can read the > registers just fine. But then presumably a pauth-aware GDB won't actually know the values it needs to be able to convert between with-PAC and without-PAC addresses for backtracing? Luis, how is this intended to work? Is there some way the stub can check with the gdb that's connected whether the gdb is able to cope with the pauth XML, so it can avoid sending it to a gdb that is going to crash if it sees it ? thanks -- PMM
Re: [PATCH v2 01/10] contrib/gitdm: Add Rivos Inc to the domain map
On Fri, 10 Mar 2023 10:03:23 PST (-0800), alex.ben...@linaro.org wrote: Whatever they are up to a number of people for the company are contributing to QEMU so lets group them together. Signed-off-by: Alex Bennée Cc: Atish Patra Cc: Dao Lu Cc: Andrew Bresticker Cc: Palmer Dabbelt Cc: Vineet Gupta --- contrib/gitdm/domain-map | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index 8913a886c9..7a8077e241 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -32,6 +32,7 @@ oracle.com Oracle proxmox.com Proxmox quicinc.com Qualcomm Innovation Center redhat.com Red Hat +rivosinc.comRivos Inc rt-rk.com RT-RK samsung.com Samsung siemens.com Siemens Reviewed-by: Palmer Dabbelt Acked-by: Palmer Dabbelt Thanks!
[PATCH v2 03/10] contrib/gitdm: Add ASPEED Technology to the domain map
We have a number of contributors from this domain which looks like it is a corporate endeavour. Signed-off-by: Alex Bennée Cc: Steven Lee Cc: Troy Lee Cc: Howard Chiu Cc: Jamin Lin --- contrib/gitdm/domain-map | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index 7a8077e241..bd989d065c 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -5,6 +5,7 @@ # amd.com AMD +aspeedtech.com ASPEED Technology Inc. baidu.com Baidu bytedance.com ByteDance cmss.chinamobile.com China Mobile -- 2.39.2
[PATCH v2 10/10] contrib/gitdm: add group map for AMD
AMD recently acquired Xilinx and contributors have been transitioning their emails across. Signed-off-by: Alex Bennée Cc: Vikram Garhwal Cc: Francisco Iglesias Cc: Stefano Stabellini Cc: Sai Pavan Boddu Cc: Tong Ho --- contrib/gitdm/domain-map| 1 - contrib/gitdm/group-map-amd | 8 gitdm.config| 1 + 3 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 contrib/gitdm/group-map-amd diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index ee0804b6ed..79fd65b077 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -50,6 +50,5 @@ virtuozzo.com Virtuozzo vrull.euVRULL wdc.com Western Digital windriver.com Wind River -xilinx.com Xilinx yadro.com YADRO yandex-team.ru Yandex diff --git a/contrib/gitdm/group-map-amd b/contrib/gitdm/group-map-amd new file mode 100644 index 00..bda4239a8a --- /dev/null +++ b/contrib/gitdm/group-map-amd @@ -0,0 +1,8 @@ +# AMD acquired Xilinx and contributors have been slowly updating emails + +edgar.igles...@xilinx.com +fnu.vik...@xilinx.com +francisco.igles...@xilinx.com +sai.pavan.bo...@xilinx.com +stefano.stabell...@xilinx.com +tong...@xilinx.com diff --git a/gitdm.config b/gitdm.config index 6908ddbd19..c9d961dd23 100644 --- a/gitdm.config +++ b/gitdm.config @@ -32,6 +32,7 @@ EmailMap contrib/gitdm/domain-map # GroupMap contrib/gitdm/group-map-alibaba Alibaba +GroupMap contrib/gitdm/group-map-amd AMD GroupMap contrib/gitdm/group-map-cadence Cadence Design Systems GroupMap contrib/gitdm/group-map-codeweavers CodeWeavers GroupMap contrib/gitdm/group-map-facebook Facebook -- 2.39.2
[PATCH v2 01/10] contrib/gitdm: Add Rivos Inc to the domain map
Whatever they are up to a number of people for the company are contributing to QEMU so lets group them together. Signed-off-by: Alex Bennée Cc: Atish Patra Cc: Dao Lu Cc: Andrew Bresticker Cc: Palmer Dabbelt Cc: Vineet Gupta --- contrib/gitdm/domain-map | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index 8913a886c9..7a8077e241 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -32,6 +32,7 @@ oracle.com Oracle proxmox.com Proxmox quicinc.com Qualcomm Innovation Center redhat.com Red Hat +rivosinc.comRivos Inc rt-rk.com RT-RK samsung.com Samsung siemens.com Siemens -- 2.39.2
[PATCH v2 05/10] contrib/gitdm: Add SYRMIA to the domain map
The company website lists QEMU amongst the things they work on so I assume these are corporate contributions. Signed-off-by: Alex Bennée Cc: Milica Lazarevic --- contrib/gitdm/domain-map | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index bd989d065c..570e63c9e1 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -40,6 +40,7 @@ siemens.com Siemens sifive.com SiFive suse.comSUSE suse.de SUSE +syrmia.com SYRMIA ventanamicro.com Ventana Micro Systems virtuozzo.com Virtuozzo vrull.euVRULL -- 2.39.2
[PATCH v2 04/10] contrib/gitdm: add a group map for Google
Long standing community contributors often use their upstream email addresses when working on project. Signed-off-by: Alex Bennée Cc: Marc Zyngier --- contrib/gitdm/group-map-google | 5 + gitdm.config | 1 + 2 files changed, 6 insertions(+) create mode 100644 contrib/gitdm/group-map-google diff --git a/contrib/gitdm/group-map-google b/contrib/gitdm/group-map-google new file mode 100644 index 00..8c53e0cf67 --- /dev/null +++ b/contrib/gitdm/group-map-google @@ -0,0 +1,5 @@ +# +# Some Google employees contribute using their upstream email addresses. +# + +m...@kernel.org diff --git a/gitdm.config b/gitdm.config index 75b55b3603..4b52ee47be 100644 --- a/gitdm.config +++ b/gitdm.config @@ -34,6 +34,7 @@ EmailMap contrib/gitdm/domain-map GroupMap contrib/gitdm/group-map-cadence Cadence Design Systems GroupMap contrib/gitdm/group-map-codeweavers CodeWeavers GroupMap contrib/gitdm/group-map-facebook Facebook +GroupMap contrib/gitdm/group-map-google Google GroupMap contrib/gitdm/group-map-ibm IBM GroupMap contrib/gitdm/group-map-janustech Janus Technologies GroupMap contrib/gitdm/group-map-netflix Netflix -- 2.39.2
[PATCH v2 07/10] contrib/gitdm: add Alibaba to the domain-map
This replaces the previous attempt to add c-sky.com so I've dropped the review/ack tags. Group everything under Alibaba now. Added as requested by LIU Zhiwei. Signed-off-by: Alex Bennée Cc: LIU Zhiwei Cc: Xuan Zhuo Cc: Guo Ren --- contrib/gitdm/domain-map| 1 + contrib/gitdm/group-map-alibaba | 7 +++ gitdm.config| 1 + 3 files changed, 9 insertions(+) create mode 100644 contrib/gitdm/group-map-alibaba diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index 0261533990..e678c23a9c 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -4,6 +4,7 @@ # This maps email domains to nice easy to read company names # +linux.alibaba.com Alibaba amazon.com Amazon amazon.co.ukAmazon amd.com AMD diff --git a/contrib/gitdm/group-map-alibaba b/contrib/gitdm/group-map-alibaba new file mode 100644 index 00..0ebbe6b06e --- /dev/null +++ b/contrib/gitdm/group-map-alibaba @@ -0,0 +1,7 @@ +# +# Alibaba contributors including its subsidiaries +# + +# c-sky.com, now part of T-Head, wholly-owned entity of Alibaba Group +ren_...@c-sky.com +zhiwei_...@c-sky.com diff --git a/gitdm.config b/gitdm.config index 4b52ee47be..6908ddbd19 100644 --- a/gitdm.config +++ b/gitdm.config @@ -31,6 +31,7 @@ EmailMap contrib/gitdm/domain-map # identifiable corporate emails. Please keep this list sorted. # +GroupMap contrib/gitdm/group-map-alibaba Alibaba GroupMap contrib/gitdm/group-map-cadence Cadence Design Systems GroupMap contrib/gitdm/group-map-codeweavers CodeWeavers GroupMap contrib/gitdm/group-map-facebook Facebook -- 2.39.2
[PATCH v2 02/10] contrib/gitdm: add a group map for SiFive
Some SiFive contributors use there personal emails. Add a group map for those developers. Please confirm. Signed-off-by: Alex Bennée Cc: eopXD --- contrib/gitdm/group-map-sifive | 5 + gitdm.config | 1 + 2 files changed, 6 insertions(+) create mode 100644 contrib/gitdm/group-map-sifive diff --git a/contrib/gitdm/group-map-sifive b/contrib/gitdm/group-map-sifive new file mode 100644 index 00..6ba761eb22 --- /dev/null +++ b/contrib/gitdm/group-map-sifive @@ -0,0 +1,5 @@ +# +# SiFive contributors using non-corporate email +# + +yueh.ting.c...@gmail.com diff --git a/gitdm.config b/gitdm.config index 907ffde017..75b55b3603 100644 --- a/gitdm.config +++ b/gitdm.config @@ -38,6 +38,7 @@ GroupMap contrib/gitdm/group-map-ibm IBM GroupMap contrib/gitdm/group-map-janustech Janus Technologies GroupMap contrib/gitdm/group-map-netflix Netflix GroupMap contrib/gitdm/group-map-redhat Red Hat +GroupMap contrib/gitdm/group-map-sifive SiFive GroupMap contrib/gitdm/group-map-wavecomp Wave Computing # Also group together our prolific individual contributors -- 2.39.2
[PATCH v2 09/10] contrib/gitdm: add more individual contributors
I'll only add names explicitly acked here. Let me know if you want contributions mapped to a company instead. Signed-off-by: Alex Bennée Cc: Bernhard Beschow Cc: Amarjargal Gundjalam Cc: Bin Meng Cc: Jason A. Donenfeld Cc: Strahinja Jankovic --- contrib/gitdm/group-map-individuals | 5 + 1 file changed, 5 insertions(+) diff --git a/contrib/gitdm/group-map-individuals b/contrib/gitdm/group-map-individuals index e2263a5ee3..0e4618f1ce 100644 --- a/contrib/gitdm/group-map-individuals +++ b/contrib/gitdm/group-map-individuals @@ -38,3 +38,8 @@ p...@nowt.org g...@xen0n.name si...@simonsafar.com research_tra...@irq.a4lg.com +shen...@gmail.com +bm...@tinylab.org +amarjarga...@gmail.com +strahinjapjanko...@gmail.com +ja...@zx2c4.com -- 2.39.2
[PATCH v2 08/10] contrib/gitdm: add revng to domain map
Not sure what the correct style should be, please advise. Signed-off-by: Alex Bennée Cc: Anton Johansson Cc: Alessandro Di Federico Cc: Niccolò Izzo Cc: Paolo Montesel --- contrib/gitdm/domain-map | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index e678c23a9c..ee0804b6ed 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -36,6 +36,7 @@ oracle.com Oracle proxmox.com Proxmox quicinc.com Qualcomm Innovation Center redhat.com Red Hat +rev.ng revng rivosinc.comRivos Inc rt-rk.com RT-RK samsung.com Samsung -- 2.39.2
[PATCH v2 06/10] contrib/gitdm: add Amazon to the domain map
We have multiple contributors from both .co.uk and .com versions of the address. Signed-off-by: Alex Bennée Cc: Alexander Graf Cc: Paul Durrant Cc: David Wooodhouse --- contrib/gitdm/domain-map | 2 ++ 1 file changed, 2 insertions(+) diff --git a/contrib/gitdm/domain-map b/contrib/gitdm/domain-map index 570e63c9e1..0261533990 100644 --- a/contrib/gitdm/domain-map +++ b/contrib/gitdm/domain-map @@ -4,6 +4,8 @@ # This maps email domains to nice easy to read company names # +amazon.com Amazon +amazon.co.ukAmazon amd.com AMD aspeedtech.com ASPEED Technology Inc. baidu.com Baidu -- 2.39.2
[PATCH v2 00/10] gitdm metadata updates
Hi, I've sent a PR with the acked names so this series contains those that didn't respond as well as some updates from the new year. The c-sky situation is a little confused but I saw t-head was part of Alibaba so have wrapped them all up there. Do let me know if you want different mappings. Thanks, Alex. Alex Bennée (10): contrib/gitdm: Add Rivos Inc to the domain map contrib/gitdm: add a group map for SiFive contrib/gitdm: Add ASPEED Technology to the domain map contrib/gitdm: add a group map for Google contrib/gitdm: Add SYRMIA to the domain map contrib/gitdm: add Amazon to the domain map contrib/gitdm: add Alibaba to the domain-map contrib/gitdm: add revng to domain map contrib/gitdm: add more individual contributors contrib/gitdm: add group map for AMD contrib/gitdm/domain-map| 8 +++- contrib/gitdm/group-map-alibaba | 7 +++ contrib/gitdm/group-map-amd | 8 contrib/gitdm/group-map-google | 5 + contrib/gitdm/group-map-individuals | 5 + contrib/gitdm/group-map-sifive | 5 + gitdm.config| 4 7 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 contrib/gitdm/group-map-alibaba create mode 100644 contrib/gitdm/group-map-amd create mode 100644 contrib/gitdm/group-map-google create mode 100644 contrib/gitdm/group-map-sifive -- 2.39.2
Re: [PATCH 09/11] tests/tcg: disable pauth for aarch64 gdb tests
Peter Maydell writes: > On Fri, 10 Mar 2023 at 10:31, Alex Bennée wrote: >> >> You need a very new gdb to be able to run with pauth support otherwise >> your likely to hit asserts and aborts. Disable pauth for now until we >> can properly probe support in gdb. >> >> Signed-off-by: Alex Bennée > > If it makes gdb fall over, then shouldn't we be disabling > the pauth gdbstub stuff entirely ? Otherwise even if our > tests are fine our users will not be... > Have you seem my message on IRC about changing the feature name in the XML? I think the issue is that we're putting the .xml in a "namespace" where GDB expects to only find stuff which it has code to support. Changing from "org.gnu.gdb.aarch64.pauth" to "org.qemu.aarch64.pauth" made it stop crashing and I can read the registers just fine.
Re: [PATCH 07/11] tcg: Clear plugin_mem_cbs on TB exit
On 3/10/23 09:56, Alex Bennée wrote: Richard Henderson writes: On 3/10/23 09:39, Richard Henderson wrote: + /* Undo any setting in generated code. */ + plugin_gen_disable_mem_helpers(); Oh! And this is the wrong function. Should be qemu_plugin_disable_mem_helpers. Did I miss a newer version of the patches? No, I never posted one, since you already said you picked it up with the requested changes. r~
[PULL 3/3] qed: remove spurious BDRV_POLL_WHILE()
From: Stefan Hajnoczi
This looks like a copy-paste or merge error. BDRV_POLL_WHILE() is
already called above. It's not needed in the qemu_in_coroutine() case.
Fixes: 9fb4dfc570ce ("qed: make bdrv_qed_do_open a coroutine_fn")
Signed-off-by: Stefan Hajnoczi
Message-Id: <20230309163134.398707-1-stefa...@redhat.com>
Reviewed-by: Kevin Wolf
Signed-off-by: Kevin Wolf
---
block/qed.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/block/qed.c b/block/qed.c
index ed94bb61ca..0705a7b4e2 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -594,7 +594,6 @@ static int bdrv_qed_open(BlockDriverState *bs, QDict
*options, int flags,
qemu_coroutine_enter(qemu_coroutine_create(bdrv_qed_open_entry, &qoc));
BDRV_POLL_WHILE(bs, qoc.ret == -EINPROGRESS);
}
-BDRV_POLL_WHILE(bs, qoc.ret == -EINPROGRESS);
return qoc.ret;
}
--
2.39.2
Re: [PATCH 07/11] tcg: Clear plugin_mem_cbs on TB exit
Richard Henderson writes: > On 3/10/23 09:39, Richard Henderson wrote: >> + /* Undo any setting in generated code. */ >> + plugin_gen_disable_mem_helpers(); > > Oh! And this is the wrong function. Should be > qemu_plugin_disable_mem_helpers. Did I miss a newer version of the patches? -- Alex Bennée Virtualisation Tech Lead @ Linaro
[PULL 1/3] block/fuse: Let PUNCH_HOLE write zeroes
From: Hanna Czenczek
fallocate(2) says about PUNCH_HOLE: "After a successful call, subsequent
reads from this range will return zeros." As it is, PUNCH_HOLE is
implemented as a call to blk_pdiscard(), which does not guarantee this.
We must call blk_pwrite_zeroes() instead. The difference to ZERO_RANGE
is that we pass the `BDRV_REQ_MAY_UNMAP | BDRV_REQ_NO_FALLBACK` flags to
the call -- the storage is supposed to be unmapped, and a slow fallback
by actually writing zeroes as data is not allowed.
Closes: https://gitlab.com/qemu-project/qemu/-/issues/1507
Signed-off-by: Hanna Czenczek
Message-Id: <20230227104725.33511-2-hre...@redhat.com>
Reviewed-by: Kevin Wolf
Signed-off-by: Kevin Wolf
---
block/export/fuse.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/block/export/fuse.c b/block/export/fuse.c
index e5fc4af165..06fa41079e 100644
--- a/block/export/fuse.c
+++ b/block/export/fuse.c
@@ -673,7 +673,16 @@ static void fuse_fallocate(fuse_req_t req, fuse_ino_t
inode, int mode,
do {
int size = MIN(length, BDRV_REQUEST_MAX_BYTES);
-ret = blk_pdiscard(exp->common.blk, offset, size);
+ret = blk_pwrite_zeroes(exp->common.blk, offset, size,
+BDRV_REQ_MAY_UNMAP | BDRV_REQ_NO_FALLBACK);
+if (ret == -ENOTSUP) {
+/*
+ * fallocate() specifies to return EOPNOTSUPP for unsupported
+ * operations
+ */
+ret = -EOPNOTSUPP;
+}
+
offset += size;
length -= size;
} while (ret == 0 && length > 0);
--
2.39.2
[PULL 2/3] iotests/308: Add test for 'write -zu'
From: Hanna Czenczek
Try writing zeroes to a FUSE export while allowing the area to be
unmapped; block/file-posix.c generally implements writing zeroes with
BDRV_REQ_MAY_UNMAP ('write -zu') by calling fallocate(PUNCH_HOLE). This
used to lead to a blk_pdiscard() in the FUSE export, which may or may
not lead to the area being zeroed. HEAD^ fixed this to use
blk_pwrite_zeroes() instead (again with BDRV_REQ_MAY_UNMAP), so verify
that running `qemu-io 'write -zu'` on a FUSE exports always results in
zeroes being written.
Signed-off-by: Hanna Czenczek
Message-Id: <20230227104725.33511-3-hre...@redhat.com>
Reviewed-by: Kevin Wolf
Signed-off-by: Kevin Wolf
---
tests/qemu-iotests/308 | 43 ++
tests/qemu-iotests/308.out | 35 +++
2 files changed, 78 insertions(+)
diff --git a/tests/qemu-iotests/308 b/tests/qemu-iotests/308
index 09275e9a10..de12b2b1b9 100755
--- a/tests/qemu-iotests/308
+++ b/tests/qemu-iotests/308
@@ -370,6 +370,49 @@ echo
echo '=== Compare copy with original ==='
$QEMU_IMG compare -f raw -F $IMGFMT "$COPIED_IMG" "$TEST_IMG"
+_cleanup_test_img
+
+echo
+echo '=== Writing zeroes while unmapping ==='
+# Regression test for https://gitlab.com/qemu-project/qemu/-/issues/1507
+_make_test_img 64M
+$QEMU_IO -c 'write -s /dev/urandom 0 64M' "$TEST_IMG" | _filter_qemu_io
+
+_launch_qemu
+_send_qemu_cmd $QEMU_HANDLE \
+"{'execute': 'qmp_capabilities'}" \
+'return'
+
+_send_qemu_cmd $QEMU_HANDLE \
+"{'execute': 'blockdev-add',
+ 'arguments': {
+ 'driver': '$IMGFMT',
+ 'node-name': 'node-format',
+ 'file': {
+ 'driver': 'file',
+ 'filename': '$TEST_IMG'
+ }
+ } }" \
+'return'
+
+fuse_export_add 'export' "'mountpoint': '$EXT_MP', 'writable': true"
+
+# Try writing zeroes by unmapping
+$QEMU_IO -f raw -c 'write -zu 0 64M' "$EXT_MP" | _filter_qemu_io
+
+# Check the result
+$QEMU_IO -f raw -c 'read -P 0 0 64M' "$EXT_MP" | _filter_qemu_io
+
+_send_qemu_cmd $QEMU_HANDLE \
+"{'execute': 'quit'}" \
+'return'
+
+wait=yes _cleanup_qemu
+
+# Check the original image
+$QEMU_IO -c 'read -P 0 0 64M' "$TEST_IMG" | _filter_qemu_io
+
+_cleanup_test_img
# success, all done
echo "*** done"
diff --git a/tests/qemu-iotests/308.out b/tests/qemu-iotests/308.out
index e4467a10cf..d5767133b1 100644
--- a/tests/qemu-iotests/308.out
+++ b/tests/qemu-iotests/308.out
@@ -171,4 +171,39 @@ OK: Post-truncate image size is as expected
=== Compare copy with original ===
Images are identical.
+
+=== Writing zeroes while unmapping ===
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+wrote 67108864/67108864 bytes at offset 0
+64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+{'execute': 'qmp_capabilities'}
+{"return": {}}
+{'execute': 'blockdev-add',
+ 'arguments': {
+ 'driver': 'IMGFMT',
+ 'node-name': 'node-format',
+ 'file': {
+ 'driver': 'file',
+ 'filename': 'TEST_DIR/t.IMGFMT'
+ }
+ } }
+{"return": {}}
+{'execute': 'block-export-add',
+ 'arguments': {
+ 'type': 'fuse',
+ 'id': 'export',
+ 'node-name': 'node-format',
+ 'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true
+ } }
+{"return": {}}
+wrote 67108864/67108864 bytes at offset 0
+64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 67108864/67108864 bytes at offset 0
+64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+{'execute': 'quit'}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event":
"SHUTDOWN", "data": {"guest": false, "reason": "host-qmp-quit"}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event":
"BLOCK_EXPORT_DELETED", "data": {"id": "export"}}
+read 67108864/67108864 bytes at offset 0
+64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
*** done
--
2.39.2
[PULL 0/3] Block layer patches
The following changes since commit ee59483267de29056b5b2ee2421ef3844e5c9932: Merge tag 'qemu-openbios-20230307' of https://github.com/mcayland/qemu into staging (2023-03-09 16:55:03 +) are available in the Git repository at: https://repo.or.cz/qemu/kevin.git tags/for-upstream for you to fetch changes up to ecf8191314798391b1df80bcb829c0ead4f8acc9: qed: remove spurious BDRV_POLL_WHILE() (2023-03-10 15:14:46 +0100) Block layer patches - fuse: Fix fallocate(PUNCH_HOLE) to zero out the range - qed: remove spurious BDRV_POLL_WHILE() Hanna Czenczek (2): block/fuse: Let PUNCH_HOLE write zeroes iotests/308: Add test for 'write -zu' Stefan Hajnoczi (1): qed: remove spurious BDRV_POLL_WHILE() block/export/fuse.c| 11 ++- block/qed.c| 1 - tests/qemu-iotests/308 | 43 +++ tests/qemu-iotests/308.out | 35 +++ 4 files changed, 88 insertions(+), 2 deletions(-)
Re: [PATCH] hw/intc/ioapic: Update KVM routes before redelivering IRQ, on RTE update
On Thu, 2023-03-09 at 11:55 -0500, Peter Xu wrote: > > There're four devices that can hook onto this, IIUC. Besides IOAPIC and > VFIO, there's also ivshmem and vhost. IIUC we'll need to change all the > four devices to implement this. If you grep for kvm_irqchip_add_irqfd_notifier() there are more than that. There's a bunch of largely duplicated code, with different code paths for kvm_irqfds_enabled() and other variants. In code that I don't think should even have to *know* about KVM, should it? I think I'd like to provide a generic set of helpers which just allow callers to register a virtual IRQ and then trigger it manually and/or attach an irqfd (and a resamplefd, qv) to it. This new helper code can then cope with listening in userspace on that fd if/when it needs to, and can even work for the non-KVM case. The actual devices get a *lot* simpler. It'll *broadly* look like the existing kvm_irqchip_* functions but be a lot simpler to use. smime.p7s Description: S/MIME cryptographic signature
[RFC PATCH] intel-iommu: Report interrupt remapping faults
From: David Woodhouse
There is more work to be done here, as pretranslations for the KVM IRQ
routing table can't fault yet; they should be handled in userspace and
the fault raised only when the IRQ actually happens (if indeed the IRTE
is still not valid at that time). But we can work on that later; we can
at least raise faults for the direct case.
Signed-off-by: David Woodhouse
---
Seemed like a good place to start.
Utterly untested yet except for building it. Do we have unit tests for
this; anything which will deliberately cause DMA faults that I can
extend to also do IR faults? Or should I resort to just hacking a Linux
kernel to do things wrong?
Also, why does the generic X86IOMMUClass->int_remap function return
VTD-specific values? Shouldn't it just return true or false, or an
actual error from the system errno space?
I also think we're allowing Compatibility Format MSIs when we shouldn't
(when GSTS_CFIS is clear); the reporting of VTD_FR_IR_REQ_COMPAT is
conspicuous in its absence. But I can fix that in a separate commit.
hw/i386/intel_iommu.c | 115 +
hw/i386/intel_iommu_internal.h | 1 +
2 files changed, 89 insertions(+), 27 deletions(-)
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index faade7def8..946f6008fe 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -468,21 +468,12 @@ static void vtd_set_frcd_and_update_ppf(IntelIOMMUState
*s, uint16_t index)
/* Must not update F field now, should be done later */
static void vtd_record_frcd(IntelIOMMUState *s, uint16_t index,
-uint16_t source_id, hwaddr addr,
-VTDFaultReason fault, bool is_write,
-bool is_pasid, uint32_t pasid)
+uint64_t hi, uint64_t lo)
{
-uint64_t hi = 0, lo;
hwaddr frcd_reg_addr = DMAR_FRCD_REG_OFFSET + (((uint64_t)index) << 4);
assert(index < DMAR_FRCD_REG_NR);
-lo = VTD_FRCD_FI(addr);
-hi = VTD_FRCD_SID(source_id) | VTD_FRCD_FR(fault) |
- VTD_FRCD_PV(pasid) | VTD_FRCD_PP(is_pasid);
-if (!is_write) {
-hi |= VTD_FRCD_T;
-}
vtd_set_quad_raw(s, frcd_reg_addr, lo);
vtd_set_quad_raw(s, frcd_reg_addr + 8, hi);
@@ -508,17 +499,11 @@ static bool vtd_try_collapse_fault(IntelIOMMUState *s,
uint16_t source_id)
}
/* Log and report an DMAR (address translation) fault to software */
-static void vtd_report_dmar_fault(IntelIOMMUState *s, uint16_t source_id,
- hwaddr addr, VTDFaultReason fault,
- bool is_write, bool is_pasid,
- uint32_t pasid)
+static void vtd_report_frcd_fault(IntelIOMMUState *s, uint64_t source_id,
+ uint64_t hi, uint64_t lo)
{
uint32_t fsts_reg = vtd_get_long_raw(s, DMAR_FSTS_REG);
-assert(fault < VTD_FR_MAX);
-
-trace_vtd_dmar_fault(source_id, fault, addr, is_write);
-
if (fsts_reg & VTD_FSTS_PFO) {
error_report_once("New fault is not recorded due to "
"Primary Fault Overflow");
@@ -538,8 +523,7 @@ static void vtd_report_dmar_fault(IntelIOMMUState *s,
uint16_t source_id,
return;
}
-vtd_record_frcd(s, s->next_frcd_reg, source_id, addr, fault,
-is_write, is_pasid, pasid);
+vtd_record_frcd(s, s->next_frcd_reg, hi, lo);
if (fsts_reg & VTD_FSTS_PPF) {
error_report_once("There are pending faults already, "
@@ -564,6 +548,42 @@ static void vtd_report_dmar_fault(IntelIOMMUState *s,
uint16_t source_id,
}
}
+/* Log and report an DMAR (address translation) fault to software */
+static void vtd_report_dmar_fault(IntelIOMMUState *s, uint16_t source_id,
+ hwaddr addr, VTDFaultReason fault,
+ bool is_write, bool is_pasid,
+ uint32_t pasid)
+{
+uint64_t hi, lo;
+
+assert(fault < VTD_FR_MAX);
+
+trace_vtd_dmar_fault(source_id, fault, addr, is_write);
+
+lo = VTD_FRCD_FI(addr);
+hi = VTD_FRCD_SID(source_id) | VTD_FRCD_FR(fault) |
+ VTD_FRCD_PV(pasid) | VTD_FRCD_PP(is_pasid);
+if (!is_write) {
+hi |= VTD_FRCD_T;
+}
+
+vtd_report_frcd_fault(s, source_id, hi, lo);
+}
+
+
+static void vtd_report_ir_fault(IntelIOMMUState *s, uint64_t source_id,
+VTDFaultReason fault, uint16_t index)
+{
+uint64_t hi, lo;
+
+lo = VTD_FRCD_IR_IDX(index);
+hi = VTD_FRCD_SID(source_id) | VTD_FRCD_FR(fault);
+
+vtd_report_frcd_fault(s, source_id, hi, lo);
+}
+
+#define log_irte_fault(f, sid, i) vtd_report_ir_fault(iommu, sid, f, i)
+
/* Handle Invalidation Queue Errors of queued invalidation interface error
* conditions.
*/
@@ -3300,7 +3320,8 @@ static Property vtd_properties[] = {
/* Read IRTE entry with specific index */
static int vtd_irte_get(IntelIOM
Re: [PATCH 09/11] tests/tcg: disable pauth for aarch64 gdb tests
On Fri, 10 Mar 2023 at 10:31, Alex Bennée wrote: > > You need a very new gdb to be able to run with pauth support otherwise > your likely to hit asserts and aborts. Disable pauth for now until we > can properly probe support in gdb. > > Signed-off-by: Alex Bennée If it makes gdb fall over, then shouldn't we be disabling the pauth gdbstub stuff entirely ? Otherwise even if our tests are fine our users will not be... -- PMM
Re: [PATCH nbd 0/4] Enable multi-conn NBD [for discussion only]
On 09.03.23 14:39, Richard W.M. Jones wrote: [ Patch series also available here, along with this cover letter and the script used to generate test results: https://gitlab.com/rwmjones/qemu/-/commits/2023-nbd-multi-conn-v1 ] This patch series adds multi-conn support to the NBD block driver in qemu. It is only meant for discussion and testing because it has a number of obvious shortcomings (see "XXX" in commit messages and code). If we decided this was a good idea, we can work on a better patch. I looked through the results and the code, and I think that's of course a good idea! We still need smarter integration with reconnect logic. At least, we shouldn't make several open_timer instances.. Currently, on open() we have open-timeout. That's just a limit for the whole nbd_open() - we can do several connection attempts during this time. Seems we should proceed with success, if we succeeded with at least one connection. Postponing additional connections to be established after open() seems good too[*]. Next, we have reconnect-delay. When connection is lost nbd-client tries to reconnect with no limit in attempts, but after reconnect-delay seconds of reconnection all in-flight requests that are waiting for connection are just failed. When we have several connections, and one is broken, I think we shouldn't wait, but instead retry the requests on other working connections. This way we don't need several reconnect_delay_timer objects: we need only one, when all connections are lost. Reestablishing additional connections better to do in background, not blocking in-flight requests. And that's the same as postponing additional connections after open() should work ([*]). -- Best regards, Vladimir
Re: [PATCH 09/11] tests/tcg: disable pauth for aarch64 gdb tests
On 3/10/23 02:31, Alex Bennée wrote: You need a very new gdb to be able to run with pauth support otherwise your likely to hit asserts and aborts. Disable pauth for now until we can properly probe support in gdb. Signed-off-by: Alex Bennée --- tests/tcg/aarch64/Makefile.target | 2 ++ 1 file changed, 2 insertions(+) Reviewed-by: Richard Henderson r~ diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target index 9e91a20b0d..8ffde3b0ed 100644 --- a/tests/tcg/aarch64/Makefile.target +++ b/tests/tcg/aarch64/Makefile.target @@ -84,6 +84,8 @@ TESTS += sha512-vector ifeq ($(HOST_GDB_SUPPORTS_ARCH),y) GDB_SCRIPT=$(SRC_PATH)/tests/guest-debug/run-test.py +run-gdbstub-%: QEMU_OPTS=-cpu max,pauth=off + run-gdbstub-sysregs: sysregs $(call run-test, $@, $(GDB_SCRIPT) \ --gdb $(HAVE_GDB_BIN) \
[PATCH 06/12] target/s390x: Handle CRL and CGFRL with non-aligned addresses
Use MO_ALIGN_4 and let do_unaligned_access() generate a specification
exception.
Reported-by: Nina Schoetterl-Glausch
Suggested-by: Nina Schoetterl-Glausch
Signed-off-by: Ilya Leoshkevich
---
target/s390x/tcg/translate.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c
index 6ceb14de92f..d5e64d168f2 100644
--- a/target/s390x/tcg/translate.c
+++ b/target/s390x/tcg/translate.c
@@ -5999,7 +5999,8 @@ static void in2_mri2_16u(DisasContext *s, DisasOps *o)
static void in2_mri2_32s(DisasContext *s, DisasOps *o)
{
o->in2 = tcg_temp_new_i64();
-tcg_gen_qemu_ld32s(o->in2, gen_ri2(s), get_mem_index(s));
+tcg_gen_qemu_ld_tl(o->in2, gen_ri2(s), get_mem_index(s),
+ MO_TESL | MO_ALIGN_4);
}
#define SPEC_in2_mri2_32s 0
--
2.39.2
[PATCH 07/12] target/s390x: Handle CGRL and CLGRL with non-aligned addresses
Use MO_ALIGN_8 and let do_unaligned_access() generate a specification
exception.
Reported-by: Nina Schoetterl-Glausch
Suggested-by: Nina Schoetterl-Glausch
Signed-off-by: Ilya Leoshkevich
---
target/s390x/tcg/translate.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c
index d5e64d168f2..02c415bdbd6 100644
--- a/target/s390x/tcg/translate.c
+++ b/target/s390x/tcg/translate.c
@@ -6014,7 +6014,8 @@ static void in2_mri2_32u(DisasContext *s, DisasOps *o)
static void in2_mri2_64(DisasContext *s, DisasOps *o)
{
o->in2 = tcg_temp_new_i64();
-tcg_gen_qemu_ld64(o->in2, gen_ri2(s), get_mem_index(s));
+tcg_gen_qemu_ld_i64(o->in2, gen_ri2(s), get_mem_index(s),
+MO_TEUQ | MO_ALIGN_8);
}
#define SPEC_in2_mri2_64 0
--
2.39.2
[PATCH 02/12] target/s390x: Handle EXECUTE of odd addresses
Generate a specification exception in the helper before trying to fetch
the instruction.
Reported-by: Nina Schoetterl-Glausch
Signed-off-by: Ilya Leoshkevich
---
target/s390x/tcg/mem_helper.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/target/s390x/tcg/mem_helper.c b/target/s390x/tcg/mem_helper.c
index 6835c26dda4..9d1c4bb7374 100644
--- a/target/s390x/tcg/mem_helper.c
+++ b/target/s390x/tcg/mem_helper.c
@@ -2468,8 +2468,16 @@ void HELPER(stpq_parallel)(CPUS390XState *env, uint64_t
addr,
*/
void HELPER(ex)(CPUS390XState *env, uint32_t ilen, uint64_t r1, uint64_t addr)
{
-uint64_t insn = cpu_lduw_code(env, addr);
-uint8_t opc = insn >> 8;
+uint64_t insn;
+uint8_t opc;
+
+/* EXECUTE targets must be at even addresses. */
+if (addr & 1) {
+tcg_s390_program_interrupt(env, PGM_SPECIFICATION, GETPC());
+}
+
+insn = cpu_lduw_code(env, addr);
+opc = insn >> 8;
/* Or in the contents of R1[56:63]. */
insn |= r1 & 0xff;
--
2.39.2
