]> git.ipfire.org Git - thirdparty/qemu.git/log
thirdparty/qemu.git
4 years agoMakefile: add dummy target for build.ninja dependencies
Paolo Bonzini [Wed, 16 Dec 2020 12:13:40 +0000 (13:13 +0100)] 
Makefile: add dummy target for build.ninja dependencies

The dummy targets ensure that incremental build can be done after
deleting a meson.build file.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agotrace: do not include TCG helper tracepoints in no-TCG builds
Paolo Bonzini [Wed, 16 Dec 2020 12:32:45 +0000 (13:32 +0100)] 
trace: do not include TCG helper tracepoints in no-TCG builds

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agoutil: Extract flush_icache_range to cacheflush.c
Richard Henderson [Mon, 14 Dec 2020 14:02:33 +0000 (08:02 -0600)] 
util: Extract flush_icache_range to cacheflush.c

This has been a tcg-specific function, but is also in use
by hardware accelerators via physmem.c.  This can cause
link errors when tcg is disabled.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Joelle van Dyne <j@getutm.app>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214140314.18544-3-richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agoremove TCG includes from common code
Paolo Bonzini [Wed, 16 Dec 2020 12:27:58 +0000 (13:27 +0100)] 
remove TCG includes from common code

Enable removing tcg/$tcg_arch from the include path when TCG is disabled.
Move translate-all.h to include/exec, since stubs exist for the functions
defined therein.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agobuild-sys: fix -static linking of libvhost-user
Marc-André Lureau [Tue, 15 Dec 2020 08:03:19 +0000 (12:03 +0400)] 
build-sys: fix -static linking of libvhost-user

Fix linking vhost-user binaries with with ./configure -static, by
overriding glib-2.0 dependency with configure results.

Fixes: 0df750e9d3a5fea5e1 ("libvhost-user: make it a meson subproject")
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20201215080319.136228-1-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agodocs: Add CFI Documentation
Daniele Buono [Fri, 4 Dec 2020 23:06:15 +0000 (18:06 -0500)] 
docs: Add CFI Documentation

Document how to compile with CFI and how to maintain CFI-safe code

Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Message-Id: <20201204230615.2392-6-dbuono@linux.vnet.ibm.com>
[Make build system section in index.rst and add the new file. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agoconfigure,meson: support Control-Flow Integrity
Daniele Buono [Fri, 4 Dec 2020 23:06:14 +0000 (18:06 -0500)] 
configure,meson: support Control-Flow Integrity

This patch adds a flag to enable/disable control flow integrity checks
on indirect function calls.
This feature only allows indirect function calls at runtime to functions
with compatible signatures.

This feature is only provided by LLVM/Clang, and depends on link-time
optimization which is currently supported only with LLVM/Clang >= 6.0

We also add an option to enable a debugging version of cfi, with verbose
output in case of a CFI violation.

CFI on indirect function calls does not support calls to functions in
shared libraries (since they were not known at compile time), and such
calls are forbidden. QEMU relies on dlopen/dlsym when using modules,
so we make modules incompatible with CFI.

All the checks are performed in meson.build. configure is only used to
forward the flags to meson

Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Message-Id: <20201204230615.2392-5-dbuono@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agocheck-block: enable iotests with cfi-icall
Daniele Buono [Fri, 4 Dec 2020 23:06:13 +0000 (18:06 -0500)] 
check-block: enable iotests with cfi-icall

cfi-icall is a form of Control-Flow Integrity for indirect function
calls implemented by llvm. It is enabled with a -fsanitize flag.

iotests are currently disabled when -fsanitize options is used, with the
exception of SafeStack.

This patch implements a generic filtering mechanism to allow iotests
with a set of known-to-be-safe -fsanitize option. Then marks SafeStack
and the new options used for cfi-icall safe for iotests

Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Message-Id: <20201204230615.2392-4-dbuono@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agocfi: Initial support for cfi-icall in QEMU
Daniele Buono [Fri, 4 Dec 2020 23:06:12 +0000 (18:06 -0500)] 
cfi: Initial support for cfi-icall in QEMU

LLVM/Clang, supports runtime checks for forward-edge Control-Flow
Integrity (CFI).

CFI on indirect function calls (cfi-icall) ensures that, in indirect
function calls, the function called is of the right signature for the
pointer type defined at compile time.

For this check to work, the code must always respect the function
signature when using function pointer, the function must be defined
at compile time, and be compiled with link-time optimization.

This rules out, for example, shared libraries that are dynamically loaded
(given that functions are not known at compile time), and code that is
dynamically generated at run-time.

This patch:

1) Introduces the CONFIG_CFI flag to support cfi in QEMU

2) Introduces a decorator to allow the definition of "sensitive"
functions, where a non-instrumented function may be called at runtime
through a pointer. The decorator will take care of disabling cfi-icall
checks on such functions, when cfi is enabled.

3) Marks functions currently in QEMU that exhibit such behavior,
in particular:
- The function in TCG that calls pre-compiled TBs
- The function in TCI that interprets instructions
- Functions in the plugin infrastructures that jump to callbacks
- Functions in util that directly call a signal handler

Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org
Message-Id: <20201204230615.2392-3-dbuono@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agoconfigure,meson: add option to enable LTO
Daniele Buono [Fri, 4 Dec 2020 23:06:11 +0000 (18:06 -0500)] 
configure,meson: add option to enable LTO

This patch allows to compile QEMU with link-time optimization (LTO).
Compilation with LTO is handled directly by meson. This patch only
adds the option in configure and forwards the request to meson

Tested with all major versions of clang from 6 to 12

Signed-off-by: Daniele Buono <dbuono@linux.vnet.ibm.com>
Message-Id: <20201204230615.2392-2-dbuono@linux.vnet.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agotarget/i386: Check privilege level for protected mode 'int N' task gate
Peter Maydell [Sat, 21 Nov 2020 22:44:45 +0000 (22:44 +0000)] 
target/i386: Check privilege level for protected mode 'int N' task gate

When the 'int N' instruction is executed in protected mode, the
pseudocode in the architecture manual specifies that we need to check:

 * vector number within IDT limits
 * selected IDT descriptor is a valid type (interrupt, trap or task gate)
 * if this was a software interrupt then gate DPL < CPL

The way we had structured the code meant that the privilege check for
software interrupts ended up not in the code path taken for task gate
handling, because all of the task gate handling code was in the 'case 5'
of the switch which was checking "is this descriptor a valid type".

Move the task gate handling code out of that switch (so that it is now
purely doing the "valid type?" check) and below the software interrupt
privilege check.

The effect of this missing check was that in a guest userspace binary
executing 'int 8' would cause a guest kernel panic rather than the
userspace binary being handed a SEGV.

This is essentially the same bug fixed in VirtualBox in 2012:
https://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/

Note that for QEMU this is not a security issue because it is only
present when using TCG.

Fixes: https://bugs.launchpad.net/qemu/+bug/1813201
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20201121224445.16236-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
4 years agoqom: Assert that objects being destroyed have no parent
Eduardo Habkost [Tue, 15 Dec 2020 22:41:33 +0000 (17:41 -0500)] 
qom: Assert that objects being destroyed have no parent

QOM reference counting bugs are often hard to detect, but there's
one kind of bug that's easier: if we are freeing an object but is
still attached to a parent, it means the reference count is wrong
(because the parent always hold a reference to their children).

Add an assertion to make sure we detect those cases.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20201215224133.3545901-3-ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agotest-char: Destroy chardev correctly at char_file_test_internal()
Eduardo Habkost [Tue, 15 Dec 2020 22:41:32 +0000 (17:41 -0500)] 
test-char: Destroy chardev correctly at char_file_test_internal()

commit 1e419ee68fa5 ("chardev: generate an internal id when none
given") changed the reference ownership semantics of
qemu_chardev_new(NULL, ...): now all chardevs created using
qemu_chardev_new() are added to the /chardevs QOM container, and
the caller does not own a reference to the newly created object.

However, the code at char_file_test_internal() had not been
updated and was calling object_unref() on a chardev object it
didn't own.  This makes the chardev be destroyed, but leaves a
dangling pointer in the /chardev container children list, and
seems to be the cause of the following char_serial_test() crash:

  Unexpected error in object_property_try_add() at ../qom/object.c:1220: \
      attempt to add duplicate property 'serial-id' to object (type 'container')
  ERROR test-char - too few tests run (expected 38, got 9)

Update the code to use object_unparent() at the end of
char_file_test_internal(), to make sure the chardev will be
correctly removed from the QOM tree.

Fixes: 1e419ee68fa5 ("chardev: generate an internal id when none given")
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20201215224133.3545901-2-ehabkost@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agovl: initialize displays _after_ exiting preconfiguration
Paolo Bonzini [Thu, 17 Dec 2020 09:10:12 +0000 (10:10 +0100)] 
vl: initialize displays _after_ exiting preconfiguration

Due to the renumbering of text consoles when graphical consoles are
created, init_displaystate must be called after all QemuConsoles are
created, i.e. after devices are created.

vl.c calls it from qemu_init_displays, while qmp_x_exit_preconfig is
where devices are created.  If qemu_init_displays is called before it,
the VGA graphical console does not come up.

Reported-by: Howard Spoelstra <hsp.cat7@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agoconfigure: document --without-default-{features,devices}
Paolo Bonzini [Mon, 14 Dec 2020 10:34:47 +0000 (11:34 +0100)] 
configure: document --without-default-{features,devices}

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
4 years agotests: update for rename of CentOS8 PowerTools repo
Daniel P. Berrangé [Wed, 16 Dec 2020 14:16:53 +0000 (14:16 +0000)] 
tests: update for rename of CentOS8 PowerTools repo

This was intentionally renamed recently to be all lowercase:

https://bugs.centos.org/view.php?id=17920
https://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.2011#Yum_repo_file_and_repoid_changes

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-Id: <20201216141653.213980-1-berrange@redhat.com>
[AJB: bump up FROM to trigger re-build, add diffutils]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
4 years agotests/docker: Remove the remainders of debian9 containers from the Makefile
Thomas Huth [Tue, 15 Dec 2020 08:33:18 +0000 (09:33 +0100)] 
tests/docker: Remove the remainders of debian9 containers from the Makefile

The Debian 9 containers have been removed a while ago, so we can
delete the corresponding entries in the Makefile, too.

Fixes: e3755276d1 ("tests/docker: Remove old Debian 9 containers")
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20201215083318.92205-1-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
4 years agogitlab-CI: Test 32-bit builds with the fedora-i386-cross container
Thomas Huth [Tue, 15 Dec 2020 08:34:51 +0000 (09:34 +0100)] 
gitlab-CI: Test 32-bit builds with the fedora-i386-cross container

After adding some missing packages, it's possible to check 32-bit
builds and tests with the fedora-i386-cross container in the gitlab-CI,
too. Unfortunately, the code in subprojects/ ignores the --extra-cflags
(on purpose), so the vhost-user part has to be disabled for this.

While we're at it, update the container to Fedora 31. Unfortunately the
gcc from the later versions emits some very dubious format-truncation
warnings, so Fedora 32 and 33 are currently unsuitable for this job.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20201215083451.92322-1-thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
4 years agotests/tcg: build tests with -Werror
Alex Bennée [Thu, 10 Dec 2020 19:04:17 +0000 (19:04 +0000)] 
tests/tcg: build tests with -Werror

Hopefully this will guard against sloppy code getting into our tests.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201210190417.31673-9-alex.bennee@linaro.org>

4 years agogitlab: add --without-default-features build
Alex Bennée [Thu, 10 Dec 2020 19:04:16 +0000 (19:04 +0000)] 
gitlab: add --without-default-features build

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201210190417.31673-8-alex.bennee@linaro.org>

4 years agogitlab: move --without-default-devices build from Travis
Alex Bennée [Thu, 10 Dec 2020 19:04:15 +0000 (19:04 +0000)] 
gitlab: move --without-default-devices build from Travis

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20201210190417.31673-7-alex.bennee@linaro.org>

4 years agopython: add __repr__ to ConsoleSocket to aid debugging
Alex Bennée [Thu, 10 Dec 2020 19:04:14 +0000 (19:04 +0000)] 
python: add __repr__ to ConsoleSocket to aid debugging

While attempting to debug some console weirdness I thought it would be
worth making it easier to see what it had inside.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-Id: <20201210190417.31673-6-alex.bennee@linaro.org>

4 years agoconfigure: add --without-default-features
Alex Bennée [Thu, 10 Dec 2020 19:04:13 +0000 (19:04 +0000)] 
configure: add --without-default-features

By default QEMU enables a lot of features if it can probe and find the
support libraries. It also enables a bunch of features by default.
This patch adds the ability to build --without-default-features which
can be paired with a --without-default-devices for a barely functional
build.

The main use case for this is testing our build assumptions and for
minimising the amount of stuff you build if you just want to test a
particular feature on your relatively slow emulated test system. On
it's own I go from:

  $ ls -lh qemu-system-aarch64
  -rwxr-xr-x 1 alex alex 120M Dec 10 12:45 qemu-system-aarch64*
  $ ldd qemu-system-aarch64 | wc -l
  170

to:

  $ ls -lh qemu-aarch64
  -rwxr-xr-x 1 alex alex 43M Dec 10 12:41 qemu-aarch64*
  $ ldd qemu-system-aarch64 | wc -l
  57

which is still able to run my default Debian ARM64 machine with a lot
less fat involved.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Thomas Huth <thuth@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20201210190417.31673-5-alex.bennee@linaro.org>

4 years agoconfigure: move gettext detection to meson.build
Alex Bennée [Thu, 10 Dec 2020 19:04:12 +0000 (19:04 +0000)] 
configure: move gettext detection to meson.build

This will allow meson to honour -Dauto_features=disabled later.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20201210190417.31673-4-alex.bennee@linaro.org>

4 years agogitlab: include aarch64-softmmu and ppc64-softmmu cross-system-build
Alex Bennée [Thu, 10 Dec 2020 19:04:11 +0000 (19:04 +0000)] 
gitlab: include aarch64-softmmu and ppc64-softmmu cross-system-build

Otherwise we miss coverage of KVM support in the cross build. To
balance it out add arm-softmmu (no kvm, subset of aarch64),
cris-softmmu and ppc-softmmu to the exclude list which do get coverage
elsewhere.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20201210190417.31673-3-alex.bennee@linaro.org>

4 years agoMerge remote-tracking branch 'remotes/ehabkost-gl/tags/machine-next-pull-request...
Peter Maydell [Fri, 1 Jan 2021 22:57:15 +0000 (22:57 +0000)] 
Merge remote-tracking branch 'remotes/ehabkost-gl/tags/machine-next-pull-request' into staging

Machine queue, 2020-12-23

Cleanup:
* qdev code cleanup (Eduardo Habkost)

Bug fix:
* hostmem: Free host_nodes list right after visited (Keqian Zhu)

# gpg: Signature made Wed 23 Dec 2020 21:25:58 GMT
# gpg:                using RSA key 5A322FD5ABC4D3DBACCFD1AA2807936F984DC5A6
# gpg:                issuer "ehabkost@redhat.com"
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost-gl/tags/machine-next-pull-request:
  bugfix: hostmem: Free host_nodes list right after visited
  qdev: Avoid unnecessary DeviceState* variable at set_prop_arraylen()
  qdev: Rename qdev_get_prop_ptr() to object_field_prop_ptr()
  qdev: Move qdev_prop_tpm declaration to tpm_prop.h
  qdev: Make qdev_class_add_property() more flexible
  qdev: Make PropertyInfo.create return ObjectProperty*
  qdev: Move dev->realized check to qdev_property_set()
  qdev: Wrap getters and setters in separate helpers
  qdev: Add name argument to PropertyInfo.create method
  qdev: Add name parameter to qdev_class_add_property()
  qdev: Avoid using prop->name unnecessarily
  qdev: Get just property name at error_set_from_qdev_prop_error()
  sparc: Use DEFINE_PROP for nwindows property
  qdev: Reuse DEFINE_PROP in all DEFINE_PROP_* macros
  qdev: Move softmmu properties to qdev-properties-system.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20201222' into staging
Peter Maydell [Fri, 1 Jan 2021 18:19:44 +0000 (18:19 +0000)] 
Merge remote-tracking branch 'remotes/cohuck-gitlab/tags/s390x-20201222' into staging

Further s390x updates:
- enhance the s390 devices acceptance test
- tcg: improve carry computation
- qga: send the ccw address with the fsinfo data
- fixes for protected virtualisation and zpci

# gpg: Signature made Tue 22 Dec 2020 10:37:34 GMT
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck-gitlab/tags/s390x-20201222:
  tests/acceptance: Add a test with the Fedora 31 kernel and initrd
  s390x/pci: Fix memory_region_access_valid call
  s390x/pci: fix pcistb length
  tests/acceptance: Test the virtio-balloon device on s390x
  tests/acceptance: Test virtio-rng on s390 via /dev/hwrng
  tests/acceptance: Extract the code to clear dmesg and wait for CRW reports
  tests/acceptance: test hot(un)plug of ccw devices
  target/s390x: Improve SUB LOGICAL WITH BORROW
  target/s390x: Improve cc computation for SUBTRACT LOGICAL
  target/s390x: Improve ADD LOGICAL WITH CARRY
  target/s390x: Improve cc computation for ADD LOGICAL
  qga/commands-posix: Send CCW address on s390x with the fsinfo data
  MAINTAINERS: move my git tree to gitlab
  s390x: pv: Fence additional unavailable SCLP facilities for PV guests

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-12-21' into...
Peter Maydell [Fri, 1 Jan 2021 17:05:38 +0000 (17:05 +0000)] 
Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-12-21' into staging

* Two fuzzer patches from Alexander
* Show logs of failed acceptance jobs in the gitlab-CI

# gpg: Signature made Mon 21 Dec 2020 13:38:37 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2020-12-21:
  gitlab-ci: Archive logs of acceptance tests
  gitlab-ci: Refactor code that show logs of failed acceptances
  tests/acceptance: Bump avocado requirements to 83.0
  fuzz: fix the generic-fuzz-floppy config
  fuzz: Add more i386 configurations for fuzzing

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2020-12-19' into staging
Peter Maydell [Fri, 1 Jan 2021 14:33:03 +0000 (14:33 +0000)] 
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2020-12-19' into staging

QAPI patches patches for 2020-12-19

# gpg: Signature made Sat 19 Dec 2020 09:40:05 GMT
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-qapi-2020-12-19: (33 commits)
  qobject: Make QString immutable
  block: Use GString instead of QString to build filenames
  keyval: Use GString to accumulate value strings
  json: Use GString instead of QString to accumulate strings
  migration: Replace migration's JSON writer by the general one
  qobject: Factor JSON writer out of qobject_to_json()
  qobject: Factor quoted_str() out of to_json()
  qobject: Drop qstring_get_try_str()
  qobject: Drop qobject_get_try_str()
  Revert "qobject: let object_property_get_str() use new API"
  block: Avoid qobject_get_try_str()
  qmp: Fix tracing of non-string command IDs
  qobject: Move internals to qobject-internal.h
  hw/rdma: Replace QList by GQueue
  Revert "qstring: add qstring_free()"
  qobject: Change qobject_to_json()'s value to GString
  qobject: Use GString instead of QString to accumulate JSON
  qobject: Make qobject_to_json_pretty() take a pretty argument
  monitor: Use GString instead of QString for output buffer
  hmp: Simplify how qmp_human_monitor_command() gets output
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/marcel/tags/rdma-pull-request' into staging
Peter Maydell [Fri, 1 Jan 2021 12:54:19 +0000 (12:54 +0000)] 
Merge remote-tracking branch 'remotes/marcel/tags/rdma-pull-request' into staging

RDMA queue

*  bug fix in contrib/rdmacm-mux

# gpg: Signature made Fri 18 Dec 2020 18:40:53 GMT
# gpg:                using RSA key 36D4C0F0CF2FE46D
# gpg: Good signature from "Marcel Apfelbaum <marcel.apfelbaum@zoho.com>" [marginal]
# gpg:                 aka "Marcel Apfelbaum <marcel@redhat.com>" [marginal]
# gpg:                 aka "Marcel Apfelbaum <marcel.apfelbaum@gmail.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: B1C6 3A57 F92E 08F2 640F  31F5 36D4 C0F0 CF2F E46D

* remotes/marcel/tags/rdma-pull-request:
  contrib/rdmacm-mux: Fix error condition in hash_tbl_search_fd_by_ifid()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2020-12-18' into staging
Peter Maydell [Thu, 31 Dec 2020 23:26:46 +0000 (23:26 +0000)] 
Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2020-12-18' into staging

Block patches:
- New block filter: preallocate (which, on writes beyond an image file's
  end, allocates big chunks of data so that such post-EOF writes will
  occur less frequently)
- write-zeroes and block-status support for Quorum
- Implementation of truncate for the nvme block driver similarly to the
  existing implementations for host block devices and iscsi devices
- Block layer refactoring: Drop the tighten_restrictions concept in the
  block permission functions
- iotest fixes

# gpg: Signature made Fri 18 Dec 2020 14:45:30 GMT
# gpg:                using RSA key 91BEB60A30DB3E8857D11829F407DB0061D5CF40
# gpg:                issuer "mreitz@redhat.com"
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>" [full]
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* remotes/maxreitz/tags/pull-block-2020-12-18: (30 commits)
  iotests: Fix _send_qemu_cmd with bash 5.1
  iotests/102: Pass $QEMU_HANDLE to _send_qemu_cmd
  block/nvme: Implement fake truncate() coroutine
  quorum: Implement bdrv_co_pwrite_zeroes()
  quorum: Implement bdrv_co_block_status()
  scripts/simplebench: add bench_prealloc.py
  simplebench/results_to_text: make executable
  simplebench/results_to_text: add difference line to the table
  simplebench/results_to_text: improve view of the table
  simplebench: move results_to_text() into separate file
  simplebench: rename ascii() to results_to_text()
  scripts/simplebench: use standard deviation for +- error
  scripts/simplebench: support iops
  scripts/simplebench: fix grammar: s/successed/succeeded/
  iotests: add 298 to test new preallocate filter driver
  iotests.py: execute_setup_common(): add required_fmts argument
  iotests: qemu_io_silent: support --image-opts
  qemu-io: add preallocate mode parameter for truncate command
  block: introduce preallocate filter
  block: bdrv_check_perm(): process children anyway
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging
Peter Maydell [Thu, 31 Dec 2020 19:16:13 +0000 (19:16 +0000)] 
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- Add qemu-storage-daemon documentation
- hw/block/nand: Decommission the NAND museum
- vpc: Clean up some buffer abuse
- nfs: fix int overflow in nfs_client_open_qdict
- Several iotests fixes

# gpg: Signature made Fri 18 Dec 2020 12:07:30 GMT
# gpg:                using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6
# gpg:                issuer "kwolf@redhat.com"
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  block/vpc: Use sizeof() instead of HEADER_SIZE for footer size
  block/vpc: Pass footer buffers as VHDFooter * instead of uint8_t *
  block/vpc: Pad VHDFooter, replace uint8_t[] buffers
  block/vpc: Use sizeof() instead of 1024 for dynamic header size
  block/vpc: Pad VHDDynDiskHeader, replace uint8_t[] buffers
  block/vpc: Make vpc_checksum() take void *
  block/vpc: Don't abuse the footer buffer for dynamic header
  block/vpc: Don't abuse the footer buffer as BAT sector buffer
  block/vpc: Make vpc_open() read the full dynamic header
  iotests:172: use _filter_qom_path
  iotests: make _filter_qom_path more strict
  MAINTAINERS: add Kevin Wolf as storage daemon maintainer
  docs: add qemu-storage-daemon(1) man page
  docs: generate qemu-storage-daemon-qmp-ref(7) man page
  block/nfs: fix int overflow in nfs_client_open_qdict
  hw/block/nand: Decommission the NAND museum
  iotests/210: Fix reference output

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20201218a' into...
Peter Maydell [Thu, 31 Dec 2020 15:55:11 +0000 (15:55 +0000)] 
Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20201218a' into staging

Monitor, virtiofsd and migration pull

HMP cleanups
Migration fixes
  Note the change in behaviour of not allowing a postmigrate migrtion
  rather than crashing

Virtiofsd cleanups and fixes
  --thread-pool-size=0 for no thread pool (faster for some workloads)

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
# gpg: Signature made Fri 18 Dec 2020 10:39:37 GMT
# gpg:                using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert/tags/pull-migration-20201218a:
  migration: Don't allow migration if vm is in POSTMIGRATE
  savevm: Delete snapshots just created in case of error
  savevm: Remove dead code in save_snapshot()
  docs/devel/migration: Improve debugging section a bit
  virtiofsd: Remove useless code about send_notify_iov
  virtiofsd: update FUSE_FORGET comment on "lo_inode.nlookup"
  virtiofsd: Check file type in lo_flush()
  virtiofsd: Disable posix_lock hash table if remote locks are not enabled
  virtiofsd: Set up posix_lock hash table for root inode
  virtiofsd: make the debug log timestamp on stderr more human-readable
  virtiofsd: Use --thread-pool-size=0 to mean no thread pool
  hmp-commands.hx: List abbreviation after command for cont, quit, print
  monitor:Don't use '#' flag of printf format ('%#') in format strings
  monitor:braces {} are necessary for all arms of this statement
  monitor:open brace '{' following struct go on the same line

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-request...
Peter Maydell [Thu, 31 Dec 2020 14:49:02 +0000 (14:49 +0000)] 
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging

Add MIPS Loongson 2F/3A
sparc64 bug fix
Implement copy_file_range
Add most IFTUN ioctls
Fix mremap

# gpg: Signature made Fri 18 Dec 2020 10:23:43 GMT
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-6.0-pull-request:
  linux-user/sparc: Handle tstate in sparc64_get/set_context()
  linux-user/sparc: Don't restore %g7 in sparc64_set_context()
  linux-user/sparc: Remove unneeded checks of 'err' from sparc64_get_context()
  linux-user/sparc: Correct sparc64_get/set_context() FPU handling
  linux-user: Add most IFTUN ioctls
  linux-user: Implement copy_file_range
  docs/user: Display linux-user binaries nicely
  linux-user: Add support for MIPS Loongson 2F/3A
  linux-user/elfload: Update HWCAP bits from linux 5.7
  linux-user/elfload: Introduce MIPS GET_FEATURE_REG_EQU() macro
  linux-user/elfload: Introduce MIPS GET_FEATURE_REG_SET() macro
  linux-user/elfload: Rename MIPS GET_FEATURE() as GET_FEATURE_INSN()
  linux-user/elfload: Move GET_FEATURE macro out of get_elf_hwcap() body
  linux-user/mmap.c: check range of mremap result in target address space

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agoMerge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-12-18' into...
Peter Maydell [Wed, 30 Dec 2020 20:45:42 +0000 (20:45 +0000)] 
Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-12-18' into staging

* Compile QEMU with -Wimplicit-fallthrough=2 to avoid bugs in
  switch-case statements

# gpg: Signature made Fri 18 Dec 2020 08:19:04 GMT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2020-12-18:
  configure: Compile with -Wimplicit-fallthrough=2
  hw/rtc/twl92230: Add missing 'break'
  bsd-user: Silence warnings about missing fallthrough statement
  tests/fp: Do not emit implicit-fallthrough warnings in the softfloat tests
  tcg/optimize: Add fallthrough annotations
  target/sparc/win_helper: silence the compiler warnings
  target/sparc/translate: silence the compiler warnings
  accel/tcg/user-exec: silence the compiler warnings
  hw/intc/arm_gicv3_kvm: silence the compiler warnings
  target/i386: silence the compiler warnings in gen_shiftd_rm_T1
  hw/timer/renesas_tmr: silence the compiler warnings
  hw/rtc/twl92230: Silence warnings about missing fallthrough statements
  target/unicore32/translate: Add missing fallthrough annotations
  disas/libvixl: Fix fall-through annotation for GCC >= 7

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4 years agotests/acceptance: Add a test with the Fedora 31 kernel and initrd
Thomas Huth [Mon, 21 Dec 2020 14:34:23 +0000 (15:34 +0100)] 
tests/acceptance: Add a test with the Fedora 31 kernel and initrd

This initrd contains a virtio-net and a virtio-gpu kernel module,
so we can check that we can set a MAC address for the network device
and whether we can hot-plug and -unplug a virtio-crypto device.
But the most interesting part is maybe that we can also successfully
write some stuff into the emulated framebuffer of the virtio-gpu
device and make sure that we can read back that data from a screenshot.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201221143423.23607-1-thuth@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Tested-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agos390x/pci: Fix memory_region_access_valid call
Matthew Rosato [Thu, 17 Dec 2020 22:16:37 +0000 (17:16 -0500)] 
s390x/pci: Fix memory_region_access_valid call

In pcistb_service_handler, a call is made to validate that the memory
region can be accessed.  However, the call is made using the entire length
of the pcistb operation, which can be larger than the allowed memory
access size (8).  Since we already know that the provided buffer is a
multiple of 8, fix the call to memory_region_access_valid to iterate
over the memory region in the same way as the subsequent call to
memory_region_dispatch_write.

Fixes: 863f6f52b7 ("s390: implement pci instructions")
Signed-off-by: Matthew Rosato <mjrosato@linux.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Acked-by: Pierre Morel <pmorel@linux.ibm.com>
Message-Id: <1608243397-29428-3-git-send-email-mjrosato@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agos390x/pci: fix pcistb length
Matthew Rosato [Thu, 17 Dec 2020 22:16:36 +0000 (17:16 -0500)] 
s390x/pci: fix pcistb length

In pcistb_service_call, we are grabbing 8 bits from a guest register to
indicate the length of the store operation -- but per the architecture
the length is actually defined by 13 bits of the guest register.

Fixes: 863f6f52b7 ("s390: implement pci instructions")
Signed-off-by: Matthew Rosato <mjrosato@linux.ibm.com>
Reviewed-by: Pierre Morel <pmorel@linux.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Message-Id: <1608243397-29428-2-git-send-email-mjrosato@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agotests/acceptance: Test the virtio-balloon device on s390x
Thomas Huth [Tue, 15 Dec 2020 18:36:23 +0000 (19:36 +0100)] 
tests/acceptance: Test the virtio-balloon device on s390x

Inflate the balloon and check whether the size of the memory changes.

Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Tested-by: Willian Rampazzo <willianr@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201215183623.110128-4-thuth@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agotests/acceptance: Test virtio-rng on s390 via /dev/hwrng
Thomas Huth [Tue, 15 Dec 2020 18:36:22 +0000 (19:36 +0100)] 
tests/acceptance: Test virtio-rng on s390 via /dev/hwrng

/dev/hwrng is only functional if virtio-rng is working right, so let's
add a sanity check for this device node.

Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Tested-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201215183623.110128-3-thuth@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agotests/acceptance: Extract the code to clear dmesg and wait for CRW reports
Thomas Huth [Tue, 15 Dec 2020 18:36:21 +0000 (19:36 +0100)] 
tests/acceptance: Extract the code to clear dmesg and wait for CRW reports

We will use this in more spots soon, so it's easier to put this into
a separate function.

Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Tested-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201215183623.110128-2-thuth@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agotests/acceptance: test hot(un)plug of ccw devices
Cornelia Huck [Tue, 8 Dec 2020 12:28:43 +0000 (13:28 +0100)] 
tests/acceptance: test hot(un)plug of ccw devices

Hotplug a virtio-net-ccw device, and then hotunplug it again.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Tested-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Message-Id: <20201208122843.147186-1-cohuck@redhat.com>

4 years agotarget/s390x: Improve SUB LOGICAL WITH BORROW
Richard Henderson [Mon, 14 Dec 2020 22:13:56 +0000 (16:13 -0600)] 
target/s390x: Improve SUB LOGICAL WITH BORROW

Now that SUB LOGICAL outputs borrow, we can use that as input directly.
It also means we can re-use CC_OP_SUBU and produce an output borrow
directly from SUB LOGICAL WITH BORROW.

Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-5-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agotarget/s390x: Improve cc computation for SUBTRACT LOGICAL
Richard Henderson [Mon, 14 Dec 2020 22:13:55 +0000 (16:13 -0600)] 
target/s390x: Improve cc computation for SUBTRACT LOGICAL

The resulting cc is only dependent on the result and the carry-out.
Carry-out and borrow-out are inverses, so are trivially converted.
With tcg ops, it is easier to compute borrow-out than carry-out, so
save result and borrow-out rather than the inputs.

Borrow-out for 64-bit inputs is had via tcg_gen_sub2_i64 directly
into cc_src.  Borrow-out for 32-bit inputs is had via extraction
from a normal 64-bit sub (with zero-extended inputs).

Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-4-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agotarget/s390x: Improve ADD LOGICAL WITH CARRY
Richard Henderson [Mon, 14 Dec 2020 22:13:54 +0000 (16:13 -0600)] 
target/s390x: Improve ADD LOGICAL WITH CARRY

Now that ADD LOGICAL outputs carry, we can use that as input directly.
It also means we can re-use CC_OP_ADDU and produce an output carry
directly from ADD LOGICAL WITH CARRY.

Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-3-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agotarget/s390x: Improve cc computation for ADD LOGICAL
Richard Henderson [Mon, 14 Dec 2020 22:13:53 +0000 (16:13 -0600)] 
target/s390x: Improve cc computation for ADD LOGICAL

The resulting cc is only dependent on the result and the
carry-out.  So save those things rather than the inputs.

Carry-out for 64-bit inputs is had via tcg_gen_add2_i64 directly
into cc_src.  Carry-out for 32-bit inputs is had via extraction
from a normal 64-bit add (with zero-extended inputs).

Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-2-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agoqga/commands-posix: Send CCW address on s390x with the fsinfo data
Thomas Huth [Fri, 27 Nov 2020 08:23:53 +0000 (09:23 +0100)] 
qga/commands-posix: Send CCW address on s390x with the fsinfo data

We need the CCW address on the libvirt side to correctly identify
the disk, so add this information to the GuestDiskAddress on s390x.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Michael Roth <michael.roth@amd.com>
Message-Id: <20201127082353.448251-1-thuth@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agoMAINTAINERS: move my git tree to gitlab
Cornelia Huck [Mon, 14 Dec 2020 13:26:28 +0000 (14:26 +0100)] 
MAINTAINERS: move my git tree to gitlab

I push to gitlab anyway to get some CI coverage, so let's make
it my primary tree to avoid workflow duplication.

Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201214132628.56019-1-cohuck@redhat.com>

4 years agos390x: pv: Fence additional unavailable SCLP facilities for PV guests
Janosch Frank [Fri, 11 Dec 2020 10:51:09 +0000 (05:51 -0500)] 
s390x: pv: Fence additional unavailable SCLP facilities for PV guests

There's no VSIE support for a protected guest, so let's better not
advertise it and its support facilities.

Fixes: c3347ed0d2ee ("s390x: protvirt: Support unpack facility")
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20201211105109.2913-1-frankja@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
4 years agoqobject: Make QString immutable
Markus Armbruster [Fri, 11 Dec 2020 17:11:52 +0000 (18:11 +0100)] 
qobject: Make QString immutable

The functions to modify a QString's string are all unused now.  Drop
them, and make the string immutable.  Saves 16 bytes per QString on my
system.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-21-armbru@redhat.com>

4 years agoblock: Use GString instead of QString to build filenames
Markus Armbruster [Fri, 11 Dec 2020 17:11:51 +0000 (18:11 +0100)] 
block: Use GString instead of QString to build filenames

QString supports modifying its string, but it's quite limited: you can
only append.  Just one caller remains:
bdrv_parse_filename_strip_prefix() uses it just for building an
initial string.

Change it to do build the initial string with GString.  This is
another step towards making QString immutable.

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: qemu-block@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-20-armbru@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
4 years agokeyval: Use GString to accumulate value strings
Markus Armbruster [Fri, 11 Dec 2020 17:11:50 +0000 (18:11 +0100)] 
keyval: Use GString to accumulate value strings

QString supports modifying its string, but it's quite limited: you can
only append.  The remaining callers use it for building an initial
string, never for modifying it later.

Change keyval_parse_one() to do build the initial string with GString.
This is another step towards making QString immutable.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-19-armbru@redhat.com>

4 years agojson: Use GString instead of QString to accumulate strings
Markus Armbruster [Fri, 11 Dec 2020 17:11:49 +0000 (18:11 +0100)] 
json: Use GString instead of QString to accumulate strings

QString supports modifying its string, but it's quite limited: you can
only append.  The remaining callers use it for building an initial
string, never for modifying it later.

Change parse_string() to do build the initial string with GString.
This is another step towards making QString immutable.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-18-armbru@redhat.com>

4 years agomigration: Replace migration's JSON writer by the general one
Markus Armbruster [Fri, 11 Dec 2020 17:11:48 +0000 (18:11 +0100)] 
migration: Replace migration's JSON writer by the general one

Commit 8118f0950f "migration: Append JSON description of migration
stream" needs a JSON writer.  The existing qobject_to_json() wasn't a
good fit, because it requires building a QObject to convert.  Instead,
migration got its very own JSON writer, in commit 190c882ce2 "QJSON:
Add JSON writer".  It tacitly limits numbers to int64_t, and strings
contents to characters that don't need escaping, unlike
qobject_to_json().

The previous commit factored the JSON writer out of qobject_to_json().
Replace migration's JSON writer by it.

Cc: Juan Quintela <quintela@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-17-armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
4 years agoqobject: Factor JSON writer out of qobject_to_json()
Markus Armbruster [Fri, 11 Dec 2020 17:11:47 +0000 (18:11 +0100)] 
qobject: Factor JSON writer out of qobject_to_json()

We have two JSON writers written in C: qobject/qjson.c provides
qobject_to_json(), and migration/qjson.c provides a more low level
imperative interface.  They don't share code.  The latter tacitly
limits numbers to int64_t, and strings contents to characters that
don't need escaping.

Factor out qobject_to_json()'s JSON writer as qobject/json-writer.c.
Straightforward, except for numbers: since the writer is to be
independent of QObject, it can't use qnum_to_string().  Open-code it
instead.  This is actually an improvement of sorts, because it
liberates qnum_to_string() from JSON's needs: its JSON-related FIXMEs
move to the JSON writer, where they belong.

The next commit will replace migration/qjson.c.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-16-armbru@redhat.com>

4 years agoqobject: Factor quoted_str() out of to_json()
Markus Armbruster [Fri, 11 Dec 2020 17:11:46 +0000 (18:11 +0100)] 
qobject: Factor quoted_str() out of to_json()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-15-armbru@redhat.com>

4 years agoqobject: Drop qstring_get_try_str()
Markus Armbruster [Fri, 11 Dec 2020 17:11:45 +0000 (18:11 +0100)] 
qobject: Drop qstring_get_try_str()

No users left outside tests/, and the ones in tests/ can just as well
use qstring_get_str().  Do that, and drop the function.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-14-armbru@redhat.com>

4 years agoqobject: Drop qobject_get_try_str()
Markus Armbruster [Fri, 11 Dec 2020 17:11:44 +0000 (18:11 +0100)] 
qobject: Drop qobject_get_try_str()

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-13-armbru@redhat.com>

4 years agoRevert "qobject: let object_property_get_str() use new API"
Markus Armbruster [Fri, 11 Dec 2020 17:11:43 +0000 (18:11 +0100)] 
Revert "qobject: let object_property_get_str() use new API"

Commit aafb21a0b9 "qobject: let object_property_get_str() use new API"
isn't much of a simplification.  Not worth having
object_property_get_str() differ from the other
object_property_get_FOO().  Revert.

This reverts commit aafb21a0b9cea5fa0fe52e68111bb6bd13837a02.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Daniel P. Berrangé <berrange@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-12-armbru@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoblock: Avoid qobject_get_try_str()
Markus Armbruster [Fri, 11 Dec 2020 17:11:42 +0000 (18:11 +0100)] 
block: Avoid qobject_get_try_str()

I'm about to remove qobject_get_try_str().  Use qstring_get_str()
instead.  Safe because the argument is known to be a QString here.

Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Max Reitz <mreitz@redhat.com>
Cc: qemu-block@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-11-armbru@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
4 years agoqmp: Fix tracing of non-string command IDs
Markus Armbruster [Fri, 11 Dec 2020 17:11:41 +0000 (18:11 +0100)] 
qmp: Fix tracing of non-string command IDs

Tracepoints monitor_qmp_cmd_in_band and
monitor_qmp_cmd_out_of_band (commit cf869d5317 "qmp: support
out-of-band (oob) execution") treat non-string "id" like absent "id".
Fix that.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-10-armbru@redhat.com>

4 years agoqobject: Move internals to qobject-internal.h
Markus Armbruster [Fri, 11 Dec 2020 17:11:40 +0000 (18:11 +0100)] 
qobject: Move internals to qobject-internal.h

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-9-armbru@redhat.com>

4 years agohw/rdma: Replace QList by GQueue
Markus Armbruster [Fri, 11 Dec 2020 17:11:39 +0000 (18:11 +0100)] 
hw/rdma: Replace QList by GQueue

RdmaProtectedQList provides a thread-safe queue of int64_t on top of a
QList.

rdma_protected_qlist_destroy() calls qlist_destroy_obj() directly.
qlist_destroy_obj() is actually for use by qobject_destroy() only.
The next commit will make that obvious.

The minimal fix would be calling qobject_unref() instead.  But QList
is actually a bad fit here.  It's designed for representing JSON
arrays.  We're better off with a GQueue here.  Replace.

Cc: Yuval Shaia <yuval.shaia.ml@gmail.com>
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-8-armbru@redhat.com>

4 years agoRevert "qstring: add qstring_free()"
Markus Armbruster [Fri, 11 Dec 2020 17:11:38 +0000 (18:11 +0100)] 
Revert "qstring: add qstring_free()"

This reverts commit 164c374b75f87c6765a705c4418ab7005a2d356f.

A free function for a reference-counted object is in bad taste.
Fortunately, this one is now also unused.  Drop it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-7-armbru@redhat.com>

4 years agoqobject: Change qobject_to_json()'s value to GString
Markus Armbruster [Fri, 11 Dec 2020 17:11:37 +0000 (18:11 +0100)] 
qobject: Change qobject_to_json()'s value to GString

qobject_to_json() and qobject_to_json_pretty() build a GString, then
covert it to QString.  Just one of the callers actually needs a
QString: qemu_rbd_parse_filename().  A few others need a string they
can modify: qmp_send_response(), qga's send_response(), to_json_str(),
and qmp_fd_vsend_fds().  The remainder just need a string.

Change qobject_to_json() and qobject_to_json_pretty() to return the
GString.

qemu_rbd_parse_filename() now has to convert to QString.  All others
save a QString temporary.  to_json_str() actually becomes a bit
simpler, because GString provides more convenient modification
functions.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-6-armbru@redhat.com>

4 years agoqobject: Use GString instead of QString to accumulate JSON
Markus Armbruster [Fri, 11 Dec 2020 17:11:36 +0000 (18:11 +0100)] 
qobject: Use GString instead of QString to accumulate JSON

QString supports modifying its string, but it's quite limited: you can
only append.  The remaining callers use it for building an initial
string, never for modifying it later.

Use of GString for building the initial string is actually more
convenient here.  Change qobject_to_json() & friends to do that.

Once all such uses are replaced this way, QString can become immutable.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-5-armbru@redhat.com>

4 years agoqobject: Make qobject_to_json_pretty() take a pretty argument
Markus Armbruster [Fri, 11 Dec 2020 17:11:35 +0000 (18:11 +0100)] 
qobject: Make qobject_to_json_pretty() take a pretty argument

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-4-armbru@redhat.com>

4 years agomonitor: Use GString instead of QString for output buffer
Markus Armbruster [Fri, 11 Dec 2020 17:11:34 +0000 (18:11 +0100)] 
monitor: Use GString instead of QString for output buffer

GString has a richer set of string operations than QString.  It should
be preferred to QString except where we need a QObject or reference
counting.  We don't here.  Switch to GString, and put its richer
interface to use.

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-3-armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
4 years agohmp: Simplify how qmp_human_monitor_command() gets output
Markus Armbruster [Fri, 11 Dec 2020 17:11:33 +0000 (18:11 +0100)] 
hmp: Simplify how qmp_human_monitor_command() gets output

Commit 48c043d0d1 "hmp: human-monitor-command: stop using the Memory
chardev driver" left us "if string is non-empty, duplicate it, else
duplicate the empty string".  Meh.  Duplicate it unconditionally.

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-2-armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
4 years agotest-visitor-serialization: Clean up test_primitives()
Markus Armbruster [Thu, 10 Dec 2020 16:14:52 +0000 (17:14 +0100)] 
test-visitor-serialization: Clean up test_primitives()

test_primitives() uses union member intmax_t max to compare the
integer members.  Unspecified behavior.  Has worked fine for many
years, though.  Clean it up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-11-armbru@redhat.com>

4 years agotest-visitor-serialization: Drop insufficient precision workaround
Markus Armbruster [Thu, 10 Dec 2020 16:14:51 +0000 (17:14 +0100)] 
test-visitor-serialization: Drop insufficient precision workaround

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-10-armbru@redhat.com>

4 years agostring-output-visitor: Fix to use sufficient precision
Markus Armbruster [Thu, 10 Dec 2020 16:14:50 +0000 (17:14 +0100)] 
string-output-visitor: Fix to use sufficient precision

The string output visitor should serialize numbers so that the string
input visitor deserializes them back to the same number.  It fails to
do so.

print_type_number() uses format %f.  This is prone to nasty rounding
errors.  For instance, numbers between 0 and 0.0000005 get flushed to
zero.

We currently use this visitor only for HMP info migrate, info network,
info qtree, and info memdev.  No double values occur there as far as I
can tell.

Fix anyway by formatting with %.17g.  17 decimal digits always suffice
for IEEE double.

See also recent commit "qobject: Fix qnum_to_string() to use
sufficient precision".

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-9-armbru@redhat.com>

4 years agotest-string-output-visitor: Cover "unround" number
Markus Armbruster [Thu, 10 Dec 2020 16:14:49 +0000 (17:14 +0100)] 
test-string-output-visitor: Cover "unround" number

This demonstrates rounding error due to insufficient precision: double
3.1415926535897932 gets converted to JSON 3.141593.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-8-armbru@redhat.com>

4 years agoqobject: Fix qnum_to_string() to use sufficient precision
Markus Armbruster [Thu, 10 Dec 2020 16:14:48 +0000 (17:14 +0100)] 
qobject: Fix qnum_to_string() to use sufficient precision

We should serialize numbers to JSON so that they deserialize back to
the same number.  We fail to do so.

The culprit is qnum_to_string(): it uses format %f with trailing '0'
trimmed.  Results in pretty output for "nice" numbers, but is prone to
nasty rounding errors.  For instance, numbers between 0 and 0.0000005
get flushed to zero.

Where exactly the incorrect rounding can bite is tiresome to gauge.
Here's my take.

* In QMP output, type 'number':

  - query-blockstats value avg_rd_queue_depth

  - QMP query-migrate values mbps, cache-miss-rate, encoding-rate,
    busy-rate, compression-rate.

  Relatively harmless, I guess.

* In tracing QMP input.  Harmless.

* In qemu-ga output, type 'number': guest-get-users value login-time.
  Harmless.

* In output of HMP qom-get.  Harmless.

Not affected, because double values don't actually occur there (I
think):

* QMP output, type 'any':

  * qom-get value

  * qom-list, qom-list-properties value default-value

  * query-cpu-model-comparison, query-cpu-model-baseline,
    query-cpu-model-expansion value props.

* qemu-img --output json output.

* "json:" pseudo-filenames generated by bdrv_refresh_filename().

* The rbd block driver's "=keyvalue-pairs" hack.

* In -object help on property default values.  Aside: use of JSON
  feels inappropriate here.

* Output of HMP qom-get.

* Argument conversion to QemuOpts for qdev_device_add() and HMP with
  qemu_opts_from_qdict()

  QMP and HMP device_add, virtio-net failover primary creation,
  xen-usb "usb-host" creation, HMP netdev_add, object_add.

* The uses of qobject_input_visitor_new_flat_confused()

  As far as I can tell, none of the visited types contain double
  values.

* Dumping ImageInfoSpecific with dump_qobject()

Fix by formatting with %.17g.  17 decimal digits always suffice for
IEEE double.

The change to expected test output illustrates the effect: the
rounding errors are gone, but some seemingly "nice" numbers now get
converted to not so nice strings, e.g. 0.42 to "0.41999999999999998".
This is because 0.42 is not representable exactly in double.  It's
more accurate in this example than strictly necessary, though.

If ugly accuracy bothers us, we can we can try using the least number
of digits that still converts back to the same double.  In this
example, "0.42" would do.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-7-armbru@redhat.com>

4 years agotests/check-qnum: Cover qnum_to_string() for "unround" argument
Markus Armbruster [Thu, 10 Dec 2020 16:14:47 +0000 (17:14 +0100)] 
tests/check-qnum: Cover qnum_to_string() for "unround" argument

qnum_to_string() has a FIXME comment about rounding errors due to
insufficient precision.  Cover it: 2.718281828459045 gets converted to
"2.718282".  The next commit will fix it.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-6-armbru@redhat.com>

4 years agotests/check-qjson: Replace redundant large_number()
Markus Armbruster [Thu, 10 Dec 2020 16:14:46 +0000 (17:14 +0100)] 
tests/check-qjson: Replace redundant large_number()

Move one of large_number()'s three checks to uint_number(), and the
other two to float_number().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-5-armbru@redhat.com>

4 years agotests/check-qjson: Cover number 2^63
Markus Armbruster [Thu, 10 Dec 2020 16:14:45 +0000 (17:14 +0100)] 
tests/check-qjson: Cover number 2^63

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-4-armbru@redhat.com>

4 years agotests/check-qjson: Examine QNum more thoroughly
Markus Armbruster [Thu, 10 Dec 2020 16:14:44 +0000 (17:14 +0100)] 
tests/check-qjson: Examine QNum more thoroughly

simple_number() checks only qnum_get_try_int().  Also check
qnum_get_try_uint() and qnum_get_double().

float_number() checks only qnum_get_double().  Also check
qnum_get_try_int() and qnum_get_try_uint().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-3-armbru@redhat.com>

4 years agotests/check-qjson: Don't skip funny QNumber to JSON conversions
Markus Armbruster [Thu, 10 Dec 2020 16:14:43 +0000 (17:14 +0100)] 
tests/check-qjson: Don't skip funny QNumber to JSON conversions

simple_number() and float_number() convert from JSON to QNumber and
back.

simple_number() tests "-0", but skips the conversion back to JSON,
because it yields "0", not "-0".  Works as intended, so better cover
it: don't skip, but expect the funny result.

float_number() tests "-32.20e-10", but skips the conversion back to
JSON, because it yields "-0".  This is a known bug in
qnum_to_string(), marked FIXME there.  Cover the bug: don't skip, but
expect the funny result.

While there, switch from g_assert() to g_assert_cmpstr() & friends for
friendlier test failures.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201210161452.2813491-2-armbru@redhat.com>

4 years agoqapi: Use QAPI_LIST_PREPEND() where possible
Eric Blake [Fri, 13 Nov 2020 01:13:37 +0000 (19:13 -0600)] 
qapi: Use QAPI_LIST_PREPEND() where possible

Anywhere we create a list of just one item or by prepending items
(typically because order doesn't matter), we can use
QAPI_LIST_PREPEND().  But places where we must keep the list in order
by appending remain open-coded until later patches.

Note that as a side effect, this also performs a cleanup of two minor
issues in qga/commands-posix.c: the old code was performing
 new = g_malloc0(sizeof(*ret));
which 1) is confusing because you have to verify whether 'new' and
'ret' are variables with the same type, and 2) would conflict with C++
compilation (not an actual problem for this file, but makes
copy-and-paste harder).

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20201113011340.463563-5-eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
[Straightforward conflicts due to commit a8aa94b5f8 "qga: update
schema for guest-get-disks 'dependents' field" and commit a10b453a52
"target/mips: Move mips_cpu_add_definition() from helper.c to cpu.c"
resolved.  Commit message tweaked.]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
4 years agomigration: Refactor migrate_cap_add
Eric Blake [Fri, 13 Nov 2020 01:13:36 +0000 (19:13 -0600)] 
migration: Refactor migrate_cap_add

Instead of taking a list parameter and returning a new head at a
distance, just return the new item for the caller to insert into a
list via QAPI_LIST_PREPEND.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20201113011340.463563-4-eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
4 years agorocker: Revamp fp_port_get_info
Eric Blake [Fri, 13 Nov 2020 01:13:35 +0000 (19:13 -0600)] 
rocker: Revamp fp_port_get_info

Instead of modifying the value member of a list element passed as a
parameter, and open-coding the manipulation of that list, it's nicer
to just return a freshly allocated value to be prepended to a list
using QAPI_LIST_PREPEND.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20201113011340.463563-3-eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
4 years agobugfix: hostmem: Free host_nodes list right after visited
Keqian Zhu [Thu, 10 Dec 2020 07:52:26 +0000 (15:52 +0800)] 
bugfix: hostmem: Free host_nodes list right after visited

In host_memory_backend_get_host_nodes, we build host_nodes
list and output it to v (a StringOutputVisitor) but forget
to free the list. This fixes the memory leak.

The memory leak stack:

 Direct leak of 32 byte(s) in 2 object(s) allocated from:
    #0 0xfffda30b3393 in __interceptor_calloc (/usr/lib64/libasan.so.4+0xd3393)
    #1 0xfffda1d28b9b in g_malloc0 (/usr/lib64/libglib-2.0.so.0+0x58b9b)
    #2 0xaaab05ca6e43 in host_memory_backend_get_host_nodes backends/hostmem.c:94
    #3 0xaaab061ddf83 in object_property_get_uint16List qom/object.c:1478
    #4 0xaaab05866513 in query_memdev hw/core/machine-qmp-cmds.c:312
    #5 0xaaab061d980b in do_object_child_foreach qom/object.c:1001
    #6 0xaaab0586779b in qmp_query_memdev hw/core/machine-qmp-cmds.c:328
    #7 0xaaab0615ed3f in qmp_marshal_query_memdev qapi/qapi-commands-machine.c:327
    #8 0xaaab0632d647 in do_qmp_dispatch qapi/qmp-dispatch.c:147
    #9 0xaaab0632d647 in qmp_dispatch qapi/qmp-dispatch.c:190
    #10 0xaaab0610f74b in monitor_qmp_dispatch monitor/qmp.c:120
    #11 0xaaab0611074b in monitor_qmp_bh_dispatcher monitor/qmp.c:209
    #12 0xaaab063caefb in aio_bh_poll util/async.c:117
    #13 0xaaab063d30fb in aio_dispatch util/aio-posix.c:459
    #14 0xaaab063cac8f in aio_ctx_dispatch util/async.c:268
    #15 0xfffda1d22a6b in g_main_context_dispatch (/usr/lib64/libglib-2.0.so.0+0x52a6b)
    #16 0xaaab063d0e97 in glib_pollfds_poll util/main-loop.c:218
    #17 0xaaab063d0e97 in os_host_main_loop_wait util/main-loop.c:241
    #18 0xaaab063d0e97 in main_loop_wait util/main-loop.c:517
    #19 0xaaab05c8bfa7 in main_loop /root/rpmbuild/BUILD/qemu-4.1.0/vl.c:1791
    #20 0xaaab05713bc3 in main /root/rpmbuild/BUILD/qemu-4.1.0/vl.c:4473
    #21 0xfffda0a83ebf in __libc_start_main (/usr/lib64/libc.so.6+0x23ebf)
    #22 0xaaab0571ed5f  (aarch64-softmmu/qemu-system-aarch64+0x88ed5f)
 SUMMARY: AddressSanitizer: 32 byte(s) leaked in 2 allocation(s).

Fixes: 4cf1b76bf1e2 (hostmem: add properties for NUMA memory policy)
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Keqian Zhu <zhukeqian1@huawei.com>
Tested-by: Chen Qun <kuhn.chenqun@huawei.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201210075226.20196-1-zhukeqian1@huawei.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Avoid unnecessary DeviceState* variable at set_prop_arraylen()
Eduardo Habkost [Fri, 11 Dec 2020 22:05:28 +0000 (17:05 -0500)] 
qdev: Avoid unnecessary DeviceState* variable at set_prop_arraylen()

We're just doing pointer math with the device pointer, we can
simply use obj instead.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-32-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Rename qdev_get_prop_ptr() to object_field_prop_ptr()
Eduardo Habkost [Fri, 11 Dec 2020 22:05:27 +0000 (17:05 -0500)] 
qdev: Rename qdev_get_prop_ptr() to object_field_prop_ptr()

The function will be moved to common QOM code, as it is not
specific to TYPE_DEVICE anymore.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Paul Durrant <paul@xen.org>
Message-Id: <20201211220529.2290218-31-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Move qdev_prop_tpm declaration to tpm_prop.h
Eduardo Habkost [Fri, 11 Dec 2020 22:05:25 +0000 (17:05 -0500)] 
qdev: Move qdev_prop_tpm declaration to tpm_prop.h

Move the variable declaration close to the macro that uses it.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-29-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Make qdev_class_add_property() more flexible
Eduardo Habkost [Fri, 11 Dec 2020 22:05:22 +0000 (17:05 -0500)] 
qdev: Make qdev_class_add_property() more flexible

Support Property.set_default and PropertyInfo.description even if
PropertyInfo.create is set.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-26-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Make PropertyInfo.create return ObjectProperty*
Eduardo Habkost [Fri, 11 Dec 2020 22:05:21 +0000 (17:05 -0500)] 
qdev: Make PropertyInfo.create return ObjectProperty*

Returning ObjectProperty* will be useful for new property
registration code that will add additional callbacks
to ObjectProperty after registering it.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-25-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Move dev->realized check to qdev_property_set()
Eduardo Habkost [Fri, 11 Dec 2020 22:05:20 +0000 (17:05 -0500)] 
qdev: Move dev->realized check to qdev_property_set()

Every single qdev property setter function manually checks
dev->realized.  We can just check dev->realized inside
qdev_property_set() instead.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Paul Durrant <paul@xen.org>
Message-Id: <20201211220529.2290218-24-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Wrap getters and setters in separate helpers
Eduardo Habkost [Fri, 11 Dec 2020 22:05:19 +0000 (17:05 -0500)] 
qdev: Wrap getters and setters in separate helpers

We'll add extra code to the qdev property getters and setters, so
add wrapper functions where additional actions can be performed.

The new functions have a "field_prop_" prefix instead of "qdev_"
because the code will eventually be moved outside
qdev-properties.c, to common QOM code.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-23-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Add name argument to PropertyInfo.create method
Eduardo Habkost [Fri, 11 Dec 2020 22:05:18 +0000 (17:05 -0500)] 
qdev: Add name argument to PropertyInfo.create method

This will make it easier to remove the Property.name field in the
future.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-22-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Add name parameter to qdev_class_add_property()
Eduardo Habkost [Fri, 11 Dec 2020 22:05:17 +0000 (17:05 -0500)] 
qdev: Add name parameter to qdev_class_add_property()

This will make it easier to remove Property.name in the future.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20201211220529.2290218-21-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Avoid using prop->name unnecessarily
Eduardo Habkost [Fri, 11 Dec 2020 22:05:16 +0000 (17:05 -0500)] 
qdev: Avoid using prop->name unnecessarily

We already get the property name as argument to the property
getter and setters, we don't need to use prop->name.  This will
make it easier to remove the Property.name field in the future.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-20-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Get just property name at error_set_from_qdev_prop_error()
Eduardo Habkost [Fri, 11 Dec 2020 22:05:15 +0000 (17:05 -0500)] 
qdev: Get just property name at error_set_from_qdev_prop_error()

Replace `Property *prop` parameter with `char *name`, to reduce
dependency of getter and setter functions on the Property struct
(which will be changed in following patches).

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20201211220529.2290218-19-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agosparc: Use DEFINE_PROP for nwindows property
Eduardo Habkost [Fri, 11 Dec 2020 22:05:14 +0000 (17:05 -0500)] 
sparc: Use DEFINE_PROP for nwindows property

Use the DEFINE_PROP macro (which will set extra fields in the
struct) instead of initializing a Property struct manually.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20201211220529.2290218-18-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Reuse DEFINE_PROP in all DEFINE_PROP_* macros
Eduardo Habkost [Fri, 11 Dec 2020 22:05:13 +0000 (17:05 -0500)] 
qdev: Reuse DEFINE_PROP in all DEFINE_PROP_* macros

Instead of duplicating the code that sets name, info, offset,
and does type checking, make DEFINE_PROP accept a variable number
of arguments and reuse it in all DEFINE_PROP_* macros.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-17-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agoqdev: Move softmmu properties to qdev-properties-system.h
Eduardo Habkost [Fri, 11 Dec 2020 22:05:12 +0000 (17:05 -0500)] 
qdev: Move softmmu properties to qdev-properties-system.h

Move the property types and property macros implemented in
qdev-properties-system.c to a new qdev-properties-system.h
header.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-Id: <20201211220529.2290218-16-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
4 years agocontrib/rdmacm-mux: Fix error condition in hash_tbl_search_fd_by_ifid()
AlexChen [Thu, 29 Oct 2020 13:43:27 +0000 (21:43 +0800)] 
contrib/rdmacm-mux: Fix error condition in hash_tbl_search_fd_by_ifid()

When fd is not found according to ifid, the _hash_tbl_search_fd_by_ifid()
returns 0 and assigns the result to *fd, so We have to check that *fd is 0,
not that fd is 0.

Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: AlexChen <alex.chen@huawei.com>
Message-Id: <5F9AC6FF.4000301@huawei.com>
Reviewed-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
4 years agoiotests: Fix _send_qemu_cmd with bash 5.1
Max Reitz [Thu, 17 Dec 2020 15:38:03 +0000 (16:38 +0100)] 
iotests: Fix _send_qemu_cmd with bash 5.1

With bash 5.1, the output of the following script changes:

  a=("double  space")
  a=${a[@]:0:1}
  echo "$a"

from "double space" to "double  space", i.e. all white space is
preserved as-is.  This is probably what we actually want here (judging
from the "...to accommodate pathnames with spaces" comment), but before
5.1, we would have to quote the ${} slice to get the same behavior.

In any case, without quoting, the reference output of many iotests is
different between bash 5.1 and pre-5.1, which is not very good.  The
output of 5.1 is what we want, so whatever we do to get pre-5.1 to the
same result, it means we have to fix the reference output of basically
all tests that invoke _send_qemu_cmd (except the ones that only use
single spaces in the commands they invoke).

Instead of quoting the ${} slice (cmd="${$@: 1:...}"), we can also just
not use array slicing and replace the whole thing with a simple "cmd=$1;
shift", which works because all callers quote the whole $cmd argument
anyway.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20201217153803.101231-3-mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
4 years agoiotests/102: Pass $QEMU_HANDLE to _send_qemu_cmd
Max Reitz [Thu, 17 Dec 2020 15:38:02 +0000 (16:38 +0100)] 
iotests/102: Pass $QEMU_HANDLE to _send_qemu_cmd

The first parameter passed to _send_qemu_cmd is supposed to be the
$QEMU_HANDLE.  102 does not do so here, fix it.

As a result, the output changes: Now we see the prompt this command is
supposedly waiting for before the resize message - as it should be.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20201217153803.101231-2-mreitz@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>