diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 0000000000000..c02a6682e14ee --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,41 @@ +name: Build target user + +on: [pull_request, workflow_dispatch] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up Python 3.x + uses: actions/setup-python@v4 + with: + python-version: '3.x' + - name: Copy source.list file to include deb-src + run: | + sudo cp /etc/apt/sources.list /etc/apt/sources.list.d/tmp.list + sudo sed -i "s/# deb-src/deb-src/g" /etc/apt/sources.list.d/tmp.list + - name: Install deps + run: | + sudo apt-get update + sudo apt-get --no-install-recommends -y build-dep qemu + sudo apt-get install -y autoconf libtool protobuf-c-compiler + pip3 install --user ninja + - name: Install OCaml + uses: ocaml/setup-ocaml@v2 + with: + ocaml-compiler: 4.14.x + dune-cache: true + opam-disable-sandboxing: true + - name: Install piqi + run: | + opam install piqi + - name: Clone qemu and bap-frames + run: | + git clone --depth 1 http://github.com/BinaryAnalysisPlatform/bap-frames.git + git clone --depth 1 http://github.com/BinaryAnalysisPlatform/qemu.git + - name: Build without tracewrap + run: | + cd qemu + ./configure --prefix=$HOME --target-list=arm-linux-user + ninja -C build diff --git a/README.md b/README.md new file mode 100644 index 0000000000000..6d4dd6ddd614e --- /dev/null +++ b/README.md @@ -0,0 +1,98 @@ +# Overview + +Qemu tracer - a tracer based on [qemu](https://github.com/qemu/qemu) +project. It executes a binary executable and saves trace data using +[Protocol Buffer](https://developers.google.com/protocol-buffers/) +format. The contents of the trace data is defined in +[bap-traces](https://github.com/BinaryAnalysisPlatform/bap-traces) +project. + +# Installing released binaries + +If you don't want to mess with the source and building, then you can just +dowload a tarball with prebuilt binaries. Look at the latest release and +it might happen, that we have built binaries for your linux distribution, +if it is not the case, then create an issue, and we will build it for you. + +Let's pretend, that you're using Ubuntu Trusty, and install it. First +download it with your favorite downloader: + +``` +wget https://github.com/BinaryAnalysisPlatform/qemu/releases/download/v2.0.0-tracewrap-2.0.0-rc1/qemu-tracewrap-ubuntu-14.04.4-LTS.tgz +``` + +Install it in the specified prefix with a command like `tar -C -xf qemu-tracewrap-ubuntu-14.04.4-LTS.tgz`, e.g., +to install in your home directory: +``` +tar -C $HOME -xf qemu-tracewrap-ubuntu-14.04.4-LTS.tgz +``` + + + +# Build + +## Preparation + +Note: the instructions assume that you're using Ubuntu, but it +may work on other systems, that uses apt-get. + +Before building the qemu-tracewrap, you need to install the following packages: + * qemu build dependencies + * autoconf, libtool, protobuf-c-compiler + * [piqi library](http://piqi.org/doc/ocaml) + +To install qemu build dependencies, use the following command + +```bash +$ sudo apt-get --no-install-recommends -y build-dep qemu +``` + +To install autoconf, libtool, protobuf-c-compiler, use the +following command + +```bash +$ sudo apt-get install autoconf libtool protobuf-c-compiler +``` + +To install [piqi library](http://piqi.org/doc/ocaml) with +[opam](https://opam.ocaml.org/doc/Install.html), use the following command +```bash +$ opam install piqi +``` + +## Building + +Download [bap-frames](https://github.com/BinaryAnalysisPlatform/bap-frames) with +following command + +```bash +$ git clone https://github.com/BinaryAnalysisPlatform/bap-frames.git +``` + +Download qemu tracer with following command + +```bash +$ git clone git@github.com:BinaryAnalysisPlatform/qemu.git +``` + +Change folder to qemu and build tracer: +```bash +$ cd qemu +$ ./configure --prefix=$HOME --with-tracewrap=/bap-frames --target-list=-linux-user +$ ninja -C build +$ ninja -C build install +``` + +# Usage + +To run executable `exec` compiled for `arch`, use `qemu-arch exec` command, e.g., +`qemu-x86_64 /bin/ls`. It will dump the trace into `ls.frames` file. You can configure +the filename with `-tracefile` option, e.g., `qemu-arm -tracefile arm.ls.frames ls` + + +Hints: use option -L to set the elf interpreter prefix to 'path'. Use +[fetchlibs.sh](https://raw.githubusercontent.com/BinaryAnalysisPlatform/bap-frames/master/test/fetchlibs.sh) +to download arm and x86 libraries. + +# Notes + Only ARM, X86, X86-64, MIPS targets are supported in this branch. diff --git a/VERSION b/VERSION index 8104cabd36fb5..6b409d977b8f6 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -8.1.0 +8.1.2 diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index 7b3da8dc3abea..b4723016379ff 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -2458,7 +2458,7 @@ static int kvm_init(MachineState *ms) KVMState *s; const KVMCapabilityInfo *missing_cap; int ret; - int type = 0; + int type; uint64_t dirty_log_manual_caps; qemu_mutex_init(&kml_slots_lock); @@ -2523,6 +2523,8 @@ static int kvm_init(MachineState *ms) type = mc->kvm_type(ms, kvm_type); } else if (mc->kvm_type) { type = mc->kvm_type(ms, NULL); + } else { + type = kvm_arch_get_default_type(ms); } do { diff --git a/accel/tcg/cpu-exec-common.c b/accel/tcg/cpu-exec-common.c index 9a5fabf6258d4..7e35d7f4b58ee 100644 --- a/accel/tcg/cpu-exec-common.c +++ b/accel/tcg/cpu-exec-common.c @@ -33,36 +33,6 @@ void cpu_loop_exit_noexc(CPUState *cpu) cpu_loop_exit(cpu); } -#if defined(CONFIG_SOFTMMU) -void cpu_reloading_memory_map(void) -{ - if (qemu_in_vcpu_thread() && current_cpu->running) { - /* The guest can in theory prolong the RCU critical section as long - * as it feels like. The major problem with this is that because it - * can do multiple reconfigurations of the memory map within the - * critical section, we could potentially accumulate an unbounded - * collection of memory data structures awaiting reclamation. - * - * Because the only thing we're currently protecting with RCU is the - * memory data structures, it's sufficient to break the critical section - * in this callback, which we know will get called every time the - * memory map is rearranged. - * - * (If we add anything else in the system that uses RCU to protect - * its data structures, we will need to implement some other mechanism - * to force TCG CPUs to exit the critical section, at which point this - * part of this callback might become unnecessary.) - * - * This pair matches cpu_exec's rcu_read_lock()/rcu_read_unlock(), which - * only protects cpu->as->dispatch. Since we know our caller is about - * to reload it, it's safe to split the critical section. - */ - rcu_read_unlock(); - rcu_read_lock(); - } -} -#endif - void cpu_loop_exit(CPUState *cpu) { /* Undo the setting in cpu_tb_exec. */ diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c index e2c494e75ef39..4f5d15c0c3446 100644 --- a/accel/tcg/cpu-exec.c +++ b/accel/tcg/cpu-exec.c @@ -720,7 +720,7 @@ static inline bool cpu_handle_exception(CPUState *cpu, int *ret) && cpu_neg(cpu)->icount_decr.u16.low + cpu->icount_extra == 0) { /* Execute just one insn to trigger exception pending in the log */ cpu->cflags_next_tb = (curr_cflags(cpu) & ~CF_USE_ICOUNT) - | CF_NOIRQ | 1; + | CF_LAST_IO | CF_NOIRQ | 1; } #endif return false; @@ -1032,10 +1032,12 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc) last_tb = NULL; } #endif +#ifndef HAS_TRACEWRAP /* See if we can patch the calling TB. */ if (last_tb) { tb_add_jump(last_tb, tb_exit, tb); } +#endif cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit); diff --git a/accel/tcg/tb-maint.c b/accel/tcg/tb-maint.c index c406b2f7b794f..85684f2b3d8d4 100644 --- a/accel/tcg/tb-maint.c +++ b/accel/tcg/tb-maint.c @@ -1083,7 +1083,8 @@ bool tb_invalidate_phys_page_unwind(tb_page_addr_t addr, uintptr_t pc) if (current_tb_modified) { /* Force execution of one insn next time. */ CPUState *cpu = current_cpu; - cpu->cflags_next_tb = 1 | CF_NOIRQ | curr_cflags(current_cpu); + cpu->cflags_next_tb = + 1 | CF_LAST_IO | CF_NOIRQ | curr_cflags(current_cpu); return true; } return false; @@ -1153,7 +1154,8 @@ tb_invalidate_phys_page_range__locked(struct page_collection *pages, if (current_tb_modified) { page_collection_unlock(pages); /* Force execution of one insn next time. */ - current_cpu->cflags_next_tb = 1 | CF_NOIRQ | curr_cflags(current_cpu); + current_cpu->cflags_next_tb = + 1 | CF_LAST_IO | CF_NOIRQ | curr_cflags(current_cpu); mmap_unlock(); cpu_loop_exit_noexc(current_cpu); } diff --git a/accel/tcg/tcg-accel-ops-mttcg.c b/accel/tcg/tcg-accel-ops-mttcg.c index b2762620079dd..4b0dfb4be732c 100644 --- a/accel/tcg/tcg-accel-ops-mttcg.c +++ b/accel/tcg/tcg-accel-ops-mttcg.c @@ -100,14 +100,9 @@ static void *mttcg_cpu_thread_fn(void *arg) break; case EXCP_HALTED: /* - * during start-up the vCPU is reset and the thread is - * kicked several times. If we don't ensure we go back - * to sleep in the halted state we won't cleanly - * start-up when the vCPU is enabled. - * - * cpu->halted should ensure we sleep in wait_io_event + * Usually cpu->halted is set, but may have already been + * reset by another thread by the time we arrive here. */ - g_assert(cpu->halted); break; case EXCP_ATOMIC: qemu_mutex_unlock_iothread(); diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 1a6a5448c8fb1..358214d5265ef 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -16,26 +16,19 @@ #include "tcg/tcg-op-common.h" #include "internal.h" -static void gen_io_start(void) +static void set_can_do_io(DisasContextBase *db, bool val) { - tcg_gen_st_i32(tcg_constant_i32(1), cpu_env, - offsetof(ArchCPU, parent_obj.can_do_io) - - offsetof(ArchCPU, env)); + if (db->saved_can_do_io != val) { + db->saved_can_do_io = val; + tcg_gen_st_i32(tcg_constant_i32(val), cpu_env, + offsetof(ArchCPU, parent_obj.can_do_io) - + offsetof(ArchCPU, env)); + } } bool translator_io_start(DisasContextBase *db) { - uint32_t cflags = tb_cflags(db->tb); - - if (!(cflags & CF_USE_ICOUNT)) { - return false; - } - if (db->num_insns == db->max_insns && (cflags & CF_LAST_IO)) { - /* Already started in translator_loop. */ - return true; - } - - gen_io_start(); + set_can_do_io(db, true); /* * Ensure that this instruction will be the last in the TB. @@ -47,14 +40,17 @@ bool translator_io_start(DisasContextBase *db) return true; } -static TCGOp *gen_tb_start(uint32_t cflags) +static TCGOp *gen_tb_start(DisasContextBase *db, uint32_t cflags) { - TCGv_i32 count = tcg_temp_new_i32(); + TCGv_i32 count = NULL; TCGOp *icount_start_insn = NULL; - tcg_gen_ld_i32(count, cpu_env, - offsetof(ArchCPU, neg.icount_decr.u32) - - offsetof(ArchCPU, env)); + if ((cflags & CF_USE_ICOUNT) || !(cflags & CF_NOIRQ)) { + count = tcg_temp_new_i32(); + tcg_gen_ld_i32(count, cpu_env, + offsetof(ArchCPU, neg.icount_decr.u32) - + offsetof(ArchCPU, env)); + } if (cflags & CF_USE_ICOUNT) { /* @@ -84,18 +80,15 @@ static TCGOp *gen_tb_start(uint32_t cflags) tcg_gen_st16_i32(count, cpu_env, offsetof(ArchCPU, neg.icount_decr.u16.low) - offsetof(ArchCPU, env)); - /* - * cpu->can_do_io is cleared automatically here at the beginning of - * each translation block. The cost is minimal and only paid for - * -icount, plus it would be very easy to forget doing it in the - * translator. Doing it here means we don't need a gen_io_end() to - * go with gen_io_start(). - */ - tcg_gen_st_i32(tcg_constant_i32(0), cpu_env, - offsetof(ArchCPU, parent_obj.can_do_io) - - offsetof(ArchCPU, env)); } + /* + * cpu->can_do_io is set automatically here at the beginning of + * each translation block. The cost is minimal, plus it would be + * very easy to forget doing it in the translator. + */ + set_can_do_io(db, db->max_insns == 1 && (cflags & CF_LAST_IO)); + return icount_start_insn; } @@ -144,6 +137,7 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, db->num_insns = 0; db->max_insns = *max_insns; db->singlestep_enabled = cflags & CF_SINGLE_STEP; + db->saved_can_do_io = -1; db->host_addr[0] = host_pc; db->host_addr[1] = NULL; @@ -151,11 +145,17 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */ /* Start translating. */ - icount_start_insn = gen_tb_start(cflags); + icount_start_insn = gen_tb_start(db, cflags); ops->tb_start(db, cpu); tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */ - plugin_enabled = plugin_gen_tb_start(cpu, db, cflags & CF_MEMI_ONLY); + if (cflags & CF_MEMI_ONLY) { + /* We should only see CF_MEMI_ONLY for io_recompile. */ + assert(cflags & CF_LAST_IO); + plugin_enabled = plugin_gen_tb_start(cpu, db, true); + } else { + plugin_enabled = plugin_gen_tb_start(cpu, db, false); + } while (true) { *max_insns = ++db->num_insns; @@ -172,13 +172,9 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, the next instruction. */ if (db->num_insns == db->max_insns && (cflags & CF_LAST_IO)) { /* Accept I/O on the last instruction. */ - gen_io_start(); - ops->translate_insn(db, cpu); - } else { - /* we should only see CF_MEMI_ONLY for io_recompile */ - tcg_debug_assert(!(cflags & CF_MEMI_ONLY)); - ops->translate_insn(db, cpu); + set_can_do_io(db, true); } + ops->translate_insn(db, cpu); /* * We can't instrument after instructions that change control diff --git a/backends/tpm/tpm_util.c b/backends/tpm/tpm_util.c index a6e6d3e72f159..1856589c3b779 100644 --- a/backends/tpm/tpm_util.c +++ b/backends/tpm/tpm_util.c @@ -112,12 +112,8 @@ static int tpm_util_request(int fd, void *response, size_t responselen) { - fd_set readfds; + GPollFD fds[1] = { {.fd = fd, .events = G_IO_IN } }; int n; - struct timeval tv = { - .tv_sec = 1, - .tv_usec = 0, - }; n = write(fd, request, requestlen); if (n < 0) { @@ -127,11 +123,8 @@ static int tpm_util_request(int fd, return -EFAULT; } - FD_ZERO(&readfds); - FD_SET(fd, &readfds); - /* wait for a second */ - n = select(fd + 1, &readfds, NULL, NULL, &tv); + n = RETRY_ON_EINTR(g_poll(fds, 1, 1000)); if (n != 1) { return -errno; } diff --git a/block/file-posix.c b/block/file-posix.c index b16e9c21a1589..aa89789737ccc 100644 --- a/block/file-posix.c +++ b/block/file-posix.c @@ -1412,11 +1412,9 @@ static void raw_refresh_zoned_limits(BlockDriverState *bs, struct stat *st, BlockZoneModel zoned; int ret; - bs->bl.zoned = BLK_Z_NONE; - ret = get_sysfs_zoned_model(st, &zoned); if (ret < 0 || zoned == BLK_Z_NONE) { - return; + goto no_zoned; } bs->bl.zoned = zoned; @@ -1437,10 +1435,10 @@ static void raw_refresh_zoned_limits(BlockDriverState *bs, struct stat *st, if (ret < 0) { error_setg_errno(errp, -ret, "Unable to read chunk_sectors " "sysfs attribute"); - return; + goto no_zoned; } else if (!ret) { error_setg(errp, "Read 0 from chunk_sectors sysfs attribute"); - return; + goto no_zoned; } bs->bl.zone_size = ret << BDRV_SECTOR_BITS; @@ -1448,10 +1446,10 @@ static void raw_refresh_zoned_limits(BlockDriverState *bs, struct stat *st, if (ret < 0) { error_setg_errno(errp, -ret, "Unable to read nr_zones " "sysfs attribute"); - return; + goto no_zoned; } else if (!ret) { error_setg(errp, "Read 0 from nr_zones sysfs attribute"); - return; + goto no_zoned; } bs->bl.nr_zones = ret; @@ -1472,10 +1470,15 @@ static void raw_refresh_zoned_limits(BlockDriverState *bs, struct stat *st, ret = get_zones_wp(bs, s->fd, 0, bs->bl.nr_zones, 0); if (ret < 0) { error_setg_errno(errp, -ret, "report wps failed"); - bs->wps = NULL; - return; + goto no_zoned; } qemu_co_mutex_init(&bs->wps->colock); + return; + +no_zoned: + bs->bl.zoned = BLK_Z_NONE; + g_free(bs->wps); + bs->wps = NULL; } #else /* !defined(CONFIG_BLKZONED) */ static void raw_refresh_zoned_limits(BlockDriverState *bs, struct stat *st, @@ -2452,9 +2455,10 @@ static int coroutine_fn raw_co_prw(BlockDriverState *bs, uint64_t offset, if (fd_open(bs) < 0) return -EIO; #if defined(CONFIG_BLKZONED) - if ((type & (QEMU_AIO_WRITE | QEMU_AIO_ZONE_APPEND)) && bs->wps) { + if ((type & (QEMU_AIO_WRITE | QEMU_AIO_ZONE_APPEND)) && + bs->bl.zoned != BLK_Z_NONE) { qemu_co_mutex_lock(&bs->wps->colock); - if (type & QEMU_AIO_ZONE_APPEND && bs->bl.zone_size) { + if (type & QEMU_AIO_ZONE_APPEND) { int index = offset / bs->bl.zone_size; offset = bs->wps->wp[index]; } @@ -2502,11 +2506,10 @@ static int coroutine_fn raw_co_prw(BlockDriverState *bs, uint64_t offset, out: #if defined(CONFIG_BLKZONED) -{ - BlockZoneWps *wps = bs->wps; - if (ret == 0) { - if ((type & (QEMU_AIO_WRITE | QEMU_AIO_ZONE_APPEND)) - && wps && bs->bl.zone_size) { + if ((type & (QEMU_AIO_WRITE | QEMU_AIO_ZONE_APPEND)) && + bs->bl.zoned != BLK_Z_NONE) { + BlockZoneWps *wps = bs->wps; + if (ret == 0) { uint64_t *wp = &wps->wp[offset / bs->bl.zone_size]; if (!BDRV_ZT_IS_CONV(*wp)) { if (type & QEMU_AIO_ZONE_APPEND) { @@ -2519,17 +2522,12 @@ static int coroutine_fn raw_co_prw(BlockDriverState *bs, uint64_t offset, *wp = offset + bytes; } } - } - } else { - if (type & (QEMU_AIO_WRITE | QEMU_AIO_ZONE_APPEND)) { + } else { update_zones_wp(bs, s->fd, 0, 1); } - } - if ((type & (QEMU_AIO_WRITE | QEMU_AIO_ZONE_APPEND)) && wps) { qemu_co_mutex_unlock(&wps->colock); } -} #endif return ret; } diff --git a/chardev/char-pty.c b/chardev/char-pty.c index 4e5deac18aee5..cc2f7617fe7f9 100644 --- a/chardev/char-pty.c +++ b/chardev/char-pty.c @@ -106,11 +106,27 @@ static void pty_chr_update_read_handler(Chardev *chr) static int char_pty_chr_write(Chardev *chr, const uint8_t *buf, int len) { PtyChardev *s = PTY_CHARDEV(chr); + GPollFD pfd; + int rc; - if (!s->connected) { - return len; + if (s->connected) { + return io_channel_send(s->ioc, buf, len); } - return io_channel_send(s->ioc, buf, len); + + /* + * The other side might already be re-connected, but the timer might + * not have fired yet. So let's check here whether we can write again: + */ + pfd.fd = QIO_CHANNEL_FILE(s->ioc)->fd; + pfd.events = G_IO_OUT; + pfd.revents = 0; + rc = RETRY_ON_EINTR(g_poll(&pfd, 1, 0)); + g_assert(rc >= 0); + if (!(pfd.revents & G_IO_HUP) && (pfd.revents & G_IO_OUT)) { + io_channel_send(s->ioc, buf, len); + } + + return len; } static GSource *pty_chr_add_watch(Chardev *chr, GIOCondition cond) diff --git a/configure b/configure index 133f4e3235125..1fb06ee78fa76 100755 --- a/configure +++ b/configure @@ -202,6 +202,16 @@ EXTRA_LDFLAGS="" # is impossible without a --enable-foo that exits if a feature is not found. default_feature="" +# 3. Automatically enable/disable other options +tcg="enabled" +cfi="false" + +# 4. Detection partly done in configure +xen=${default_feature:+disabled} + +tracewrap="false" + +# parse CC options second for opt do optarg=$(expr "x$opt" : 'x[^=]*=\(.*\)') case "$opt" in @@ -728,6 +738,10 @@ for opt do ;; --without-default-devices) meson_option_add -Ddefault_devices=false ;; + --with-tracewrap=*) + tracewrap="true" + tracewrap_dir="$optarg" + ;; --with-devices-*[!a-zA-Z0-9_-]*=*) error_exit "Passed bad --with-devices-FOO option" ;; --with-devices-*) device_arch=${opt#--with-devices-}; @@ -1937,6 +1951,8 @@ if test "$skip_meson" = no; then test "$qemu_suffix" != qemu && meson_option_add "-Dqemu_suffix=$qemu_suffix" test "$smbd" != '' && meson_option_add "-Dsmbd=$smbd" test "$tcg" != enabled && meson_option_add "-Dtcg=$tcg" + test "$tracewrap" != '' && meson_option_add "-Dtracewrap=$tracewrap" + test "$tracewrap_dir" != '' && meson_option_add "-Dtracewrap_dir=$tracewrap_dir" run_meson() { NINJA=$ninja $meson setup --prefix "$prefix" "$@" $cross_arg "$PWD" "$source_path" } diff --git a/disas/riscv.c b/disas/riscv.c index 3873a69157697..8e89e1d1157e4 100644 --- a/disas/riscv.c +++ b/disas/riscv.c @@ -2116,8 +2116,8 @@ static const char *csr_name(int csrno) case 0x03ba: return "pmpaddr10"; case 0x03bb: return "pmpaddr11"; case 0x03bc: return "pmpaddr12"; - case 0x03bd: return "pmpaddr14"; - case 0x03be: return "pmpaddr13"; + case 0x03bd: return "pmpaddr13"; + case 0x03be: return "pmpaddr14"; case 0x03bf: return "pmpaddr15"; case 0x0780: return "mtohost"; case 0x0781: return "mfromhost"; diff --git a/docs/about/license.rst b/docs/about/license.rst index cde3d2d25d73e..303c55d61b498 100644 --- a/docs/about/license.rst +++ b/docs/about/license.rst @@ -8,4 +8,4 @@ QEMU is a trademark of Fabrice Bellard. QEMU is released under the `GNU General Public License `__, version 2. Parts of QEMU have specific licenses, see file -`LICENSE `__. +`LICENSE `__. diff --git a/docs/multi-thread-compression.txt b/docs/multi-thread-compression.txt index bb88c6bdf11c2..95b1556f67b8a 100644 --- a/docs/multi-thread-compression.txt +++ b/docs/multi-thread-compression.txt @@ -117,13 +117,13 @@ to support the multiple thread compression migration: {qemu} migrate_set_capability compress on 3. Set the compression thread count on source: - {qemu} migrate_set_parameter compress_threads 12 + {qemu} migrate_set_parameter compress-threads 12 4. Set the compression level on the source: - {qemu} migrate_set_parameter compress_level 1 + {qemu} migrate_set_parameter compress-level 1 5. Set the decompression thread count on destination: - {qemu} migrate_set_parameter decompress_threads 3 + {qemu} migrate_set_parameter decompress-threads 3 6. Start outgoing migration: {qemu} migrate -d tcp:destination.host:4444 @@ -133,9 +133,9 @@ to support the multiple thread compression migration: The following are the default settings: compress: off - compress_threads: 8 - decompress_threads: 2 - compress_level: 1 (which means best speed) + compress-threads: 8 + decompress-threads: 2 + compress-level: 1 (which means best speed) So, only the first two steps are required to use the multiple thread compression in migration. You can do more if the default diff --git a/docs/rdma.txt b/docs/rdma.txt index 2b4cdea1d8d22..bd8dd799a9ebe 100644 --- a/docs/rdma.txt +++ b/docs/rdma.txt @@ -89,7 +89,7 @@ RUNNING: First, set the migration speed to match your hardware's capabilities: QEMU Monitor Command: -$ migrate_set_parameter max_bandwidth 40g # or whatever is the MAX of your RDMA device +$ migrate_set_parameter max-bandwidth 40g # or whatever is the MAX of your RDMA device Next, on the destination machine, add the following to the QEMU command line: diff --git a/docs/system/arm/emulation.rst b/docs/system/arm/emulation.rst index bdafc68819bb3..d47b78eca92e9 100644 --- a/docs/system/arm/emulation.rst +++ b/docs/system/arm/emulation.rst @@ -14,6 +14,7 @@ the following architecture extensions: - FEAT_BBM at level 2 (Translation table break-before-make levels) - FEAT_BF16 (AArch64 BFloat16 instructions) - FEAT_BTI (Branch Target Identification) +- FEAT_CRC32 (CRC32 instructions) - FEAT_CSV2 (Cache speculation variant 2) - FEAT_CSV2_1p1 (Cache speculation variant 2, version 1.1) - FEAT_CSV2_1p2 (Cache speculation variant 2, version 1.2) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index 720f22531a690..24fa169060069 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -761,6 +761,10 @@ static void do_cpu_reset(void *opaque) if (cpu_isar_feature(aa64_hcx, cpu)) { env->cp15.scr_el3 |= SCR_HXEN; } + if (cpu_isar_feature(aa64_fgt, cpu)) { + env->cp15.scr_el3 |= SCR_FGTEN; + } + /* AArch64 kernels never boot in secure mode */ assert(!info->secure_boot); /* This hook is only supported for AArch32 currently: diff --git a/hw/audio/es1370.c b/hw/audio/es1370.c index 4f738a0ad8813..9a8e29c39c82a 100644 --- a/hw/audio/es1370.c +++ b/hw/audio/es1370.c @@ -502,7 +502,7 @@ static void es1370_write(void *opaque, hwaddr addr, uint64_t val, unsigned size) case ES1370_REG_DAC2_SCOUNT: case ES1370_REG_ADC_SCOUNT: d += (addr - ES1370_REG_DAC1_SCOUNT) >> 2; - d->scount = (val & 0xffff) | (d->scount & ~0xffff); + d->scount = (val & 0xffff) << 16 | (val & 0xffff); ldebug ("chan %td CURR_SAMP_CT %d, SAMP_CT %d\n", d - &s->chan[0], val >> 16, (val & 0xffff)); break; diff --git a/hw/char/riscv_htif.c b/hw/char/riscv_htif.c index 37d3ccc76b8af..40de6b8b77588 100644 --- a/hw/char/riscv_htif.c +++ b/hw/char/riscv_htif.c @@ -30,6 +30,7 @@ #include "qemu/timer.h" #include "qemu/error-report.h" #include "exec/address-spaces.h" +#include "exec/tswap.h" #include "sysemu/dma.h" #define RISCV_DEBUG_HTIF 0 @@ -209,11 +210,11 @@ static void htif_handle_tohost_write(HTIFState *s, uint64_t val_written) } else { uint64_t syscall[8]; cpu_physical_memory_read(payload, syscall, sizeof(syscall)); - if (syscall[0] == PK_SYS_WRITE && - syscall[1] == HTIF_DEV_CONSOLE && - syscall[3] == HTIF_CONSOLE_CMD_PUTC) { + if (tswap64(syscall[0]) == PK_SYS_WRITE && + tswap64(syscall[1]) == HTIF_DEV_CONSOLE && + tswap64(syscall[3]) == HTIF_CONSOLE_CMD_PUTC) { uint8_t ch; - cpu_physical_memory_read(syscall[2], &ch, 1); + cpu_physical_memory_read(tswap64(syscall[2]), &ch, 1); qemu_chr_fe_write(&s->chr, &ch, 1); resp = 0x100 | (uint8_t)payload; } else { @@ -232,7 +233,8 @@ static void htif_handle_tohost_write(HTIFState *s, uint64_t val_written) s->tohost = 0; /* clear to indicate we read */ return; } else if (cmd == HTIF_CONSOLE_CMD_PUTC) { - qemu_chr_fe_write(&s->chr, (uint8_t *)&payload, 1); + uint8_t ch = (uint8_t)payload; + qemu_chr_fe_write(&s->chr, &ch, 1); resp = 0x100 | (uint8_t)payload; } else { qemu_log("HTIF device %d: unknown command\n", device); diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c index 034c7805b3ecd..f0920da956de8 100644 --- a/hw/cxl/cxl-host.c +++ b/hw/cxl/cxl-host.c @@ -39,12 +39,6 @@ static void cxl_fixed_memory_window_config(CXLState *cxl_state, return; } - fw->targets = g_malloc0_n(fw->num_targets, sizeof(*fw->targets)); - for (i = 0, target = object->targets; target; i++, target = target->next) { - /* This link cannot be resolved yet, so stash the name for now */ - fw->targets[i] = g_strdup(target->value); - } - if (object->size % (256 * MiB)) { error_setg(errp, "Size of a CXL fixed memory window must be a multiple of 256MiB"); @@ -64,6 +58,12 @@ static void cxl_fixed_memory_window_config(CXLState *cxl_state, fw->enc_int_gran = 0; } + fw->targets = g_malloc0_n(fw->num_targets, sizeof(*fw->targets)); + for (i = 0, target = object->targets; target; i++, target = target->next) { + /* This link cannot be resolved yet, so stash the name for now */ + fw->targets[i] = g_strdup(target->value); + } + cxl_state->fixed_windows = g_list_append(cxl_state->fixed_windows, g_steal_pointer(&fw)); diff --git a/hw/display/qxl.c b/hw/display/qxl.c index f1c0eb7dfcf0e..70b73820b204b 100644 --- a/hw/display/qxl.c +++ b/hw/display/qxl.c @@ -1591,7 +1591,10 @@ static void qxl_set_mode(PCIQXLDevice *d, unsigned int modenr, int loadvm) } d->guest_slots[0].slot = slot; - assert(qxl_add_memslot(d, 0, devmem, QXL_SYNC) == 0); + if (qxl_add_memslot(d, 0, devmem, QXL_SYNC) != 0) { + qxl_set_guest_bug(d, "device isn't initialized yet"); + return; + } d->guest_primary.surface = surface; qxl_create_guest_primary(d, 0, QXL_SYNC); diff --git a/hw/display/ramfb.c b/hw/display/ramfb.c index 79b9754a58209..c2b002d53480c 100644 --- a/hw/display/ramfb.c +++ b/hw/display/ramfb.c @@ -97,6 +97,7 @@ static void ramfb_fw_cfg_write(void *dev, off_t offset, size_t len) s->width = width; s->height = height; + qemu_free_displaysurface(s->ds); s->ds = surface; } diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c index bbd5c6561a0f3..93857ad523f73 100644 --- a/hw/display/virtio-gpu.c +++ b/hw/display/virtio-gpu.c @@ -1283,7 +1283,9 @@ static int virtio_gpu_load(QEMUFile *f, void *opaque, size_t size, g_free(res); return -EINVAL; } - +#ifdef WIN32 + pixman_image_set_destroy_function(res->image, win32_pixman_image_destroy, res->handle); +#endif res->addrs = g_new(uint64_t, res->iov_cnt); res->iov = g_new(struct iovec, res->iov_cnt); diff --git a/hw/i2c/aspeed_i2c.c b/hw/i2c/aspeed_i2c.c index 1f071a3811f7a..44905d7899986 100644 --- a/hw/i2c/aspeed_i2c.c +++ b/hw/i2c/aspeed_i2c.c @@ -226,7 +226,7 @@ static int aspeed_i2c_dma_read(AspeedI2CBus *bus, uint8_t *data) return 0; } -static int aspeed_i2c_bus_send(AspeedI2CBus *bus, uint8_t pool_start) +static int aspeed_i2c_bus_send(AspeedI2CBus *bus) { AspeedI2CClass *aic = ASPEED_I2C_GET_CLASS(bus->controller); int ret = -1; @@ -236,10 +236,10 @@ static int aspeed_i2c_bus_send(AspeedI2CBus *bus, uint8_t pool_start) uint32_t reg_byte_buf = aspeed_i2c_bus_byte_buf_offset(bus); uint32_t reg_dma_len = aspeed_i2c_bus_dma_len_offset(bus); int pool_tx_count = SHARED_ARRAY_FIELD_EX32(bus->regs, reg_pool_ctrl, - TX_COUNT); + TX_COUNT) + 1; if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, TX_BUFF_EN)) { - for (i = pool_start; i < pool_tx_count; i++) { + for (i = 0; i < pool_tx_count; i++) { uint8_t *pool_base = aic->bus_pool_base(bus); trace_aspeed_i2c_bus_send("BUF", i + 1, pool_tx_count, @@ -273,7 +273,7 @@ static int aspeed_i2c_bus_send(AspeedI2CBus *bus, uint8_t pool_start) } SHARED_ARRAY_FIELD_DP32(bus->regs, reg_cmd, TX_DMA_EN, 0); } else { - trace_aspeed_i2c_bus_send("BYTE", pool_start, 1, + trace_aspeed_i2c_bus_send("BYTE", 0, 1, bus->regs[reg_byte_buf]); ret = i2c_send(bus->bus, bus->regs[reg_byte_buf]); } @@ -293,7 +293,7 @@ static void aspeed_i2c_bus_recv(AspeedI2CBus *bus) uint32_t reg_dma_len = aspeed_i2c_bus_dma_len_offset(bus); uint32_t reg_dma_addr = aspeed_i2c_bus_dma_addr_offset(bus); int pool_rx_count = SHARED_ARRAY_FIELD_EX32(bus->regs, reg_pool_ctrl, - RX_COUNT); + RX_SIZE) + 1; if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, RX_BUFF_EN)) { uint8_t *pool_base = aic->bus_pool_base(bus); @@ -418,7 +418,7 @@ static void aspeed_i2c_bus_cmd_dump(AspeedI2CBus *bus) uint32_t reg_intr_sts = aspeed_i2c_bus_intr_sts_offset(bus); uint32_t reg_dma_len = aspeed_i2c_bus_dma_len_offset(bus); if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, RX_BUFF_EN)) { - count = SHARED_ARRAY_FIELD_EX32(bus->regs, reg_pool_ctrl, TX_COUNT); + count = SHARED_ARRAY_FIELD_EX32(bus->regs, reg_pool_ctrl, TX_COUNT) + 1; } else if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, RX_DMA_EN)) { count = bus->regs[reg_dma_len]; } else { /* BYTE mode */ @@ -446,10 +446,8 @@ static void aspeed_i2c_bus_cmd_dump(AspeedI2CBus *bus) */ static void aspeed_i2c_bus_handle_cmd(AspeedI2CBus *bus, uint64_t value) { - uint8_t pool_start = 0; uint32_t reg_intr_sts = aspeed_i2c_bus_intr_sts_offset(bus); uint32_t reg_cmd = aspeed_i2c_bus_cmd_offset(bus); - uint32_t reg_pool_ctrl = aspeed_i2c_bus_pool_ctrl_offset(bus); uint32_t reg_dma_len = aspeed_i2c_bus_dma_len_offset(bus); if (!aspeed_i2c_check_sram(bus)) { @@ -483,27 +481,11 @@ static void aspeed_i2c_bus_handle_cmd(AspeedI2CBus *bus, uint64_t value) SHARED_ARRAY_FIELD_DP32(bus->regs, reg_cmd, M_START_CMD, 0); - /* - * The START command is also a TX command, as the slave - * address is sent on the bus. Drop the TX flag if nothing - * else needs to be sent in this sequence. - */ - if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, TX_BUFF_EN)) { - if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_pool_ctrl, TX_COUNT) - == 1) { - SHARED_ARRAY_FIELD_DP32(bus->regs, reg_cmd, M_TX_CMD, 0); - } else { - /* - * Increase the start index in the TX pool buffer to - * skip the address byte. - */ - pool_start++; - } - } else if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, TX_DMA_EN)) { + if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, TX_DMA_EN)) { if (bus->regs[reg_dma_len] == 0) { SHARED_ARRAY_FIELD_DP32(bus->regs, reg_cmd, M_TX_CMD, 0); } - } else { + } else if (!SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, TX_BUFF_EN)) { SHARED_ARRAY_FIELD_DP32(bus->regs, reg_cmd, M_TX_CMD, 0); } @@ -520,7 +502,7 @@ static void aspeed_i2c_bus_handle_cmd(AspeedI2CBus *bus, uint64_t value) if (SHARED_ARRAY_FIELD_EX32(bus->regs, reg_cmd, M_TX_CMD)) { aspeed_i2c_set_state(bus, I2CD_MTXD); - if (aspeed_i2c_bus_send(bus, pool_start)) { + if (aspeed_i2c_bus_send(bus)) { SHARED_ARRAY_FIELD_DP32(bus->regs, reg_intr_sts, TX_NAK, 1); i2c_end_transfer(bus->bus); } else { diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c index 9c77304438431..9b7c6e2921fd5 100644 --- a/hw/i386/amd_iommu.c +++ b/hw/i386/amd_iommu.c @@ -1246,13 +1246,8 @@ static int amdvi_int_remap_msi(AMDVIState *iommu, return -AMDVI_IR_ERR; } - if (origin->address & AMDVI_MSI_ADDR_HI_MASK) { - trace_amdvi_err("MSI address high 32 bits non-zero when " - "Interrupt Remapping enabled."); - return -AMDVI_IR_ERR; - } - - if ((origin->address & AMDVI_MSI_ADDR_LO_MASK) != APIC_DEFAULT_ADDRESS) { + if (origin->address < AMDVI_INT_ADDR_FIRST || + origin->address + sizeof(origin->data) > AMDVI_INT_ADDR_LAST + 1) { trace_amdvi_err("MSI is not from IOAPIC."); return -AMDVI_IR_ERR; } diff --git a/hw/i386/amd_iommu.h b/hw/i386/amd_iommu.h index 6da893ee57141..c5065a3e27729 100644 --- a/hw/i386/amd_iommu.h +++ b/hw/i386/amd_iommu.h @@ -210,8 +210,6 @@ #define AMDVI_INT_ADDR_FIRST 0xfee00000 #define AMDVI_INT_ADDR_LAST 0xfeefffff #define AMDVI_INT_ADDR_SIZE (AMDVI_INT_ADDR_LAST - AMDVI_INT_ADDR_FIRST + 1) -#define AMDVI_MSI_ADDR_HI_MASK (0xffffffff00000000ULL) -#define AMDVI_MSI_ADDR_LO_MASK (0x00000000ffffffffULL) /* SB IOAPIC is always on this device in AMD systems */ #define AMDVI_IOAPIC_SB_DEVID PCI_BUILD_BDF(0, PCI_DEVFN(0x14, 0)) diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c index 48d550f63329f..d0a774bc17148 100644 --- a/hw/ide/ahci.c +++ b/hw/ide/ahci.c @@ -41,9 +41,10 @@ #include "trace.h" static void check_cmd(AHCIState *s, int port); -static int handle_cmd(AHCIState *s, int port, uint8_t slot); +static void handle_cmd(AHCIState *s, int port, uint8_t slot); static void ahci_reset_port(AHCIState *s, int port); -static bool ahci_write_fis_d2h(AHCIDevice *ad); +static bool ahci_write_fis_d2h(AHCIDevice *ad, bool d2h_fis_i); +static void ahci_clear_cmd_issue(AHCIDevice *ad, uint8_t slot); static void ahci_init_d2h(AHCIDevice *ad); static int ahci_dma_prepare_buf(const IDEDMA *dma, int32_t limit); static bool ahci_map_clb_address(AHCIDevice *ad); @@ -328,6 +329,11 @@ static void ahci_port_write(AHCIState *s, int port, int offset, uint32_t val) ahci_check_irq(s); break; case AHCI_PORT_REG_CMD: + if ((pr->cmd & PORT_CMD_START) && !(val & PORT_CMD_START)) { + pr->scr_act = 0; + pr->cmd_issue = 0; + } + /* Block any Read-only fields from being set; * including LIST_ON and FIS_ON. * The spec requires to set ICC bits to zero after the ICC change @@ -591,9 +597,8 @@ static void check_cmd(AHCIState *s, int port) if ((pr->cmd & PORT_CMD_START) && pr->cmd_issue) { for (slot = 0; (slot < 32) && pr->cmd_issue; slot++) { - if ((pr->cmd_issue & (1U << slot)) && - !handle_cmd(s, port, slot)) { - pr->cmd_issue &= ~(1U << slot); + if (pr->cmd_issue & (1U << slot)) { + handle_cmd(s, port, slot); } } } @@ -618,7 +623,7 @@ static void ahci_init_d2h(AHCIDevice *ad) return; } - if (ahci_write_fis_d2h(ad)) { + if (ahci_write_fis_d2h(ad, true)) { ad->init_d2h_sent = true; /* We're emulating receiving the first Reg H2D Fis from the device; * Update the SIG register, but otherwise proceed as normal. */ @@ -801,8 +806,14 @@ static void ahci_write_fis_sdb(AHCIState *s, NCQTransferState *ncq_tfs) pr->scr_act &= ~ad->finished; ad->finished = 0; - /* Trigger IRQ if interrupt bit is set (which currently, it always is) */ - if (sdb_fis->flags & 0x40) { + /* + * TFES IRQ is always raised if ERR_STAT is set, regardless of I bit. + * If ERR_STAT is not set, trigger SDBS IRQ if interrupt bit is set + * (which currently, it always is). + */ + if (sdb_fis->status & ERR_STAT) { + ahci_trigger_irq(s, ad, AHCI_PORT_IRQ_BIT_TFES); + } else if (sdb_fis->flags & 0x40) { ahci_trigger_irq(s, ad, AHCI_PORT_IRQ_BIT_SDBS); } } @@ -850,7 +861,7 @@ static void ahci_write_fis_pio(AHCIDevice *ad, uint16_t len, bool pio_fis_i) } } -static bool ahci_write_fis_d2h(AHCIDevice *ad) +static bool ahci_write_fis_d2h(AHCIDevice *ad, bool d2h_fis_i) { AHCIPortRegs *pr = &ad->port_regs; uint8_t *d2h_fis; @@ -864,7 +875,7 @@ static bool ahci_write_fis_d2h(AHCIDevice *ad) d2h_fis = &ad->res_fis[RES_FIS_RFIS]; d2h_fis[0] = SATA_FIS_TYPE_REGISTER_D2H; - d2h_fis[1] = (1 << 6); /* interrupt bit */ + d2h_fis[1] = d2h_fis_i ? (1 << 6) : 0; /* interrupt bit */ d2h_fis[2] = s->status; d2h_fis[3] = s->error; @@ -890,7 +901,10 @@ static bool ahci_write_fis_d2h(AHCIDevice *ad) ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_TFES); } - ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_DHRS); + if (d2h_fis_i) { + ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_DHRS); + } + return true; } @@ -998,7 +1012,6 @@ static void ncq_err(NCQTransferState *ncq_tfs) ide_state->error = ABRT_ERR; ide_state->status = READY_STAT | ERR_STAT; - ncq_tfs->drive->port_regs.scr_err |= (1 << ncq_tfs->tag); qemu_sglist_destroy(&ncq_tfs->sglist); ncq_tfs->used = 0; } @@ -1008,7 +1021,7 @@ static void ncq_finish(NCQTransferState *ncq_tfs) /* If we didn't error out, set our finished bit. Errored commands * do not get a bit set for the SDB FIS ACT register, nor do they * clear the outstanding bit in scr_act (PxSACT). */ - if (!(ncq_tfs->drive->port_regs.scr_err & (1 << ncq_tfs->tag))) { + if (ncq_tfs->used) { ncq_tfs->drive->finished |= (1 << ncq_tfs->tag); } @@ -1120,6 +1133,24 @@ static void process_ncq_command(AHCIState *s, int port, const uint8_t *cmd_fis, return; } + /* + * A NCQ command clears the bit in PxCI after the command has been QUEUED + * successfully (ERROR not set, BUSY and DRQ cleared). + * + * For NCQ commands, PxCI will always be cleared here. + * + * (Once the NCQ command is COMPLETED, the device will send a SDB FIS with + * the interrupt bit set, which will clear PxSACT and raise an interrupt.) + */ + ahci_clear_cmd_issue(ad, slot); + + /* + * In reality, for NCQ commands, PxCI is cleared after receiving a D2H FIS + * without the interrupt bit set, but since ahci_write_fis_d2h() can raise + * an IRQ on error, we need to call them in reverse order. + */ + ahci_write_fis_d2h(ad, false); + ncq_tfs->used = 1; ncq_tfs->drive = ad; ncq_tfs->slot = slot; @@ -1192,6 +1223,7 @@ static void handle_reg_h2d_fis(AHCIState *s, int port, { IDEState *ide_state = &s->dev[port].port.ifs[0]; AHCICmdHdr *cmd = get_cmd_header(s, port, slot); + AHCIDevice *ad = &s->dev[port]; uint16_t opts = le16_to_cpu(cmd->opts); if (cmd_fis[1] & 0x0F) { @@ -1268,11 +1300,19 @@ static void handle_reg_h2d_fis(AHCIState *s, int port, /* Reset transferred byte counter */ cmd->status = 0; + /* + * A non-NCQ command clears the bit in PxCI after the command has COMPLETED + * successfully (ERROR not set, BUSY and DRQ cleared). + * + * For non-NCQ commands, PxCI will always be cleared by ahci_cmd_done(). + */ + ad->busy_slot = slot; + /* We're ready to process the command in FIS byte 2. */ ide_bus_exec_cmd(&s->dev[port].port, cmd_fis[2]); } -static int handle_cmd(AHCIState *s, int port, uint8_t slot) +static void handle_cmd(AHCIState *s, int port, uint8_t slot) { IDEState *ide_state; uint64_t tbl_addr; @@ -1283,12 +1323,12 @@ static int handle_cmd(AHCIState *s, int port, uint8_t slot) if (s->dev[port].port.ifs[0].status & (BUSY_STAT|DRQ_STAT)) { /* Engine currently busy, try again later */ trace_handle_cmd_busy(s, port); - return -1; + return; } if (!s->dev[port].lst) { trace_handle_cmd_nolist(s, port); - return -1; + return; } cmd = get_cmd_header(s, port, slot); /* remember current slot handle for later */ @@ -1298,7 +1338,7 @@ static int handle_cmd(AHCIState *s, int port, uint8_t slot) ide_state = &s->dev[port].port.ifs[0]; if (!ide_state->blk) { trace_handle_cmd_badport(s, port); - return -1; + return; } tbl_addr = le64_to_cpu(cmd->tbl_addr); @@ -1307,7 +1347,7 @@ static int handle_cmd(AHCIState *s, int port, uint8_t slot) DMA_DIRECTION_TO_DEVICE, MEMTXATTRS_UNSPECIFIED); if (!cmd_fis) { trace_handle_cmd_badfis(s, port); - return -1; + return; } else if (cmd_len != 0x80) { ahci_trigger_irq(s, &s->dev[port], AHCI_PORT_IRQ_BIT_HBFS); trace_handle_cmd_badmap(s, port, cmd_len); @@ -1331,15 +1371,6 @@ static int handle_cmd(AHCIState *s, int port, uint8_t slot) out: dma_memory_unmap(s->as, cmd_fis, cmd_len, DMA_DIRECTION_TO_DEVICE, cmd_len); - - if (s->dev[port].port.ifs[0].status & (BUSY_STAT|DRQ_STAT)) { - /* async command, complete later */ - s->dev[port].busy_slot = slot; - return -1; - } - - /* done handling the command */ - return 0; } /* Transfer PIO data between RAM and device */ @@ -1493,22 +1524,39 @@ static int ahci_dma_rw_buf(const IDEDMA *dma, bool is_write) return 1; } +static void ahci_clear_cmd_issue(AHCIDevice *ad, uint8_t slot) +{ + IDEState *ide_state = &ad->port.ifs[0]; + + if (!(ide_state->status & ERR_STAT) && + !(ide_state->status & (BUSY_STAT | DRQ_STAT))) { + ad->port_regs.cmd_issue &= ~(1 << slot); + } +} + +/* Non-NCQ command is done - This function is never called for NCQ commands. */ static void ahci_cmd_done(const IDEDMA *dma) { AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); + IDEState *ide_state = &ad->port.ifs[0]; trace_ahci_cmd_done(ad->hba, ad->port_no); /* no longer busy */ if (ad->busy_slot != -1) { - ad->port_regs.cmd_issue &= ~(1 << ad->busy_slot); + ahci_clear_cmd_issue(ad, ad->busy_slot); ad->busy_slot = -1; } - /* update d2h status */ - ahci_write_fis_d2h(ad); + /* + * In reality, for non-NCQ commands, PxCI is cleared after receiving a D2H + * FIS with the interrupt bit set, but since ahci_write_fis_d2h() will raise + * an IRQ, we need to call them in reverse order. + */ + ahci_write_fis_d2h(ad, true); - if (ad->port_regs.cmd_issue && !ad->check_bh) { + if (!(ide_state->status & ERR_STAT) && + ad->port_regs.cmd_issue && !ad->check_bh) { ad->check_bh = qemu_bh_new_guarded(ahci_check_cmd_bh, ad, &ad->mem_reentrancy_guard); qemu_bh_schedule(ad->check_bh); diff --git a/hw/ide/core.c b/hw/ide/core.c index de48ff9f86386..07971c021824f 100644 --- a/hw/ide/core.c +++ b/hw/ide/core.c @@ -533,9 +533,9 @@ BlockAIOCB *ide_issue_trim( void ide_abort_command(IDEState *s) { - ide_transfer_stop(s); s->status = READY_STAT | ERR_STAT; s->error = ABRT_ERR; + ide_transfer_stop(s); } static void ide_set_retry(IDEState *s) diff --git a/hw/intc/riscv_aclint.c b/hw/intc/riscv_aclint.c index b466a6abafc55..25cf7a5d9d822 100644 --- a/hw/intc/riscv_aclint.c +++ b/hw/intc/riscv_aclint.c @@ -64,13 +64,13 @@ static void riscv_aclint_mtimer_write_timecmp(RISCVAclintMTimerState *mtimer, uint64_t next; uint64_t diff; - uint64_t rtc_r = cpu_riscv_read_rtc(mtimer); + uint64_t rtc = cpu_riscv_read_rtc(mtimer); /* Compute the relative hartid w.r.t the socket */ hartid = hartid - mtimer->hartid_base; mtimer->timecmp[hartid] = value; - if (mtimer->timecmp[hartid] <= rtc_r) { + if (mtimer->timecmp[hartid] <= rtc) { /* * If we're setting an MTIMECMP value in the "past", * immediately raise the timer interrupt @@ -81,7 +81,7 @@ static void riscv_aclint_mtimer_write_timecmp(RISCVAclintMTimerState *mtimer, /* otherwise, set up the future timer interrupt */ qemu_irq_lower(mtimer->timer_irqs[hartid]); - diff = mtimer->timecmp[hartid] - rtc_r; + diff = mtimer->timecmp[hartid] - rtc; /* back to ns (note args switched in muldiv64) */ uint64_t ns_diff = muldiv64(diff, NANOSECONDS_PER_SECOND, timebase_freq); @@ -208,11 +208,12 @@ static void riscv_aclint_mtimer_write(void *opaque, hwaddr addr, return; } else if (addr == mtimer->time_base || addr == mtimer->time_base + 4) { uint64_t rtc_r = cpu_riscv_read_rtc_raw(mtimer->timebase_freq); + uint64_t rtc = cpu_riscv_read_rtc(mtimer); if (addr == mtimer->time_base) { if (size == 4) { /* time_lo for RV32/RV64 */ - mtimer->time_delta = ((rtc_r & ~0xFFFFFFFFULL) | value) - rtc_r; + mtimer->time_delta = ((rtc & ~0xFFFFFFFFULL) | value) - rtc_r; } else { /* time for RV64 */ mtimer->time_delta = value - rtc_r; @@ -220,7 +221,7 @@ static void riscv_aclint_mtimer_write(void *opaque, hwaddr addr, } else { if (size == 4) { /* time_hi for RV32/RV64 */ - mtimer->time_delta = (value << 32 | (rtc_r & 0xFFFFFFFF)) - rtc_r; + mtimer->time_delta = (value << 32 | (rtc & 0xFFFFFFFF)) - rtc_r; } else { qemu_log_mask(LOG_GUEST_ERROR, "aclint-mtimer: invalid time_hi write: %08x", diff --git a/hw/mips/loongson3_virt.c b/hw/mips/loongson3_virt.c index 3ad0a223df7e0..b74b358874f9d 100644 --- a/hw/mips/loongson3_virt.c +++ b/hw/mips/loongson3_virt.c @@ -29,7 +29,6 @@ #include "qemu/datadir.h" #include "qapi/error.h" #include "elf.h" -#include "kvm_mips.h" #include "hw/char/serial.h" #include "hw/intc/loongson_liointc.h" #include "hw/mips/mips.h" @@ -612,7 +611,6 @@ static void loongson3v_machine_class_init(ObjectClass *oc, void *data) mc->max_cpus = LOONGSON_MAX_VCPUS; mc->default_ram_id = "loongson3.highram"; mc->default_ram_size = 1600 * MiB; - mc->kvm_type = mips_kvm_type; mc->minimum_page_bits = 14; mc->default_nic = "virtio-net-pci"; } diff --git a/hw/net/vmxnet3.c b/hw/net/vmxnet3.c index 5dfacb1098531..3fb108751a2c5 100644 --- a/hw/net/vmxnet3.c +++ b/hw/net/vmxnet3.c @@ -1439,7 +1439,10 @@ static void vmxnet3_activate_device(VMXNET3State *s) vmxnet3_setup_rx_filtering(s); /* Cache fields from shared memory */ s->mtu = VMXNET3_READ_DRV_SHARED32(d, s->drv_shmem, devRead.misc.mtu); - assert(VMXNET3_MIN_MTU <= s->mtu && s->mtu <= VMXNET3_MAX_MTU); + if (s->mtu < VMXNET3_MIN_MTU || s->mtu > VMXNET3_MAX_MTU) { + qemu_log_mask(LOG_GUEST_ERROR, "vmxnet3: Bad MTU size: %u\n", s->mtu); + return; + } VMW_CFPRN("MTU is %u", s->mtu); s->max_rx_frags = diff --git a/hw/ppc/e500.c b/hw/ppc/e500.c index 67793a86f11f5..d5b6820d1dc9b 100644 --- a/hw/ppc/e500.c +++ b/hw/ppc/e500.c @@ -712,7 +712,7 @@ static int ppce500_prep_device_tree(PPCE500MachineState *machine, p->kernel_base = kernel_base; p->kernel_size = kernel_size; - qemu_register_reset(ppce500_reset_device_tree, p); + qemu_register_reset_nosnapshotload(ppce500_reset_device_tree, p); p->notifier.notify = ppce500_init_notify; qemu_add_machine_init_done_notifier(&p->notifier); diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c index 510ff0eaaf93d..9acc7adfc925f 100644 --- a/hw/ppc/mac_oldworld.c +++ b/hw/ppc/mac_oldworld.c @@ -81,6 +81,7 @@ static void ppc_heathrow_reset(void *opaque) { PowerPCCPU *cpu = opaque; + cpu_ppc_tb_reset(&cpu->env); cpu_reset(CPU(cpu)); } diff --git a/hw/ppc/pegasos2.c b/hw/ppc/pegasos2.c index 075367d94d002..bd397cf2b5c5a 100644 --- a/hw/ppc/pegasos2.c +++ b/hw/ppc/pegasos2.c @@ -99,6 +99,7 @@ static void pegasos2_cpu_reset(void *opaque) cpu->env.gpr[1] = 2 * VOF_STACK_SIZE - 0x20; cpu->env.nip = 0x100; } + cpu_ppc_tb_reset(&cpu->env); } static void pegasos2_pci_irq(void *opaque, int n, int level) diff --git a/hw/ppc/pnv_core.c b/hw/ppc/pnv_core.c index 9b39d527de961..8c7afe037f00b 100644 --- a/hw/ppc/pnv_core.c +++ b/hw/ppc/pnv_core.c @@ -61,6 +61,8 @@ static void pnv_core_cpu_reset(PnvCore *pc, PowerPCCPU *cpu) hreg_compute_hflags(env); ppc_maybe_interrupt(env); + cpu_ppc_tb_reset(env); + pcc->intc_reset(pc->chip, cpu); } diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c index 0e0a3d93c3bff..28a661cba9ebc 100644 --- a/hw/ppc/ppc.c +++ b/hw/ppc/ppc.c @@ -482,10 +482,32 @@ void ppce500_set_mpic_proxy(bool enabled) /*****************************************************************************/ /* PowerPC time base and decrementer emulation */ +/* + * Conversion between QEMU_CLOCK_VIRTUAL ns and timebase (TB) ticks: + * TB ticks are arrived at by multiplying tb_freq then dividing by + * ns per second, and rounding down. TB ticks drive all clocks and + * timers in the target machine. + * + * Converting TB intervals to ns for the purpose of setting a + * QEMU_CLOCK_VIRTUAL timer should go the other way, but rounding + * up. Rounding down could cause the timer to fire before the TB + * value has been reached. + */ +static uint64_t ns_to_tb(uint32_t freq, int64_t clock) +{ + return muldiv64(clock, freq, NANOSECONDS_PER_SECOND); +} + +/* virtual clock in TB ticks, not adjusted by TB offset */ +static int64_t tb_to_ns_round_up(uint32_t freq, uint64_t tb) +{ + return muldiv64_round_up(tb, NANOSECONDS_PER_SECOND, freq); +} + uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t tb_offset) { /* TB time in tb periods */ - return muldiv64(vmclk, tb_env->tb_freq, NANOSECONDS_PER_SECOND) + tb_offset; + return ns_to_tb(tb_env->tb_freq, vmclk) + tb_offset; } uint64_t cpu_ppc_load_tbl (CPUPPCState *env) @@ -526,8 +548,7 @@ uint32_t cpu_ppc_load_tbu (CPUPPCState *env) static inline void cpu_ppc_store_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t *tb_offsetp, uint64_t value) { - *tb_offsetp = value - - muldiv64(vmclk, tb_env->tb_freq, NANOSECONDS_PER_SECOND); + *tb_offsetp = value - ns_to_tb(tb_env->tb_freq, vmclk); trace_ppc_tb_store(value, *tb_offsetp); } @@ -683,64 +704,77 @@ bool ppc_decr_clear_on_delivery(CPUPPCState *env) return ((tb_env->flags & flags) == PPC_DECR_UNDERFLOW_TRIGGERED); } -static inline int64_t _cpu_ppc_load_decr(CPUPPCState *env, uint64_t next) +static inline int64_t __cpu_ppc_load_decr(CPUPPCState *env, int64_t now, + uint64_t next) { ppc_tb_t *tb_env = env->tb_env; - int64_t decr, diff; + uint64_t n; + int64_t decr; - diff = next - qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); - if (diff >= 0) { - decr = muldiv64(diff, tb_env->decr_freq, NANOSECONDS_PER_SECOND); - } else if (tb_env->flags & PPC_TIMER_BOOKE) { + n = ns_to_tb(tb_env->decr_freq, now); + if (next > n && tb_env->flags & PPC_TIMER_BOOKE) { decr = 0; - } else { - decr = -muldiv64(-diff, tb_env->decr_freq, NANOSECONDS_PER_SECOND); + } else { + decr = next - n; } + trace_ppc_decr_load(decr); return decr; } -target_ulong cpu_ppc_load_decr(CPUPPCState *env) +static target_ulong _cpu_ppc_load_decr(CPUPPCState *env, int64_t now) { ppc_tb_t *tb_env = env->tb_env; uint64_t decr; - if (kvm_enabled()) { - return env->spr[SPR_DECR]; - } - - decr = _cpu_ppc_load_decr(env, tb_env->decr_next); + decr = __cpu_ppc_load_decr(env, now, tb_env->decr_next); /* * If large decrementer is enabled then the decrementer is signed extened * to 64 bits, otherwise it is a 32 bit value. */ if (env->spr[SPR_LPCR] & LPCR_LD) { - return decr; + PowerPCCPU *cpu = env_archcpu(env); + PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); + return sextract64(decr, 0, pcc->lrg_decr_bits); } return (uint32_t) decr; } -target_ulong cpu_ppc_load_hdecr(CPUPPCState *env) +target_ulong cpu_ppc_load_decr(CPUPPCState *env) +{ + if (kvm_enabled()) { + return env->spr[SPR_DECR]; + } else { + return _cpu_ppc_load_decr(env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)); + } +} + +static target_ulong _cpu_ppc_load_hdecr(CPUPPCState *env, int64_t now) { PowerPCCPU *cpu = env_archcpu(env); PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); ppc_tb_t *tb_env = env->tb_env; uint64_t hdecr; - hdecr = _cpu_ppc_load_decr(env, tb_env->hdecr_next); + hdecr = __cpu_ppc_load_decr(env, now, tb_env->hdecr_next); /* * If we have a large decrementer (POWER9 or later) then hdecr is sign * extended to 64 bits, otherwise it is 32 bits. */ if (pcc->lrg_decr_bits > 32) { - return hdecr; + return sextract64(hdecr, 0, pcc->lrg_decr_bits); } return (uint32_t) hdecr; } +target_ulong cpu_ppc_load_hdecr(CPUPPCState *env) +{ + return _cpu_ppc_load_hdecr(env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)); +} + uint64_t cpu_ppc_load_purr (CPUPPCState *env) { ppc_tb_t *tb_env = env->tb_env; @@ -785,7 +819,7 @@ static inline void cpu_ppc_hdecr_lower(PowerPCCPU *cpu) ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); } -static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, +static void __cpu_ppc_store_decr(PowerPCCPU *cpu, int64_t now, uint64_t *nextp, QEMUTimer *timer, void (*raise_excp)(void *), void (*lower_excp)(PowerPCCPU *), @@ -794,7 +828,7 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, { CPUPPCState *env = &cpu->env; ppc_tb_t *tb_env = env->tb_env; - uint64_t now, next; + uint64_t next; int64_t signed_value; int64_t signed_decr; @@ -806,10 +840,14 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, trace_ppc_decr_store(nr_bits, decr, value); - if (kvm_enabled()) { - /* KVM handles decrementer exceptions, we don't need our own timer */ - return; - } + /* + * Calculate the next decrementer event and set a timer. + * decr_next is in timebase units to keep rounding simple. Note it is + * not adjusted by tb_offset because if TB changes via tb_offset changing, + * decrementer does not change, so not directly comparable with TB. + */ + next = ns_to_tb(tb_env->decr_freq, now) + value; + *nextp = next; /* nextp is in timebase units */ /* * Going from 1 -> 0 or 0 -> -1 is the event to generate a DEC interrupt. @@ -832,21 +870,17 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, (*lower_excp)(cpu); } - /* Calculate the next timer event */ - now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); - next = now + muldiv64(value, NANOSECONDS_PER_SECOND, tb_env->decr_freq); - *nextp = next; - /* Adjust timer */ - timer_mod(timer, next); + timer_mod(timer, tb_to_ns_round_up(tb_env->decr_freq, next)); } -static inline void _cpu_ppc_store_decr(PowerPCCPU *cpu, target_ulong decr, - target_ulong value, int nr_bits) +static inline void _cpu_ppc_store_decr(PowerPCCPU *cpu, int64_t now, + target_ulong decr, target_ulong value, + int nr_bits) { ppc_tb_t *tb_env = cpu->env.tb_env; - __cpu_ppc_store_decr(cpu, &tb_env->decr_next, tb_env->decr_timer, + __cpu_ppc_store_decr(cpu, now, &tb_env->decr_next, tb_env->decr_timer, tb_env->decr_timer->cb, &cpu_ppc_decr_lower, tb_env->flags, decr, value, nr_bits); } @@ -855,13 +889,22 @@ void cpu_ppc_store_decr(CPUPPCState *env, target_ulong value) { PowerPCCPU *cpu = env_archcpu(env); PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); + int64_t now; + target_ulong decr; int nr_bits = 32; + if (kvm_enabled()) { + /* KVM handles decrementer exceptions, we don't need our own timer */ + return; + } + if (env->spr[SPR_LPCR] & LPCR_LD) { nr_bits = pcc->lrg_decr_bits; } - _cpu_ppc_store_decr(cpu, cpu_ppc_load_decr(env), value, nr_bits); + now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); + decr = _cpu_ppc_load_decr(env, now); + _cpu_ppc_store_decr(cpu, now, decr, value, nr_bits); } static void cpu_ppc_decr_cb(void *opaque) @@ -871,14 +914,15 @@ static void cpu_ppc_decr_cb(void *opaque) cpu_ppc_decr_excp(cpu); } -static inline void _cpu_ppc_store_hdecr(PowerPCCPU *cpu, target_ulong hdecr, - target_ulong value, int nr_bits) +static inline void _cpu_ppc_store_hdecr(PowerPCCPU *cpu, int64_t now, + target_ulong hdecr, target_ulong value, + int nr_bits) { ppc_tb_t *tb_env = cpu->env.tb_env; if (tb_env->hdecr_timer != NULL) { /* HDECR (Book3S 64bit) is edge-based, not level like DECR */ - __cpu_ppc_store_decr(cpu, &tb_env->hdecr_next, tb_env->hdecr_timer, + __cpu_ppc_store_decr(cpu, now, &tb_env->hdecr_next, tb_env->hdecr_timer, tb_env->hdecr_timer->cb, &cpu_ppc_hdecr_lower, PPC_DECR_UNDERFLOW_TRIGGERED, hdecr, value, nr_bits); @@ -889,9 +933,12 @@ void cpu_ppc_store_hdecr(CPUPPCState *env, target_ulong value) { PowerPCCPU *cpu = env_archcpu(env); PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); + int64_t now; + target_ulong hdecr; - _cpu_ppc_store_hdecr(cpu, cpu_ppc_load_hdecr(env), value, - pcc->lrg_decr_bits); + now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); + hdecr = _cpu_ppc_load_hdecr(env, now); + _cpu_ppc_store_hdecr(cpu, now, hdecr, value, pcc->lrg_decr_bits); } static void cpu_ppc_hdecr_cb(void *opaque) @@ -901,29 +948,16 @@ static void cpu_ppc_hdecr_cb(void *opaque) cpu_ppc_hdecr_excp(cpu); } -void cpu_ppc_store_purr(CPUPPCState *env, uint64_t value) +static void _cpu_ppc_store_purr(CPUPPCState *env, int64_t now, uint64_t value) { ppc_tb_t *tb_env = env->tb_env; - cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), - &tb_env->purr_offset, value); + cpu_ppc_store_tb(tb_env, now, &tb_env->purr_offset, value); } -static void cpu_ppc_set_tb_clk (void *opaque, uint32_t freq) +void cpu_ppc_store_purr(CPUPPCState *env, uint64_t value) { - CPUPPCState *env = opaque; - PowerPCCPU *cpu = env_archcpu(env); - ppc_tb_t *tb_env = env->tb_env; - - tb_env->tb_freq = freq; - tb_env->decr_freq = freq; - /* There is a bug in Linux 2.4 kernels: - * if a decrementer exception is pending when it enables msr_ee at startup, - * it's not ready to handle it... - */ - _cpu_ppc_store_decr(cpu, 0xFFFFFFFF, 0xFFFFFFFF, 32); - _cpu_ppc_store_hdecr(cpu, 0xFFFFFFFF, 0xFFFFFFFF, 32); - cpu_ppc_store_purr(env, 0x0000000000000000ULL); + _cpu_ppc_store_purr(env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), value); } static void timebase_save(PPCTimebase *tb) @@ -1027,7 +1061,7 @@ const VMStateDescription vmstate_ppc_timebase = { }; /* Set up (once) timebase frequency (in Hz) */ -clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq) +void cpu_ppc_tb_init(CPUPPCState *env, uint32_t freq) { PowerPCCPU *cpu = env_archcpu(env); ppc_tb_t *tb_env; @@ -1047,9 +1081,33 @@ clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq) } else { tb_env->hdecr_timer = NULL; } - cpu_ppc_set_tb_clk(env, freq); - return &cpu_ppc_set_tb_clk; + tb_env->tb_freq = freq; + tb_env->decr_freq = freq; +} + +void cpu_ppc_tb_reset(CPUPPCState *env) +{ + PowerPCCPU *cpu = env_archcpu(env); + ppc_tb_t *tb_env = env->tb_env; + + timer_del(tb_env->decr_timer); + ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 0); + tb_env->decr_next = 0; + if (tb_env->hdecr_timer != NULL) { + timer_del(tb_env->hdecr_timer); + ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); + tb_env->hdecr_next = 0; + } + + /* + * There is a bug in Linux 2.4 kernels: + * if a decrementer exception is pending when it enables msr_ee at startup, + * it's not ready to handle it... + */ + cpu_ppc_store_decr(env, -1); + cpu_ppc_store_hdecr(env, -1); + cpu_ppc_store_purr(env, 0x0000000000000000ULL); } void cpu_ppc_tb_free(CPUPPCState *env) @@ -1125,9 +1183,7 @@ static void cpu_4xx_fit_cb (void *opaque) /* Cannot occur, but makes gcc happy */ return; } - next = now + muldiv64(next, NANOSECONDS_PER_SECOND, tb_env->tb_freq); - if (next == now) - next++; + next = now + tb_to_ns_round_up(tb_env->tb_freq, next); timer_mod(ppc40x_timer->fit_timer, next); env->spr[SPR_40x_TSR] |= 1 << 26; if ((env->spr[SPR_40x_TCR] >> 23) & 0x1) { @@ -1153,14 +1209,15 @@ static void start_stop_pit (CPUPPCState *env, ppc_tb_t *tb_env, int is_excp) } else { trace_ppc4xx_pit_start(ppc40x_timer->pit_reload); now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); - next = now + muldiv64(ppc40x_timer->pit_reload, - NANOSECONDS_PER_SECOND, tb_env->decr_freq); - if (is_excp) - next += tb_env->decr_next - now; - if (next == now) - next++; + + if (is_excp) { + tb_env->decr_next += ppc40x_timer->pit_reload; + } else { + tb_env->decr_next = ns_to_tb(tb_env->decr_freq, now) + + ppc40x_timer->pit_reload; + } + next = tb_to_ns_round_up(tb_env->decr_freq, tb_env->decr_next); timer_mod(tb_env->decr_timer, next); - tb_env->decr_next = next; } } @@ -1213,9 +1270,7 @@ static void cpu_4xx_wdt_cb (void *opaque) /* Cannot occur, but makes gcc happy */ return; } - next = now + muldiv64(next, NANOSECONDS_PER_SECOND, tb_env->decr_freq); - if (next == now) - next++; + next = now + tb_to_ns_round_up(tb_env->decr_freq, next); trace_ppc4xx_wdt(env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); switch ((env->spr[SPR_40x_TSR] >> 30) & 0x3) { case 0x0: diff --git a/hw/ppc/prep.c b/hw/ppc/prep.c index d9231c7317755..f6fd35fcb9e30 100644 --- a/hw/ppc/prep.c +++ b/hw/ppc/prep.c @@ -67,6 +67,7 @@ static void ppc_prep_reset(void *opaque) PowerPCCPU *cpu = opaque; cpu_reset(CPU(cpu)); + cpu_ppc_tb_reset(&cpu->env); } diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c index b482d9754a1f3..91fae56573ee5 100644 --- a/hw/ppc/spapr_cpu_core.c +++ b/hw/ppc/spapr_cpu_core.c @@ -74,6 +74,8 @@ static void spapr_reset_vcpu(PowerPCCPU *cpu) kvm_check_mmu(cpu, &error_fatal); + cpu_ppc_tb_reset(env); + spapr_irq_cpu_intc_reset(spapr, cpu); } diff --git a/hw/ppc/vof.c b/hw/ppc/vof.c index 18c3f92317a4f..e3b430a81f4f1 100644 --- a/hw/ppc/vof.c +++ b/hw/ppc/vof.c @@ -1024,6 +1024,8 @@ void vof_cleanup(Vof *vof) } vof->claimed = NULL; vof->of_instances = NULL; + vof->of_instance_last = 0; + vof->claimed_base = 0; } void vof_build_dt(void *fdt, Vof *vof) diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c index 99c4e6314b1ed..505a36dff69e0 100644 --- a/hw/riscv/virt.c +++ b/hw/riscv/virt.c @@ -732,7 +732,7 @@ static void create_fdt_pmu(RISCVVirtState *s) MachineState *ms = MACHINE(s); RISCVCPU hart = s->soc[0].harts[0]; - pmu_name = g_strdup_printf("/soc/pmu"); + pmu_name = g_strdup_printf("/pmu"); qemu_fdt_add_subnode(ms->fdt, pmu_name); qemu_fdt_setprop_string(ms->fdt, pmu_name, "compatible", "riscv,pmu"); riscv_pmu_generate_fdt_node(ms->fdt, hart.cfg.pmu_num, pmu_name); diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index 4516d73ff5fcb..4b36c9970e6e6 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -109,6 +109,7 @@ static const char *const reset_dev_types[] = { "s390-flic", "diag288", TYPE_S390_PCI_HOST_BRIDGE, + TYPE_AP_BRIDGE, }; static void subsystem_reset(void) diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c index e52188d0228d0..9b11d8c5738ab 100644 --- a/hw/scsi/esp.c +++ b/hw/scsi/esp.c @@ -759,7 +759,8 @@ static void esp_do_nodma(ESPState *s) } if (to_device) { - len = MIN(fifo8_num_used(&s->fifo), ESP_FIFO_SZ); + len = MIN(s->async_len, ESP_FIFO_SZ); + len = MIN(len, fifo8_num_used(&s->fifo)); esp_fifo_pop_buf(&s->fifo, s->async_buf, len); s->async_buf += len; s->async_len -= len; @@ -1395,7 +1396,7 @@ static void sysbus_esp_gpio_demux(void *opaque, int irq, int level) parent_esp_reset(s, irq, level); break; case 1: - esp_dma_enable(opaque, irq, level); + esp_dma_enable(s, irq, level); break; } } diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index e0d79c7966cfa..6691f5edb841b 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -1628,9 +1628,10 @@ static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf) * Since the existing code only checks/updates bits 8-15 of the block * size, restrict ourselves to the same requirement for now to ensure * that a block size set by a block descriptor and then read back by - * a subsequent SCSI command will be the same + * a subsequent SCSI command will be the same. Also disallow a block + * size of 256 since we cannot handle anything below BDRV_SECTOR_SIZE. */ - if (bs && !(bs & ~0xff00) && bs != s->qdev.blocksize) { + if (bs && !(bs & ~0xfe00) && bs != s->qdev.blocksize) { s->qdev.blocksize = bs; trace_scsi_disk_mode_select_set_blocksize(s->qdev.blocksize); } @@ -1958,6 +1959,10 @@ static void scsi_disk_emulate_write_data(SCSIRequest *req) scsi_disk_emulate_write_same(r, r->iov.iov_base); break; + case FORMAT_UNIT: + scsi_req_complete(&r->req, GOOD); + break; + default: abort(); } diff --git a/hw/vfio/display.c b/hw/vfio/display.c index bec864f482f46..837d9e6a309e8 100644 --- a/hw/vfio/display.c +++ b/hw/vfio/display.c @@ -243,6 +243,8 @@ static VFIODMABuf *vfio_display_get_dmabuf(VFIOPCIDevice *vdev, dmabuf->dmabuf_id = plane.dmabuf_id; dmabuf->buf.width = plane.width; dmabuf->buf.height = plane.height; + dmabuf->buf.backing_width = plane.width; + dmabuf->buf.backing_height = plane.height; dmabuf->buf.stride = plane.stride; dmabuf->buf.fourcc = plane.drm_format; dmabuf->buf.modifier = plane.drm_format_mod; diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 309038fd46323..969c25f4cfcbc 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -2825,8 +2825,9 @@ static int virtio_device_put(QEMUFile *f, void *opaque, size_t size, } /* A wrapper for use as a VMState .get function */ -static int virtio_device_get(QEMUFile *f, void *opaque, size_t size, - const VMStateField *field) +static int coroutine_mixed_fn +virtio_device_get(QEMUFile *f, void *opaque, size_t size, + const VMStateField *field) { VirtIODevice *vdev = VIRTIO_DEVICE(opaque); DeviceClass *dc = DEVICE_CLASS(VIRTIO_DEVICE_GET_CLASS(vdev)); @@ -2853,6 +2854,39 @@ static int virtio_set_features_nocheck(VirtIODevice *vdev, uint64_t val) return bad ? -1 : 0; } +typedef struct VirtioSetFeaturesNocheckData { + Coroutine *co; + VirtIODevice *vdev; + uint64_t val; + int ret; +} VirtioSetFeaturesNocheckData; + +static void virtio_set_features_nocheck_bh(void *opaque) +{ + VirtioSetFeaturesNocheckData *data = opaque; + + data->ret = virtio_set_features_nocheck(data->vdev, data->val); + aio_co_wake(data->co); +} + +static int coroutine_mixed_fn +virtio_set_features_nocheck_maybe_co(VirtIODevice *vdev, uint64_t val) +{ + if (qemu_in_coroutine()) { + VirtioSetFeaturesNocheckData data = { + .co = qemu_coroutine_self(), + .vdev = vdev, + .val = val, + }; + aio_bh_schedule_oneshot(qemu_get_current_aio_context(), + virtio_set_features_nocheck_bh, &data); + qemu_coroutine_yield(); + return data.ret; + } else { + return virtio_set_features_nocheck(vdev, val); + } +} + int virtio_set_features(VirtIODevice *vdev, uint64_t val) { int ret; @@ -2906,7 +2940,8 @@ size_t virtio_get_config_size(const VirtIOConfigSizeParams *params, return config_size; } -int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id) +int coroutine_mixed_fn +virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id) { int i, ret; int32_t config_len; @@ -3023,14 +3058,14 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id) * host_features. */ uint64_t features64 = vdev->guest_features; - if (virtio_set_features_nocheck(vdev, features64) < 0) { + if (virtio_set_features_nocheck_maybe_co(vdev, features64) < 0) { error_report("Features 0x%" PRIx64 " unsupported. " "Allowed features: 0x%" PRIx64, features64, vdev->host_features); return -1; } } else { - if (virtio_set_features_nocheck(vdev, features) < 0) { + if (virtio_set_features_nocheck_maybe_co(vdev, features) < 0) { error_report("Features 0x%x unsupported. " "Allowed features: 0x%" PRIx64, features, vdev->host_features); diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h index 94f44f1f59035..c2c62160c6d27 100644 --- a/include/exec/cpu-all.h +++ b/include/exec/cpu-all.h @@ -397,7 +397,7 @@ QEMU_BUILD_BUG_ON(TLB_FLAGS_MASK & TLB_SLOW_FLAGS_MASK); * @addr: virtual address to test (must be page aligned) * @tlb_addr: TLB entry address (a CPUTLBEntry addr_read/write/code value) */ -static inline bool tlb_hit_page(target_ulong tlb_addr, target_ulong addr) +static inline bool tlb_hit_page(uint64_t tlb_addr, vaddr addr) { return addr == (tlb_addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK)); } @@ -408,7 +408,7 @@ static inline bool tlb_hit_page(target_ulong tlb_addr, target_ulong addr) * @addr: virtual address to test (need not be page aligned) * @tlb_addr: TLB entry address (a CPUTLBEntry addr_read/write/code value) */ -static inline bool tlb_hit(target_ulong tlb_addr, target_ulong addr) +static inline bool tlb_hit(uint64_t tlb_addr, vaddr addr) { return tlb_hit_page(tlb_addr, addr & TARGET_PAGE_MASK); } diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h index 87dc9a752c9a2..41788c0bdd9b1 100644 --- a/include/exec/cpu-common.h +++ b/include/exec/cpu-common.h @@ -133,7 +133,6 @@ static inline void cpu_physical_memory_write(hwaddr addr, { cpu_physical_memory_rw(addr, (void *)buf, len, true); } -void cpu_reloading_memory_map(void); void *cpu_physical_memory_map(hwaddr addr, hwaddr *plen, bool is_write); diff --git a/include/exec/translator.h b/include/exec/translator.h index a53d3243d4cb6..0f4ecad7a2944 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -72,6 +72,7 @@ typedef enum DisasJumpType { * @num_insns: Number of translated instructions (including current). * @max_insns: Maximum number of instructions to be translated in this TB. * @singlestep_enabled: "Hardware" single stepping enabled. + * @saved_can_do_io: Known value of cpu->neg.can_do_io, or -1 for unknown. * * Architecture-agnostic disassembly context. */ @@ -83,6 +84,7 @@ typedef struct DisasContextBase { int num_insns; int max_insns; bool singlestep_enabled; + int8_t saved_can_do_io; void *host_addr[2]; } DisasContextBase; diff --git a/include/hw/cxl/cxl.h b/include/hw/cxl/cxl.h index 56c9e7676e22b..49447258492b9 100644 --- a/include/hw/cxl/cxl.h +++ b/include/hw/cxl/cxl.h @@ -29,7 +29,7 @@ typedef struct PXBCXLDev PXBCXLDev; typedef struct CXLFixedWindow { uint64_t size; char **targets; - PXBCXLDev *target_hbs[8]; + PXBCXLDev *target_hbs[16]; uint8_t num_targets; uint8_t enc_int_ways; uint8_t enc_int_gran; diff --git a/include/hw/i2c/aspeed_i2c.h b/include/hw/i2c/aspeed_i2c.h index 51c944efeaae2..2e1e15aaf0f7a 100644 --- a/include/hw/i2c/aspeed_i2c.h +++ b/include/hw/i2c/aspeed_i2c.h @@ -139,9 +139,9 @@ REG32(I2CD_CMD, 0x14) /* I2CD Command/Status */ REG32(I2CD_DEV_ADDR, 0x18) /* Slave Device Address */ SHARED_FIELD(SLAVE_DEV_ADDR1, 0, 7) REG32(I2CD_POOL_CTRL, 0x1C) /* Pool Buffer Control */ - SHARED_FIELD(RX_COUNT, 24, 5) + SHARED_FIELD(RX_COUNT, 24, 6) SHARED_FIELD(RX_SIZE, 16, 5) - SHARED_FIELD(TX_COUNT, 9, 5) + SHARED_FIELD(TX_COUNT, 8, 5) FIELD(I2CD_POOL_CTRL, OFFSET, 2, 6) /* AST2400 */ REG32(I2CD_BYTE_BUF, 0x20) /* Transmit/Receive Byte Buffer */ SHARED_FIELD(RX_BUF, 8, 8) diff --git a/include/hw/ppc/ppc.h b/include/hw/ppc/ppc.h index e095c002dc249..17a8dfc107150 100644 --- a/include/hw/ppc/ppc.h +++ b/include/hw/ppc/ppc.h @@ -54,7 +54,8 @@ struct ppc_tb_t { */ uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t tb_offset); -clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq); +void cpu_ppc_tb_init(CPUPPCState *env, uint32_t freq); +void cpu_ppc_tb_reset(CPUPPCState *env); void cpu_ppc_tb_free(CPUPPCState *env); void cpu_ppc_hdecr_init(CPUPPCState *env); void cpu_ppc_hdecr_exit(CPUPPCState *env); diff --git a/include/hw/virtio/virtio-gpu-bswap.h b/include/hw/virtio/virtio-gpu-bswap.h index 9124108485977..637a0585d0dff 100644 --- a/include/hw/virtio/virtio-gpu-bswap.h +++ b/include/hw/virtio/virtio-gpu-bswap.h @@ -63,7 +63,10 @@ virtio_gpu_create_blob_bswap(struct virtio_gpu_resource_create_blob *cblob) { virtio_gpu_ctrl_hdr_bswap(&cblob->hdr); le32_to_cpus(&cblob->resource_id); + le32_to_cpus(&cblob->blob_mem); le32_to_cpus(&cblob->blob_flags); + le32_to_cpus(&cblob->nr_entries); + le64_to_cpus(&cblob->blob_id); le64_to_cpus(&cblob->size); } diff --git a/include/qemu/compiler.h b/include/qemu/compiler.h index a309f90c76823..5c7f63f351f30 100644 --- a/include/qemu/compiler.h +++ b/include/qemu/compiler.h @@ -197,4 +197,10 @@ #define BUILTIN_SUBCLL_BROKEN #endif +#if __has_attribute(used) +# define QEMU_USED __attribute__((used)) +#else +# define QEMU_USED +#endif + #endif /* COMPILER_H */ diff --git a/include/qemu/host-utils.h b/include/qemu/host-utils.h index 011618373e598..ead97d354d6a2 100644 --- a/include/qemu/host-utils.h +++ b/include/qemu/host-utils.h @@ -56,6 +56,11 @@ static inline uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c) return (__int128_t)a * b / c; } +static inline uint64_t muldiv64_round_up(uint64_t a, uint32_t b, uint32_t c) +{ + return ((__int128_t)a * b + c - 1) / c; +} + static inline uint64_t divu128(uint64_t *plow, uint64_t *phigh, uint64_t divisor) { @@ -83,7 +88,8 @@ void mulu64(uint64_t *plow, uint64_t *phigh, uint64_t a, uint64_t b); uint64_t divu128(uint64_t *plow, uint64_t *phigh, uint64_t divisor); int64_t divs128(uint64_t *plow, int64_t *phigh, int64_t divisor); -static inline uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c) +static inline uint64_t muldiv64_rounding(uint64_t a, uint32_t b, uint32_t c, + bool round_up) { union { uint64_t ll; @@ -99,12 +105,25 @@ static inline uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c) u.ll = a; rl = (uint64_t)u.l.low * (uint64_t)b; + if (round_up) { + rl += c - 1; + } rh = (uint64_t)u.l.high * (uint64_t)b; rh += (rl >> 32); res.l.high = rh / c; res.l.low = (((rh % c) << 32) + (rl & 0xffffffff)) / c; return res.ll; } + +static inline uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c) +{ + return muldiv64_rounding(a, b, c, false); +} + +static inline uint64_t muldiv64_round_up(uint64_t a, uint32_t b, uint32_t c) +{ + return muldiv64_rounding(a, b, c, true); +} #endif /** diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h index 115f0cca79d19..ccaf55caf73ba 100644 --- a/include/sysemu/kvm.h +++ b/include/sysemu/kvm.h @@ -369,6 +369,8 @@ int kvm_arch_get_registers(CPUState *cpu); int kvm_arch_put_registers(CPUState *cpu, int level); +int kvm_arch_get_default_type(MachineState *ms); + int kvm_arch_init(MachineState *ms, KVMState *s); int kvm_arch_init_vcpu(CPUState *cpu); diff --git a/include/trace_consts.h b/include/trace_consts.h new file mode 100644 index 0000000000000..8010118eca96b --- /dev/null +++ b/include/trace_consts.h @@ -0,0 +1,13 @@ +#pragma once + +#include "trace_info.h" + +const uint64_t magic_number = 7456879624156307493LL; +const uint64_t magic_number_offset = 0LL; +const uint64_t trace_version_offset = 8LL; +const uint64_t bfd_arch_offset = 16LL; +const uint64_t bfd_machine_offset = 24LL; +const uint64_t num_trace_frames_offset = 32LL; +const uint64_t toc_offset_offset = 40LL; +const uint64_t first_frame_offset = 48LL; +const uint64_t out_trace_version = 2LL; diff --git a/include/tracewrap.h b/include/tracewrap.h new file mode 100644 index 0000000000000..1539cd118d952 --- /dev/null +++ b/include/tracewrap.h @@ -0,0 +1,65 @@ +#pragma once + +#include +#include +#include + +#include "qemu/osdep.h" +#include "cpu.h" + +#include "frame.piqi.pb-c.h" + + +/** initializes trace subsystem. + + All pointers are owned by the caller. + + @param filename a name of filesystem entry where trace will be dumpled, + if NULL then the name is basename(argv[0]).frames + + @param targetname a path to the executable, must be non NULL + + + @param argv a full list of arguments passed to the tracer, NULL terminated. + Can be NULL or empty (i.e., contain only a NULL element). + The list may include target arguments. + + @param envp a null terminated list of environment parameters, + can be NULL or empty. + + @param target_argv a null terminated list of target arguments, + can be NULL or empty. + + @param target_envp a null terminated list of target environment, + can be NULL or empty. + */ +void qemu_trace_init(const char *filename, const char *targetname, + char **argv, char **envp, + char **target_argv, + char **target_envp); +void qemu_trace_newframe(target_ulong addr, int tread_id); +void qemu_trace_add_operand(OperandInfo *oi, int inout); +void qemu_trace_endframe(CPUArchState *env, target_ulong pc, target_ulong size); +void qemu_trace_finish(uint32_t exit_code); + +OperandInfo * load_store_reg(target_ulong reg, target_ulong val, int ls); +OperandInfo * load_store_mem(target_ulong addr, target_ulong val, int ls, int len); + +#define REG_EFLAGS 66 +#define REG_LO 33 +#define REG_HI 34 + +#define REG_CPSR 64 +#define REG_APSR 65 +#define REG_SP 13 +#define REG_LR 14 +#define REG_PC 15 + +#define REG_NF 94 +#define REG_ZF 95 +#define REG_CF 96 +#define REG_VF 97 +#define REG_QF 98 +#define REG_GE 99 + +#define SEG_BIT 8 diff --git a/linux-user/arm/trace_info.h b/linux-user/arm/trace_info.h new file mode 100644 index 0000000000000..c859196afca20 --- /dev/null +++ b/linux-user/arm/trace_info.h @@ -0,0 +1,6 @@ +#pragma once + +#include "frame_arch.h" + +const uint64_t frame_arch = frame_arch_arm; +const uint64_t frame_mach = frame_mach_arm_unknown; diff --git a/linux-user/elfload.c b/linux-user/elfload.c index ac03beb01bfdb..a69e7d7eab97d 100644 --- a/linux-user/elfload.c +++ b/linux-user/elfload.c @@ -3204,7 +3204,7 @@ static void load_elf_image(const char *image_name, int image_fd, info->start_data = -1; info->end_data = 0; /* Usual start for brk is after all sections of the main executable. */ - info->brk = TARGET_PAGE_ALIGN(hiaddr); + info->brk = TARGET_PAGE_ALIGN(hiaddr + load_bias); info->elf_flags = ehdr->e_flags; prot_exec = PROT_EXEC; diff --git a/linux-user/hppa/signal.c b/linux-user/hppa/signal.c index f253a15864619..ec5f5412d10a1 100644 --- a/linux-user/hppa/signal.c +++ b/linux-user/hppa/signal.c @@ -25,7 +25,7 @@ struct target_sigcontext { abi_ulong sc_flags; abi_ulong sc_gr[32]; - uint64_t sc_fr[32]; + abi_ullong sc_fr[32]; abi_ulong sc_iasq[2]; abi_ulong sc_iaoq[2]; abi_ulong sc_sar; @@ -149,16 +149,18 @@ void setup_rt_frame(int sig, struct target_sigaction *ka, target_ulong *fdesc, dest; haddr &= -4; - if (!lock_user_struct(VERIFY_READ, fdesc, haddr, 1)) { + fdesc = lock_user(VERIFY_READ, haddr, 2 * sizeof(target_ulong), 1); + if (!fdesc) { goto give_sigsegv; } __get_user(dest, fdesc); __get_user(env->gr[19], fdesc + 1); - unlock_user_struct(fdesc, haddr, 1); + unlock_user(fdesc, haddr, 0); haddr = dest; } env->iaoq_f = haddr; env->iaoq_b = haddr + 4; + env->psw_n = 0; return; give_sigsegv: diff --git a/linux-user/i386/trace_info.h b/linux-user/i386/trace_info.h new file mode 100644 index 0000000000000..f2e9fe71fdded --- /dev/null +++ b/linux-user/i386/trace_info.h @@ -0,0 +1,6 @@ +#pragma once + +#include "frame_arch.h" + +const uint64_t frame_arch = frame_arch_i386; +const uint64_t frame_mach = frame_mach_i386_i386; diff --git a/linux-user/main.c b/linux-user/main.c index 96be354897dd2..49029d62b1748 100644 --- a/linux-user/main.c +++ b/linux-user/main.c @@ -65,6 +65,11 @@ #define AT_FLAGS_PRESERVE_ARGV0 (1 << AT_FLAGS_PRESERVE_ARGV0_BIT) #endif +#ifdef HAS_TRACEWRAP +#include "tracewrap.h" +const char * qemu_tracefilename = NULL; +#endif //HAS_TRACEWRAP + char *exec_path; char real_exec_path[PATH_MAX]; @@ -416,6 +421,13 @@ static void handle_arg_strace(const char *arg) enable_strace = true; } +#ifdef HAS_TRACEWRAP +static void handle_trace_filename(const char *arg) +{ + qemu_tracefilename = arg; +} +#endif //HAS_TRACEWRAP + static void handle_arg_version(const char *arg) { printf("qemu-" TARGET_NAME " version " QEMU_FULL_VERSION @@ -522,6 +534,10 @@ static const struct qemu_argument arg_table[] = { "", "Generate a /tmp/perf-${pid}.map file for perf"}, {"jitdump", "QEMU_JITDUMP", false, handle_arg_jitdump, "", "Generate a jit-${pid}.dump file for perf"}, +#ifdef HAS_TRACEWRAP + {"tracefile", "", true, handle_trace_filename, + "file", "path to trace file (defaults to .frames)"}, +#endif //HAS_TRACEWRAP {NULL, NULL, false, NULL, NULL, NULL} }; @@ -933,6 +949,11 @@ int main(int argc, char **argv, char **envp) } target_argv[target_argc] = NULL; +#ifdef HAS_TRACEWRAP + qemu_trace_init(qemu_tracefilename, exec_path, + argv, environ, target_argv, target_environ); +#endif //HAS_TRACEWRAP + ts = g_new0(TaskState, 1); init_task_state(ts); /* build Task State */ diff --git a/linux-user/mips/trace_info.h b/linux-user/mips/trace_info.h new file mode 100644 index 0000000000000..ea78cd3e83c1e --- /dev/null +++ b/linux-user/mips/trace_info.h @@ -0,0 +1,6 @@ +#pragma once + +#include "frame_arch.h" + +const uint64_t frame_arch = frame_arch_mips; +const uint64_t frame_mach = frame_mach_mipsisa32 ; diff --git a/linux-user/riscv/signal.c b/linux-user/riscv/signal.c index eaa168199a85a..f989f7f51f3af 100644 --- a/linux-user/riscv/signal.c +++ b/linux-user/riscv/signal.c @@ -38,8 +38,8 @@ struct target_sigcontext { }; /* cf. riscv-linux:arch/riscv/include/uapi/asm/ptrace.h */ struct target_ucontext { - unsigned long uc_flags; - struct target_ucontext *uc_link; + abi_ulong uc_flags; + abi_ptr uc_link; target_stack_t uc_stack; target_sigset_t uc_sigmask; uint8_t __unused[1024 / 8 - sizeof(target_sigset_t)]; diff --git a/linux-user/signal.c b/linux-user/signal.c index 748a98f3e5359..04adb3388e581 100644 --- a/linux-user/signal.c +++ b/linux-user/signal.c @@ -33,6 +33,10 @@ #include "host-signal.h" #include "user/safe-syscall.h" +#ifdef HAS_TRACEWRAP +#include "tracewrap.h" +#endif //HAS_TRACEWRAP + static struct target_sigaction sigact_table[TARGET_NSIG]; static void host_signal_handler(int host_signum, siginfo_t *info, @@ -707,6 +711,10 @@ void dump_core_and_abort(CPUArchState *cpu_env, int target_sig) trace_user_dump_core_and_abort(env, target_sig, host_sig); gdb_signalled(env, target_sig); + #ifdef HAS_TRACEWRAP + qemu_trace_finish(-target_sig); + #endif //HAS_TRACEWRAP + /* dump core if supported by target binary format */ if (core_dump_signal(target_sig) && (ts->bprm->core_dump != NULL)) { stop_all_tasks(); diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 9353268cc18f3..4609ba07284e7 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -82,6 +82,9 @@ #ifdef HAVE_SYS_KCOV_H #include #endif +#ifdef HAS_TRACEWRAP +#include "tracewrap.h" +#endif //HAS_TRACEWRAP #define termios host_termios #define winsize host_winsize @@ -11158,6 +11161,9 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1, /* new thread calls */ case TARGET_NR_exit_group: preexit_cleanup(cpu_env, arg1); +#ifdef HAS_TRACEWRAP + qemu_trace_finish(arg1); +#endif //HAS_TRACEWRAP return get_errno(exit_group(arg1)); #endif case TARGET_NR_setdomainname: diff --git a/linux-user/x86_64/trace_info.h b/linux-user/x86_64/trace_info.h new file mode 100644 index 0000000000000..ed8f8ed1d9c21 --- /dev/null +++ b/linux-user/x86_64/trace_info.h @@ -0,0 +1,6 @@ +#pragma once + +#include "frame_arch.h" + +const uint64_t frame_arch = frame_arch_i386; +const uint64_t frame_mach = frame_mach_x86_64; diff --git a/meson.build b/meson.build index 98e68ef0b1e13..b6e5aabd3c9b5 100644 --- a/meson.build +++ b/meson.build @@ -225,7 +225,7 @@ if targetos == 'darwin' # Disable attempts to use ObjectiveC features in os/object.h since they # won't work when we're compiling with gcc as a C compiler. qemu_common_flags += '-DOS_OBJECT_USE_OBJC=0' -elif targetos == 'solaris' +elif targetos == 'sunos' # needed for CMSG_ macros in sys/socket.h qemu_common_flags += '-D_XOPEN_SOURCE=600' # needed for TIOCWIN* defines in termios.h @@ -1771,8 +1771,9 @@ if gnutls.found() method: 'pkg-config') endif keyutils = not_found -if get_option('keyring').enabled() - keyutils = dependency('libkeyutils', required: false, method: 'pkg-config') +if not get_option('libkeyutils').auto() or have_block + keyutils = dependency('libkeyutils', required: get_option('libkeyutils'), + method: 'pkg-config') endif has_gettid = cc.has_function('gettid') @@ -2056,7 +2057,7 @@ have_slirp_smbd = get_option('slirp_smbd') \ if have_slirp_smbd smbd_path = get_option('smbd') if smbd_path == '' - smbd_path = (targetos == 'solaris' ? '/usr/sfw/sbin/smbd' : '/usr/sbin/smbd') + smbd_path = (targetos == 'sunos' ? '/usr/sfw/sbin/smbd' : '/usr/sbin/smbd') endif config_host_data.set_quoted('CONFIG_SMBD_COMMAND', smbd_path) endif @@ -3080,6 +3081,8 @@ config_host_data.set('CONFIG_CAPSTONE', capstone.found()) config_host_data.set('CONFIG_FDT', fdt.found()) config_host_data.set('CONFIG_SLIRP', slirp.found()) +config_host_data.set('HAS_TRACEWRAP', get_option('tracewrap')) + ##################### # Generated sources # ##################### @@ -3408,6 +3411,12 @@ endif common_ss.add(files('cpus-common.c')) specific_ss.add(files('cpu.c')) +if get_option('tracewrap') + subdir('protobuf') + specific_ss.add('tracewrap.c') + specific_ss.add(protoframes) +endif + subdir('softmmu') # Work around a gcc bug/misfeature wherein constant propagation looks @@ -4211,6 +4220,7 @@ endif summary_info += {'AF_ALG support': have_afalg} summary_info += {'rng-none': get_option('rng_none')} summary_info += {'Linux keyring': have_keyring} +summary_info += {'Linux keyutils': keyutils} summary(summary_info, bool_yn: true, section: 'Crypto') # UI @@ -4315,6 +4325,8 @@ summary_info += {'libudev': libudev} summary_info += {'FUSE lseek': fuse_lseek.found()} summary_info += {'selinux': selinux} summary_info += {'libdw': libdw} +summary_info += {'tracewrap': get_option('tracewrap')} +summary_info += {'tracewrap_dir': get_option('tracewrap_dir')} summary(summary_info, bool_yn: true, section: 'Dependencies') if not supported_cpus.contains(cpu) diff --git a/meson_options.txt b/meson_options.txt index aaea5ddd77948..dfe586e3d347f 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -119,6 +119,8 @@ option('avx512bw', type: 'feature', value: 'auto', description: 'AVX512BW optimizations') option('keyring', type: 'feature', value: 'auto', description: 'Linux keyring support') +option('libkeyutils', type: 'feature', value: 'auto', + description: 'Linux keyutils support') option('attr', type : 'feature', value : 'auto', description: 'attr/xattr support') @@ -347,6 +349,9 @@ option('gprof', type: 'boolean', value: false, deprecated: true) option('slirp_smbd', type : 'feature', value : 'auto', description: 'use smbd (at path --smbd=*) in slirp networking') - option('hexagon_idef_parser', type : 'boolean', value : true, description: 'use idef-parser to automatically generate TCG code for the Hexagon frontend') +option('tracewrap', type : 'boolean', value : false, + description: 'tracewrap (bap-frames) compression support') +option('tracewrap_dir', type : 'string', value : '', + description: 'path to bap-frames') diff --git a/migration/block.c b/migration/block.c index b9580a6c7e704..86c2256a2bfb3 100644 --- a/migration/block.c +++ b/migration/block.c @@ -368,7 +368,9 @@ static void unset_dirty_tracking(void) BlkMigDevState *bmds; QSIMPLEQ_FOREACH(bmds, &block_mig_state.bmds_list, entry) { - bdrv_release_dirty_bitmap(bmds->dirty_bitmap); + if (bmds->dirty_bitmap) { + bdrv_release_dirty_bitmap(bmds->dirty_bitmap); + } } } @@ -676,13 +678,18 @@ static int64_t get_remaining_dirty(void) static void block_migration_cleanup_bmds(void) { BlkMigDevState *bmds; + BlockDriverState *bs; AioContext *ctx; unset_dirty_tracking(); while ((bmds = QSIMPLEQ_FIRST(&block_mig_state.bmds_list)) != NULL) { QSIMPLEQ_REMOVE_HEAD(&block_mig_state.bmds_list, entry); - bdrv_op_unblock_all(blk_bs(bmds->blk), bmds->blocker); + + bs = blk_bs(bmds->blk); + if (bs) { + bdrv_op_unblock_all(bs, bmds->blocker); + } error_free(bmds->blocker); /* Save ctx, because bmds->blk can disappear during blk_unref. */ diff --git a/migration/migration.c b/migration/migration.c index 5528acb65e0f7..7a4c8beb5d0a9 100644 --- a/migration/migration.c +++ b/migration/migration.c @@ -98,6 +98,7 @@ static int migration_maybe_pause(MigrationState *s, int *current_active_state, int new_state); static void migrate_fd_cancel(MigrationState *s); +static int await_return_path_close_on_source(MigrationState *s); static bool migration_needs_multiple_sockets(void) { @@ -153,6 +154,7 @@ void migration_object_init(void) qemu_sem_init(¤t_incoming->postcopy_qemufile_dst_done, 0); qemu_mutex_init(¤t_incoming->page_request_mutex); + qemu_cond_init(¤t_incoming->page_request_cond); current_incoming->page_requested = g_tree_new(page_request_addr_cmp); migration_object_check(current_migration, &error_fatal); @@ -367,7 +369,7 @@ int migrate_send_rp_req_pages(MigrationIncomingState *mis, * things like g_tree_lookup() will return TRUE (1) when found. */ g_tree_insert(mis->page_requested, aligned, (gpointer)1); - mis->page_requested_count++; + qatomic_inc(&mis->page_requested_count); trace_postcopy_page_req_add(aligned, mis->page_requested_count); } } @@ -1177,11 +1179,11 @@ static void migrate_fd_cleanup(MigrationState *s) qemu_fclose(tmp); } - if (s->postcopy_qemufile_src) { - migration_ioc_unregister_yank_from_file(s->postcopy_qemufile_src); - qemu_fclose(s->postcopy_qemufile_src); - s->postcopy_qemufile_src = NULL; - } + /* + * We already cleaned up to_dst_file, so errors from the return + * path might be due to that, ignore them. + */ + await_return_path_close_on_source(s); assert(!migration_is_active(s)); @@ -1245,7 +1247,7 @@ static void migrate_fd_error(MigrationState *s, const Error *error) static void migrate_fd_cancel(MigrationState *s) { int old_state ; - QEMUFile *f = migrate_get_current()->to_dst_file; + trace_migrate_fd_cancel(); WITH_QEMU_LOCK_GUARD(&s->qemu_file_lock) { @@ -1271,11 +1273,13 @@ static void migrate_fd_cancel(MigrationState *s) * If we're unlucky the migration code might be stuck somewhere in a * send/write while the network has failed and is waiting to timeout; * if we've got shutdown(2) available then we can force it to quit. - * The outgoing qemu file gets closed in migrate_fd_cleanup that is - * called in a bh, so there is no race against this cancel. */ - if (s->state == MIGRATION_STATUS_CANCELLING && f) { - qemu_file_shutdown(f); + if (s->state == MIGRATION_STATUS_CANCELLING) { + WITH_QEMU_LOCK_GUARD(&s->qemu_file_lock) { + if (s->to_dst_file) { + qemu_file_shutdown(s->to_dst_file); + } + } } if (s->state == MIGRATION_STATUS_CANCELLING && s->block_inactive) { Error *local_err = NULL; @@ -1519,12 +1523,14 @@ void qmp_migrate_pause(Error **errp) { MigrationState *ms = migrate_get_current(); MigrationIncomingState *mis = migration_incoming_get_current(); - int ret; + int ret = 0; if (ms->state == MIGRATION_STATUS_POSTCOPY_ACTIVE) { /* Source side, during postcopy */ qemu_mutex_lock(&ms->qemu_file_lock); - ret = qemu_file_shutdown(ms->to_dst_file); + if (ms->to_dst_file) { + ret = qemu_file_shutdown(ms->to_dst_file); + } qemu_mutex_unlock(&ms->qemu_file_lock); if (ret) { error_setg(errp, "Failed to pause source migration"); @@ -1777,18 +1783,6 @@ static void migrate_handle_rp_req_pages(MigrationState *ms, const char* rbname, } } -/* Return true to retry, false to quit */ -static bool postcopy_pause_return_path_thread(MigrationState *s) -{ - trace_postcopy_pause_return_path(); - - qemu_sem_wait(&s->postcopy_pause_rp_sem); - - trace_postcopy_pause_return_path_continued(); - - return true; -} - static int migrate_handle_rp_recv_bitmap(MigrationState *s, char *block_name) { RAMBlock *block = qemu_ram_block_by_name(block_name); @@ -1872,7 +1866,6 @@ static void *source_return_path_thread(void *opaque) trace_source_return_path_thread_entry(); rcu_register_thread(); -retry: while (!ms->rp_state.error && !qemu_file_get_error(rp) && migration_is_setup_or_active(ms->state)) { trace_source_return_path_thread_loop_top(); @@ -1994,38 +1987,17 @@ static void *source_return_path_thread(void *opaque) } out: - res = qemu_file_get_error(rp); - if (res) { - if (res && migration_in_postcopy()) { - /* - * Maybe there is something we can do: it looks like a - * network down issue, and we pause for a recovery. - */ - migration_release_dst_files(ms); - rp = NULL; - if (postcopy_pause_return_path_thread(ms)) { - /* - * Reload rp, reset the rest. Referencing it is safe since - * it's reset only by us above, or when migration completes - */ - rp = ms->rp_state.from_dst_file; - ms->rp_state.error = false; - goto retry; - } - } - + if (qemu_file_get_error(rp)) { trace_source_return_path_thread_bad_end(); mark_source_rp_bad(ms); } trace_source_return_path_thread_end(); - migration_release_dst_files(ms); rcu_unregister_thread(); return NULL; } -static int open_return_path_on_source(MigrationState *ms, - bool create_thread) +static int open_return_path_on_source(MigrationState *ms) { ms->rp_state.from_dst_file = qemu_file_get_return_path(ms->to_dst_file); if (!ms->rp_state.from_dst_file) { @@ -2034,11 +2006,6 @@ static int open_return_path_on_source(MigrationState *ms, trace_open_return_path_on_source(); - if (!create_thread) { - /* We're done */ - return 0; - } - qemu_thread_create(&ms->rp_state.rp_thread, "return path", source_return_path_thread, ms, QEMU_THREAD_JOINABLE); ms->rp_state.rp_thread_created = true; @@ -2051,24 +2018,39 @@ static int open_return_path_on_source(MigrationState *ms, /* Returns 0 if the RP was ok, otherwise there was an error on the RP */ static int await_return_path_close_on_source(MigrationState *ms) { + int ret; + + if (!ms->rp_state.rp_thread_created) { + return 0; + } + + trace_migration_return_path_end_before(); + /* - * If this is a normal exit then the destination will send a SHUT and the - * rp_thread will exit, however if there's an error we need to cause - * it to exit. + * If this is a normal exit then the destination will send a SHUT + * and the rp_thread will exit, however if there's an error we + * need to cause it to exit. shutdown(2), if we have it, will + * cause it to unblock if it's stuck waiting for the destination. */ - if (qemu_file_get_error(ms->to_dst_file) && ms->rp_state.from_dst_file) { - /* - * shutdown(2), if we have it, will cause it to unblock if it's stuck - * waiting for the destination. - */ - qemu_file_shutdown(ms->rp_state.from_dst_file); - mark_source_rp_bad(ms); + WITH_QEMU_LOCK_GUARD(&ms->qemu_file_lock) { + if (ms->to_dst_file && ms->rp_state.from_dst_file && + qemu_file_get_error(ms->to_dst_file)) { + qemu_file_shutdown(ms->rp_state.from_dst_file); + } } + trace_await_return_path_close_on_source_joining(); qemu_thread_join(&ms->rp_state.rp_thread); ms->rp_state.rp_thread_created = false; trace_await_return_path_close_on_source_close(); - return ms->rp_state.error; + + ret = ms->rp_state.error; + ms->rp_state.error = false; + + migration_release_dst_files(ms); + + trace_migration_return_path_end_after(ret); + return ret; } static inline void @@ -2364,20 +2346,8 @@ static void migration_completion(MigrationState *s) goto fail; } - /* - * If rp was opened we must clean up the thread before - * cleaning everything else up (since if there are no failures - * it will wait for the destination to send it's status in - * a SHUT command). - */ - if (s->rp_state.rp_thread_created) { - int rp_error; - trace_migration_return_path_end_before(); - rp_error = await_return_path_close_on_source(s); - trace_migration_return_path_end_after(rp_error); - if (rp_error) { - goto fail; - } + if (await_return_path_close_on_source(s)) { + goto fail; } if (qemu_file_get_error(s->to_dst_file)) { @@ -2554,6 +2524,13 @@ static MigThrError postcopy_pause(MigrationState *s) qemu_file_shutdown(file); qemu_fclose(file); + /* + * We're already pausing, so ignore any errors on the return + * path and just wait for the thread to finish. It will be + * re-created when we resume. + */ + await_return_path_close_on_source(s); + migrate_set_state(&s->state, s->state, MIGRATION_STATUS_POSTCOPY_PAUSED); @@ -2571,12 +2548,6 @@ static MigThrError postcopy_pause(MigrationState *s) if (s->state == MIGRATION_STATUS_POSTCOPY_RECOVER) { /* Woken up by a recover procedure. Give it a shot */ - /* - * Firstly, let's wake up the return path now, with a new - * return path channel. - */ - qemu_sem_post(&s->postcopy_pause_rp_sem); - /* Do the resume logic */ if (postcopy_do_resume(s) == 0) { /* Let's continue! */ @@ -3266,7 +3237,7 @@ void migrate_fd_connect(MigrationState *s, Error *error_in) * QEMU uses the return path. */ if (migrate_postcopy_ram() || migrate_return_path()) { - if (open_return_path_on_source(s, !resume)) { + if (open_return_path_on_source(s)) { error_setg(&local_err, "Unable to open return-path for postcopy"); migrate_set_state(&s->state, s->state, MIGRATION_STATUS_FAILED); migrate_set_error(s, local_err); @@ -3330,7 +3301,6 @@ static void migration_instance_finalize(Object *obj) qemu_sem_destroy(&ms->rate_limit_sem); qemu_sem_destroy(&ms->pause_sem); qemu_sem_destroy(&ms->postcopy_pause_sem); - qemu_sem_destroy(&ms->postcopy_pause_rp_sem); qemu_sem_destroy(&ms->rp_state.rp_sem); qemu_sem_destroy(&ms->rp_state.rp_pong_acks); qemu_sem_destroy(&ms->postcopy_qemufile_src_sem); @@ -3350,7 +3320,6 @@ static void migration_instance_init(Object *obj) migrate_params_init(&ms->parameters); qemu_sem_init(&ms->postcopy_pause_sem, 0); - qemu_sem_init(&ms->postcopy_pause_rp_sem, 0); qemu_sem_init(&ms->rp_state.rp_sem, 0); qemu_sem_init(&ms->rp_state.rp_pong_acks, 0); qemu_sem_init(&ms->rate_limit_sem, 0); diff --git a/migration/migration.h b/migration/migration.h index 6eea18db36758..1034d617bf11d 100644 --- a/migration/migration.h +++ b/migration/migration.h @@ -196,7 +196,10 @@ struct MigrationIncomingState { /* A tree of pages that we requested to the source VM */ GTree *page_requested; - /* For debugging purpose only, but would be nice to keep */ + /* + * For postcopy only, count the number of requested page faults that + * still haven't been resolved. + */ int page_requested_count; /* * The mutex helps to maintain the requested pages that we sent to the @@ -210,6 +213,14 @@ struct MigrationIncomingState { * contains valid information. */ QemuMutex page_request_mutex; + /* + * If postcopy preempt is enabled, there is a chance that the main + * thread finished loading its data before the preempt channel has + * finished loading the urgent pages. If that happens, the two threads + * will use this condvar to synchronize, so the main thread will always + * wait until all pages received. + */ + QemuCond page_request_cond; /* * Number of devices that have yet to approve switchover. When this reaches @@ -382,7 +393,6 @@ struct MigrationState { /* Needed by postcopy-pause state */ QemuSemaphore postcopy_pause_sem; - QemuSemaphore postcopy_pause_rp_sem; /* * Whether we abort the migration if decompression errors are * detected at the destination. It is left at false for qemu diff --git a/migration/options.c b/migration/options.c index 1d1e1321b0a5e..6bbfd4853d12f 100644 --- a/migration/options.c +++ b/migration/options.c @@ -1408,20 +1408,25 @@ void qmp_migrate_set_parameters(MigrateSetParameters *params, Error **errp) { MigrationParameters tmp; - /* TODO Rewrite "" to null instead */ + /* TODO Rewrite "" to null instead for all three tls_* parameters */ if (params->tls_creds && params->tls_creds->type == QTYPE_QNULL) { qobject_unref(params->tls_creds->u.n); params->tls_creds->type = QTYPE_QSTRING; params->tls_creds->u.s = strdup(""); } - /* TODO Rewrite "" to null instead */ if (params->tls_hostname && params->tls_hostname->type == QTYPE_QNULL) { qobject_unref(params->tls_hostname->u.n); params->tls_hostname->type = QTYPE_QSTRING; params->tls_hostname->u.s = strdup(""); } + if (params->tls_authz + && params->tls_authz->type == QTYPE_QNULL) { + qobject_unref(params->tls_authz->u.n); + params->tls_authz->type = QTYPE_QSTRING; + params->tls_authz->u.s = strdup(""); + } migrate_params_test_apply(params, &tmp); diff --git a/migration/postcopy-ram.c b/migration/postcopy-ram.c index 29aea9456d65f..5408e028c63a7 100644 --- a/migration/postcopy-ram.c +++ b/migration/postcopy-ram.c @@ -599,6 +599,30 @@ int postcopy_ram_incoming_cleanup(MigrationIncomingState *mis) if (mis->preempt_thread_status == PREEMPT_THREAD_CREATED) { /* Notify the fast load thread to quit */ mis->preempt_thread_status = PREEMPT_THREAD_QUIT; + /* + * Update preempt_thread_status before reading count. Note: mutex + * lock only provide ACQUIRE semantic, and it doesn't stops this + * write to be reordered after reading the count. + */ + smp_mb(); + /* + * It's possible that the preempt thread is still handling the last + * pages to arrive which were requested by guest page faults. + * Making sure nothing is left behind by waiting on the condvar if + * that unlikely case happened. + */ + WITH_QEMU_LOCK_GUARD(&mis->page_request_mutex) { + if (qatomic_read(&mis->page_requested_count)) { + /* + * It is guaranteed to receive a signal later, because the + * count>0 now, so it's destined to be decreased to zero + * very soon by the preempt thread. + */ + qemu_cond_wait(&mis->page_request_cond, + &mis->page_request_mutex); + } + } + /* Notify the fast load thread to quit */ if (mis->postcopy_qemufile_dst) { qemu_file_shutdown(mis->postcopy_qemufile_dst); } @@ -1277,8 +1301,20 @@ static int qemu_ufd_copy_ioctl(MigrationIncomingState *mis, void *host_addr, */ if (g_tree_lookup(mis->page_requested, host_addr)) { g_tree_remove(mis->page_requested, host_addr); - mis->page_requested_count--; + int left_pages = qatomic_dec_fetch(&mis->page_requested_count); + trace_postcopy_page_req_del(host_addr, mis->page_requested_count); + /* Order the update of count and read of preempt status */ + smp_mb(); + if (mis->preempt_thread_status == PREEMPT_THREAD_QUIT && + left_pages == 0) { + /* + * This probably means the main thread is waiting for us. + * Notify that we've finished receiving the last requested + * page. + */ + qemu_cond_signal(&mis->page_request_cond); + } } qemu_mutex_unlock(&mis->page_request_mutex); mark_postcopy_blocktime_end((uintptr_t)host_addr); diff --git a/net/vhost-vdpa.c b/net/vhost-vdpa.c index 9795306742633..07b616af51dc8 100644 --- a/net/vhost-vdpa.c +++ b/net/vhost-vdpa.c @@ -385,6 +385,8 @@ static void vhost_vdpa_net_client_stop(NetClientState *nc) dev = s->vhost_vdpa.dev; if (dev->vq_index + dev->nvqs == dev->vq_index_end) { g_clear_pointer(&s->vhost_vdpa.iova_tree, vhost_iova_tree_delete); + } else { + s->vhost_vdpa.iova_tree = NULL; } } @@ -1270,8 +1272,7 @@ static int vhost_vdpa_probe_cvq_isolation(int device_fd, uint64_t features, uint64_t backend_features; int64_t cvq_group; uint8_t status = VIRTIO_CONFIG_S_ACKNOWLEDGE | - VIRTIO_CONFIG_S_DRIVER | - VIRTIO_CONFIG_S_FEATURES_OK; + VIRTIO_CONFIG_S_DRIVER; int r; ERRP_GUARD(); @@ -1286,14 +1287,22 @@ static int vhost_vdpa_probe_cvq_isolation(int device_fd, uint64_t features, return 0; } + r = ioctl(device_fd, VHOST_VDPA_SET_STATUS, &status); + if (unlikely(r)) { + error_setg_errno(errp, -r, "Cannot set device status"); + goto out; + } + r = ioctl(device_fd, VHOST_SET_FEATURES, &features); if (unlikely(r)) { - error_setg_errno(errp, errno, "Cannot set features"); + error_setg_errno(errp, -r, "Cannot set features"); + goto out; } + status |= VIRTIO_CONFIG_S_FEATURES_OK; r = ioctl(device_fd, VHOST_VDPA_SET_STATUS, &status); if (unlikely(r)) { - error_setg_errno(errp, -r, "Cannot set device features"); + error_setg_errno(errp, -r, "Cannot set device status"); goto out; } diff --git a/pc-bios/optionrom/Makefile b/pc-bios/optionrom/Makefile index b1fff0ba6c84e..30d07026c790a 100644 --- a/pc-bios/optionrom/Makefile +++ b/pc-bios/optionrom/Makefile @@ -36,7 +36,7 @@ config-cc.mak: Makefile $(call cc-option,-Wno-array-bounds)) 3> config-cc.mak -include config-cc.mak -override LDFLAGS = -nostdlib -Wl,-T,$(SRC_DIR)/flat.lds +override LDFLAGS = -nostdlib -Wl,--build-id=none,-T,$(SRC_DIR)/flat.lds pvh.img: pvh.o pvh_main.o diff --git a/protobuf/fix_proto_src.py b/protobuf/fix_proto_src.py new file mode 100644 index 0000000000000..bb9bf14744874 --- /dev/null +++ b/protobuf/fix_proto_src.py @@ -0,0 +1,20 @@ +""" +This just does: +sed -i 's/->base/->__base/g' +sed -i 's/ProtobufCMessage base;/ProtobufCMessage __base;/g' +""" + +import sys + +if len(sys.argv) != 6 or sys.argv[3] != "-o": + print("usage: fix_proto_src.py frame.piqi.pb-c.c frame.piqi.pb-c.h -o frame.piqi.pb-c-fixed.c frame.piqi.pb-c-fixed.h") + exit(1) + +for (in_file, out_file) in zip(sys.argv[1:3], sys.argv[4:6]): + with open(in_file, "r") as i: + contents = i.read() + contents = contents.replace("->base", "->__base") + contents = contents.replace("ProtobufCMessage base;", "ProtobufCMessage __base;") + contents = contents.replace("\"protobuf/raw/frame.piqi.pb-c.h\"", "") + with open(out_file, "w") as o: + o.write(contents) diff --git a/protobuf/meson.build b/protobuf/meson.build new file mode 100644 index 0000000000000..87b640fa4394a --- /dev/null +++ b/protobuf/meson.build @@ -0,0 +1,18 @@ + +subdir('raw') # need to use subdir because meson doesn't allow generating in other dirs otherwise +py = import('python').find_installation('python3') + +proto_src_fixed = custom_target('proto-fixed', + input: ['fix_proto_src.py', proto_src_raw], + output: ['frame.piqi.pb-c.c', 'frame.piqi.pb-c.h'], + command: [py, '@INPUT@', '-o', '@OUTPUT@']) + +libprotoframes = static_library('protoframes', + proto_src_fixed) + +protobuf_c = dependency('libprotobuf-c') + +protoframes = declare_dependency( + link_with: libprotoframes, + include_directories: ['.', tracewrap_dir / 'libtrace' / 'src'], + dependencies: protobuf_c) diff --git a/protobuf/raw/meson.build b/protobuf/raw/meson.build new file mode 100644 index 0000000000000..8e3df0c247c9a --- /dev/null +++ b/protobuf/raw/meson.build @@ -0,0 +1,16 @@ + +piqi = find_program('piqi') +protoc_c = find_program('protoc-c') + +tracewrap_dir = get_option('tracewrap_dir') + +piqi_src = custom_target('piqi', + input: tracewrap_dir / 'piqi/frame.piqi', + output: 'frame.piqi.proto', + command: [piqi, 'to-proto', '@INPUT@', '-o', '@OUTPUT@']) + +proto_src_raw = custom_target('proto', + input: piqi_src, + output: ['frame.piqi.pb-c.c', 'frame.piqi.pb-c.h'], + command: [protoc_c, '--c_out=.', '@INPUT@'], + depends: piqi_src) diff --git a/python/frame_pb2.py b/python/frame_pb2.py new file mode 100644 index 0000000000000..26b8b2785a6d4 --- /dev/null +++ b/python/frame_pb2.py @@ -0,0 +1,1065 @@ +# Generated by the protocol buffer compiler. DO NOT EDIT! + +from google.protobuf import descriptor +from google.protobuf import message +from google.protobuf import reflection +from google.protobuf import descriptor_pb2 +# @@protoc_insertion_point(imports) + + + +DESCRIPTOR = descriptor.FileDescriptor( + name='frame.proto', + package='', + serialized_pb='\n\x0b\x66rame.proto\"\xed\x01\n\x05\x66rame\x12\x1d\n\tstd_frame\x18\x01 \x01(\x0b\x32\n.std_frame\x12%\n\rsyscall_frame\x18\x02 \x01(\x0b\x32\x0e.syscall_frame\x12)\n\x0f\x65xception_frame\x18\x03 \x01(\x0b\x32\x10.exception_frame\x12-\n\x11taint_intro_frame\x18\x04 \x01(\x0b\x32\x12.taint_intro_frame\x12%\n\rmodload_frame\x18\x05 \x01(\x0b\x32\x0e.modload_frame\x12\x1d\n\tkey_frame\x18\x06 \x01(\x0b\x32\n.key_frame\"1\n\x12operand_value_list\x12\x1b\n\x04\x65lem\x18\x01 \x03(\x0b\x32\r.operand_info\"\xb0\x01\n\x0coperand_info\x12\x35\n\x15operand_info_specific\x18\x01 \x02(\x0b\x32\x16.operand_info_specific\x12\x12\n\nbit_length\x18\x02 \x02(\x11\x12%\n\roperand_usage\x18\x03 \x02(\x0b\x32\x0e.operand_usage\x12\x1f\n\ntaint_info\x18\x04 \x02(\x0b\x32\x0b.taint_info\x12\r\n\x05value\x18\x05 \x02(\x0c\"]\n\x15operand_info_specific\x12!\n\x0bmem_operand\x18\x01 \x01(\x0b\x32\x0c.mem_operand\x12!\n\x0breg_operand\x18\x02 \x01(\x0b\x32\x0c.reg_operand\"\x1b\n\x0breg_operand\x12\x0c\n\x04name\x18\x01 \x02(\t\"\x1e\n\x0bmem_operand\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x02(\x04\"K\n\roperand_usage\x12\x0c\n\x04read\x18\x01 \x02(\x08\x12\x0f\n\x07written\x18\x02 \x02(\x08\x12\r\n\x05index\x18\x03 \x02(\x08\x12\x0c\n\x04\x62\x61se\x18\x04 \x02(\x08\"H\n\ntaint_info\x12\x10\n\x08no_taint\x18\x01 \x01(\x08\x12\x10\n\x08taint_id\x18\x02 \x01(\x04\x12\x16\n\x0etaint_multiple\x18\x03 \x01(\x08\"\xa0\x01\n\tstd_frame\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x02(\x04\x12\x11\n\tthread_id\x18\x02 \x02(\x04\x12\x10\n\x08rawbytes\x18\x03 \x02(\x0c\x12-\n\x10operand_pre_list\x18\x04 \x02(\x0b\x32\x13.operand_value_list\x12.\n\x11operand_post_list\x18\x05 \x01(\x0b\x32\x13.operand_value_list\"j\n\rsyscall_frame\x12\x0f\n\x07\x61\x64\x64ress\x18\x01 \x02(\x04\x12\x11\n\tthread_id\x18\x02 \x02(\x04\x12\x0e\n\x06number\x18\x03 \x02(\x04\x12%\n\rargument_list\x18\x04 \x02(\x0b\x32\x0e.argument_list\"\x1d\n\rargument_list\x12\x0c\n\x04\x65lem\x18\x01 \x03(\x12\"b\n\x0f\x65xception_frame\x12\x18\n\x10\x65xception_number\x18\x01 \x02(\x04\x12\x11\n\tthread_id\x18\x02 \x01(\x04\x12\x11\n\tfrom_addr\x18\x03 \x01(\x04\x12\x0f\n\x07to_addr\x18\x04 \x01(\x04\"@\n\x11taint_intro_frame\x12+\n\x10taint_intro_list\x18\x01 \x02(\x0b\x32\x11.taint_intro_list\".\n\x10taint_intro_list\x12\x1a\n\x04\x65lem\x18\x01 \x03(\x0b\x32\x0c.taint_intro\"a\n\x0btaint_intro\x12\x0c\n\x04\x61\x64\x64r\x18\x01 \x02(\x04\x12\x10\n\x08taint_id\x18\x02 \x02(\x04\x12\r\n\x05value\x18\x03 \x01(\x0c\x12\x13\n\x0bsource_name\x18\x04 \x01(\t\x12\x0e\n\x06offset\x18\x05 \x01(\x04\"O\n\rmodload_frame\x12\x13\n\x0bmodule_name\x18\x01 \x02(\t\x12\x13\n\x0blow_address\x18\x02 \x02(\x04\x12\x14\n\x0chigh_address\x18\x03 \x02(\x04\"<\n\tkey_frame\x12/\n\x12tagged_value_lists\x18\x01 \x02(\x0b\x32\x13.tagged_value_lists\"6\n\x12tagged_value_lists\x12 \n\x04\x65lem\x18\x01 \x03(\x0b\x32\x12.tagged_value_list\"a\n\x11tagged_value_list\x12+\n\x10value_source_tag\x18\x01 \x02(\x0b\x32\x11.value_source_tag\x12\x1f\n\nvalue_list\x18\x02 \x02(\x0b\x32\x0b.value_list\";\n\x10value_source_tag\x12\x14\n\x0cno_thread_id\x18\x01 \x01(\x08\x12\x11\n\tthread_id\x18\x02 \x01(\x04\"\'\n\nvalue_list\x12\x19\n\x04\x65lem\x18\x01 \x03(\x0b\x32\x0b.value_info\"\x87\x01\n\nvalue_info\x12\x35\n\x15operand_info_specific\x18\x01 \x02(\x0b\x32\x16.operand_info_specific\x12\x12\n\nbit_length\x18\x02 \x02(\x11\x12\x1f\n\ntaint_info\x18\x03 \x01(\x0b\x32\x0b.taint_info\x12\r\n\x05value\x18\x04 \x02(\x0c') + + + + +_FRAME = descriptor.Descriptor( + name='frame', + full_name='frame', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='std_frame', full_name='frame.std_frame', index=0, + number=1, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='syscall_frame', full_name='frame.syscall_frame', index=1, + number=2, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='exception_frame', full_name='frame.exception_frame', index=2, + number=3, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='taint_intro_frame', full_name='frame.taint_intro_frame', index=3, + number=4, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='modload_frame', full_name='frame.modload_frame', index=4, + number=5, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='key_frame', full_name='frame.key_frame', index=5, + number=6, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=16, + serialized_end=253, +) + + +_OPERAND_VALUE_LIST = descriptor.Descriptor( + name='operand_value_list', + full_name='operand_value_list', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='elem', full_name='operand_value_list.elem', index=0, + number=1, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=255, + serialized_end=304, +) + + +_OPERAND_INFO = descriptor.Descriptor( + name='operand_info', + full_name='operand_info', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='operand_info_specific', full_name='operand_info.operand_info_specific', index=0, + number=1, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='bit_length', full_name='operand_info.bit_length', index=1, + number=2, type=17, cpp_type=1, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='operand_usage', full_name='operand_info.operand_usage', index=2, + number=3, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='taint_info', full_name='operand_info.taint_info', index=3, + number=4, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='value', full_name='operand_info.value', index=4, + number=5, type=12, cpp_type=9, label=2, + has_default_value=False, default_value="", + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=307, + serialized_end=483, +) + + +_OPERAND_INFO_SPECIFIC = descriptor.Descriptor( + name='operand_info_specific', + full_name='operand_info_specific', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='mem_operand', full_name='operand_info_specific.mem_operand', index=0, + number=1, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='reg_operand', full_name='operand_info_specific.reg_operand', index=1, + number=2, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=485, + serialized_end=578, +) + + +_REG_OPERAND = descriptor.Descriptor( + name='reg_operand', + full_name='reg_operand', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='name', full_name='reg_operand.name', index=0, + number=1, type=9, cpp_type=9, label=2, + has_default_value=False, default_value=unicode("", "utf-8"), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=580, + serialized_end=607, +) + + +_MEM_OPERAND = descriptor.Descriptor( + name='mem_operand', + full_name='mem_operand', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='address', full_name='mem_operand.address', index=0, + number=1, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=609, + serialized_end=639, +) + + +_OPERAND_USAGE = descriptor.Descriptor( + name='operand_usage', + full_name='operand_usage', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='read', full_name='operand_usage.read', index=0, + number=1, type=8, cpp_type=7, label=2, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='written', full_name='operand_usage.written', index=1, + number=2, type=8, cpp_type=7, label=2, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='index', full_name='operand_usage.index', index=2, + number=3, type=8, cpp_type=7, label=2, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='base', full_name='operand_usage.base', index=3, + number=4, type=8, cpp_type=7, label=2, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=641, + serialized_end=716, +) + + +_TAINT_INFO = descriptor.Descriptor( + name='taint_info', + full_name='taint_info', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='no_taint', full_name='taint_info.no_taint', index=0, + number=1, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='taint_id', full_name='taint_info.taint_id', index=1, + number=2, type=4, cpp_type=4, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='taint_multiple', full_name='taint_info.taint_multiple', index=2, + number=3, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=718, + serialized_end=790, +) + + +_STD_FRAME = descriptor.Descriptor( + name='std_frame', + full_name='std_frame', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='address', full_name='std_frame.address', index=0, + number=1, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='thread_id', full_name='std_frame.thread_id', index=1, + number=2, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='rawbytes', full_name='std_frame.rawbytes', index=2, + number=3, type=12, cpp_type=9, label=2, + has_default_value=False, default_value="", + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='operand_pre_list', full_name='std_frame.operand_pre_list', index=3, + number=4, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='operand_post_list', full_name='std_frame.operand_post_list', index=4, + number=5, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=793, + serialized_end=953, +) + + +_SYSCALL_FRAME = descriptor.Descriptor( + name='syscall_frame', + full_name='syscall_frame', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='address', full_name='syscall_frame.address', index=0, + number=1, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='thread_id', full_name='syscall_frame.thread_id', index=1, + number=2, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='number', full_name='syscall_frame.number', index=2, + number=3, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='argument_list', full_name='syscall_frame.argument_list', index=3, + number=4, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=955, + serialized_end=1061, +) + + +_ARGUMENT_LIST = descriptor.Descriptor( + name='argument_list', + full_name='argument_list', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='elem', full_name='argument_list.elem', index=0, + number=1, type=18, cpp_type=2, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1063, + serialized_end=1092, +) + + +_EXCEPTION_FRAME = descriptor.Descriptor( + name='exception_frame', + full_name='exception_frame', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='exception_number', full_name='exception_frame.exception_number', index=0, + number=1, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='thread_id', full_name='exception_frame.thread_id', index=1, + number=2, type=4, cpp_type=4, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='from_addr', full_name='exception_frame.from_addr', index=2, + number=3, type=4, cpp_type=4, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='to_addr', full_name='exception_frame.to_addr', index=3, + number=4, type=4, cpp_type=4, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1094, + serialized_end=1192, +) + + +_TAINT_INTRO_FRAME = descriptor.Descriptor( + name='taint_intro_frame', + full_name='taint_intro_frame', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='taint_intro_list', full_name='taint_intro_frame.taint_intro_list', index=0, + number=1, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1194, + serialized_end=1258, +) + + +_TAINT_INTRO_LIST = descriptor.Descriptor( + name='taint_intro_list', + full_name='taint_intro_list', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='elem', full_name='taint_intro_list.elem', index=0, + number=1, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1260, + serialized_end=1306, +) + + +_TAINT_INTRO = descriptor.Descriptor( + name='taint_intro', + full_name='taint_intro', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='addr', full_name='taint_intro.addr', index=0, + number=1, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='taint_id', full_name='taint_intro.taint_id', index=1, + number=2, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='value', full_name='taint_intro.value', index=2, + number=3, type=12, cpp_type=9, label=1, + has_default_value=False, default_value="", + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='source_name', full_name='taint_intro.source_name', index=3, + number=4, type=9, cpp_type=9, label=1, + has_default_value=False, default_value=unicode("", "utf-8"), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='offset', full_name='taint_intro.offset', index=4, + number=5, type=4, cpp_type=4, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1308, + serialized_end=1405, +) + + +_MODLOAD_FRAME = descriptor.Descriptor( + name='modload_frame', + full_name='modload_frame', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='module_name', full_name='modload_frame.module_name', index=0, + number=1, type=9, cpp_type=9, label=2, + has_default_value=False, default_value=unicode("", "utf-8"), + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='low_address', full_name='modload_frame.low_address', index=1, + number=2, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='high_address', full_name='modload_frame.high_address', index=2, + number=3, type=4, cpp_type=4, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1407, + serialized_end=1486, +) + + +_KEY_FRAME = descriptor.Descriptor( + name='key_frame', + full_name='key_frame', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='tagged_value_lists', full_name='key_frame.tagged_value_lists', index=0, + number=1, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1488, + serialized_end=1548, +) + + +_TAGGED_VALUE_LISTS = descriptor.Descriptor( + name='tagged_value_lists', + full_name='tagged_value_lists', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='elem', full_name='tagged_value_lists.elem', index=0, + number=1, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1550, + serialized_end=1604, +) + + +_TAGGED_VALUE_LIST = descriptor.Descriptor( + name='tagged_value_list', + full_name='tagged_value_list', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='value_source_tag', full_name='tagged_value_list.value_source_tag', index=0, + number=1, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='value_list', full_name='tagged_value_list.value_list', index=1, + number=2, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1606, + serialized_end=1703, +) + + +_VALUE_SOURCE_TAG = descriptor.Descriptor( + name='value_source_tag', + full_name='value_source_tag', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='no_thread_id', full_name='value_source_tag.no_thread_id', index=0, + number=1, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='thread_id', full_name='value_source_tag.thread_id', index=1, + number=2, type=4, cpp_type=4, label=1, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1705, + serialized_end=1764, +) + + +_VALUE_LIST = descriptor.Descriptor( + name='value_list', + full_name='value_list', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='elem', full_name='value_list.elem', index=0, + number=1, type=11, cpp_type=10, label=3, + has_default_value=False, default_value=[], + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1766, + serialized_end=1805, +) + + +_VALUE_INFO = descriptor.Descriptor( + name='value_info', + full_name='value_info', + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + descriptor.FieldDescriptor( + name='operand_info_specific', full_name='value_info.operand_info_specific', index=0, + number=1, type=11, cpp_type=10, label=2, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='bit_length', full_name='value_info.bit_length', index=1, + number=2, type=17, cpp_type=1, label=2, + has_default_value=False, default_value=0, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='taint_info', full_name='value_info.taint_info', index=2, + number=3, type=11, cpp_type=10, label=1, + has_default_value=False, default_value=None, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + descriptor.FieldDescriptor( + name='value', full_name='value_info.value', index=3, + number=4, type=12, cpp_type=9, label=2, + has_default_value=False, default_value="", + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + options=None), + ], + extensions=[ + ], + nested_types=[], + enum_types=[ + ], + options=None, + is_extendable=False, + extension_ranges=[], + serialized_start=1808, + serialized_end=1943, +) + +_FRAME.fields_by_name['std_frame'].message_type = _STD_FRAME +_FRAME.fields_by_name['syscall_frame'].message_type = _SYSCALL_FRAME +_FRAME.fields_by_name['exception_frame'].message_type = _EXCEPTION_FRAME +_FRAME.fields_by_name['taint_intro_frame'].message_type = _TAINT_INTRO_FRAME +_FRAME.fields_by_name['modload_frame'].message_type = _MODLOAD_FRAME +_FRAME.fields_by_name['key_frame'].message_type = _KEY_FRAME +_OPERAND_VALUE_LIST.fields_by_name['elem'].message_type = _OPERAND_INFO +_OPERAND_INFO.fields_by_name['operand_info_specific'].message_type = _OPERAND_INFO_SPECIFIC +_OPERAND_INFO.fields_by_name['operand_usage'].message_type = _OPERAND_USAGE +_OPERAND_INFO.fields_by_name['taint_info'].message_type = _TAINT_INFO +_OPERAND_INFO_SPECIFIC.fields_by_name['mem_operand'].message_type = _MEM_OPERAND +_OPERAND_INFO_SPECIFIC.fields_by_name['reg_operand'].message_type = _REG_OPERAND +_STD_FRAME.fields_by_name['operand_pre_list'].message_type = _OPERAND_VALUE_LIST +_STD_FRAME.fields_by_name['operand_post_list'].message_type = _OPERAND_VALUE_LIST +_SYSCALL_FRAME.fields_by_name['argument_list'].message_type = _ARGUMENT_LIST +_TAINT_INTRO_FRAME.fields_by_name['taint_intro_list'].message_type = _TAINT_INTRO_LIST +_TAINT_INTRO_LIST.fields_by_name['elem'].message_type = _TAINT_INTRO +_KEY_FRAME.fields_by_name['tagged_value_lists'].message_type = _TAGGED_VALUE_LISTS +_TAGGED_VALUE_LISTS.fields_by_name['elem'].message_type = _TAGGED_VALUE_LIST +_TAGGED_VALUE_LIST.fields_by_name['value_source_tag'].message_type = _VALUE_SOURCE_TAG +_TAGGED_VALUE_LIST.fields_by_name['value_list'].message_type = _VALUE_LIST +_VALUE_LIST.fields_by_name['elem'].message_type = _VALUE_INFO +_VALUE_INFO.fields_by_name['operand_info_specific'].message_type = _OPERAND_INFO_SPECIFIC +_VALUE_INFO.fields_by_name['taint_info'].message_type = _TAINT_INFO +DESCRIPTOR.message_types_by_name['frame'] = _FRAME +DESCRIPTOR.message_types_by_name['operand_value_list'] = _OPERAND_VALUE_LIST +DESCRIPTOR.message_types_by_name['operand_info'] = _OPERAND_INFO +DESCRIPTOR.message_types_by_name['operand_info_specific'] = _OPERAND_INFO_SPECIFIC +DESCRIPTOR.message_types_by_name['reg_operand'] = _REG_OPERAND +DESCRIPTOR.message_types_by_name['mem_operand'] = _MEM_OPERAND +DESCRIPTOR.message_types_by_name['operand_usage'] = _OPERAND_USAGE +DESCRIPTOR.message_types_by_name['taint_info'] = _TAINT_INFO +DESCRIPTOR.message_types_by_name['std_frame'] = _STD_FRAME +DESCRIPTOR.message_types_by_name['syscall_frame'] = _SYSCALL_FRAME +DESCRIPTOR.message_types_by_name['argument_list'] = _ARGUMENT_LIST +DESCRIPTOR.message_types_by_name['exception_frame'] = _EXCEPTION_FRAME +DESCRIPTOR.message_types_by_name['taint_intro_frame'] = _TAINT_INTRO_FRAME +DESCRIPTOR.message_types_by_name['taint_intro_list'] = _TAINT_INTRO_LIST +DESCRIPTOR.message_types_by_name['taint_intro'] = _TAINT_INTRO +DESCRIPTOR.message_types_by_name['modload_frame'] = _MODLOAD_FRAME +DESCRIPTOR.message_types_by_name['key_frame'] = _KEY_FRAME +DESCRIPTOR.message_types_by_name['tagged_value_lists'] = _TAGGED_VALUE_LISTS +DESCRIPTOR.message_types_by_name['tagged_value_list'] = _TAGGED_VALUE_LIST +DESCRIPTOR.message_types_by_name['value_source_tag'] = _VALUE_SOURCE_TAG +DESCRIPTOR.message_types_by_name['value_list'] = _VALUE_LIST +DESCRIPTOR.message_types_by_name['value_info'] = _VALUE_INFO + +class frame(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _FRAME + + # @@protoc_insertion_point(class_scope:frame) + +class operand_value_list(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _OPERAND_VALUE_LIST + + # @@protoc_insertion_point(class_scope:operand_value_list) + +class operand_info(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _OPERAND_INFO + + # @@protoc_insertion_point(class_scope:operand_info) + +class operand_info_specific(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _OPERAND_INFO_SPECIFIC + + # @@protoc_insertion_point(class_scope:operand_info_specific) + +class reg_operand(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _REG_OPERAND + + # @@protoc_insertion_point(class_scope:reg_operand) + +class mem_operand(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _MEM_OPERAND + + # @@protoc_insertion_point(class_scope:mem_operand) + +class operand_usage(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _OPERAND_USAGE + + # @@protoc_insertion_point(class_scope:operand_usage) + +class taint_info(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _TAINT_INFO + + # @@protoc_insertion_point(class_scope:taint_info) + +class std_frame(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _STD_FRAME + + # @@protoc_insertion_point(class_scope:std_frame) + +class syscall_frame(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _SYSCALL_FRAME + + # @@protoc_insertion_point(class_scope:syscall_frame) + +class argument_list(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _ARGUMENT_LIST + + # @@protoc_insertion_point(class_scope:argument_list) + +class exception_frame(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _EXCEPTION_FRAME + + # @@protoc_insertion_point(class_scope:exception_frame) + +class taint_intro_frame(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _TAINT_INTRO_FRAME + + # @@protoc_insertion_point(class_scope:taint_intro_frame) + +class taint_intro_list(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _TAINT_INTRO_LIST + + # @@protoc_insertion_point(class_scope:taint_intro_list) + +class taint_intro(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _TAINT_INTRO + + # @@protoc_insertion_point(class_scope:taint_intro) + +class modload_frame(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _MODLOAD_FRAME + + # @@protoc_insertion_point(class_scope:modload_frame) + +class key_frame(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _KEY_FRAME + + # @@protoc_insertion_point(class_scope:key_frame) + +class tagged_value_lists(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _TAGGED_VALUE_LISTS + + # @@protoc_insertion_point(class_scope:tagged_value_lists) + +class tagged_value_list(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _TAGGED_VALUE_LIST + + # @@protoc_insertion_point(class_scope:tagged_value_list) + +class value_source_tag(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _VALUE_SOURCE_TAG + + # @@protoc_insertion_point(class_scope:value_source_tag) + +class value_list(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _VALUE_LIST + + # @@protoc_insertion_point(class_scope:value_list) + +class value_info(message.Message): + __metaclass__ = reflection.GeneratedProtocolMessageType + DESCRIPTOR = _VALUE_INFO + + # @@protoc_insertion_point(class_scope:value_info) + +# @@protoc_insertion_point(module_scope) diff --git a/python/printProto.py b/python/printProto.py new file mode 100755 index 0000000000000..df37d5b002e64 --- /dev/null +++ b/python/printProto.py @@ -0,0 +1,109 @@ +#!/usr/bin/env python + +import frame_pb2 as pb +import struct +import getopt +import sys +import IPython + +def getFrameLength(f): + return struct.unpack("Q", f.read(8))[0] + +def getFrame(f): + return pb.frame.FromString(f.read(getFrameLength(f))) + +#bitsize to format +btf = {8 : 'b', 32 : 'I'} + +def printOperandList(l): + #IPython.embed() + res = "" + regs = filter(lambda x : x.operand_info_specific.ListFields()[0][0].name == "reg_operand", l) + mems = filter(lambda x : x.operand_info_specific.ListFields()[0][0].name == "mem_operand", l) + for o in regs: + v = struct.unpack("I", o.value)[0] + res += "\treg: %s, value: 0x%08lx\n" % (o.operand_info_specific.reg_operand.name, v) + res.strip() + for o in mems: + v = struct.unpack(btf[o.bit_length], o.value)[0] + res += "\tmem: 0x%08lx, value: 0x%08lx\n" % (o.operand_info_specific.mem_operand.address, v) + res.strip() + return res + +def skipFrames(infile, cnt): + fr = None + for x in range(0, cnt): + fr = getFrame(infile) + return fr + +def gotoFrame(infile, cnt): + infile.seek(0x30) + return skipFrames(infile, cnt) + +def gotoAddress(infile, addr, debug=False): + infile.seek(0x30) + fr = getFrame(infile) + cnt = 1 + while fr.std_frame.address != addr: + fr = getFrame(infile) + cnt += 1 + if debug and fr.std_frame.address == addr: + print "Frame # %i is at addr: 0x%08lx" % (cnt, addr) + return fr + +def printFrame(f): + print "PRE: %s" % printOperandList(f.std_frame.operand_pre_list.elem) + print "POST: %s" % printOperandList(f.std_frame.operand_post_list.elem) + +def process(infileName, outfileName=None, maxCnt=0): + out = sys.stdout + if outfileName: + out = open(outfileName, 'w') + infile = open(infileName) + + (infile, metaMaxCnt) = getMetaData(infile) + + if maxCnt == 0: + maxCnt = metaMaxCnt + + cnt = 0 + + print "maxCnt: %i" % maxCnt + + while (cnt <= maxCnt): + cnt += 1 + try: + fr = getFrame(infile) + except google.protobuf.message.DecodeError, e: + print "maxCnt: %i, cnt: %i\n" % (maxCnt, cnt) + print e + break + out.write("0x%x, %r\n" % (fr.std_frame.address, fr.std_frame.rawbytes)) + +def getMetaData(f): + f.seek(0x20) + numFrames = struct.unpack("Q", f.read(8))[0] - 1 + f.seek(0x30) #move to first frame + return(f, numFrames) + +def main(): + debug = 0 + maxCnt = 0 + infile = None + outfile = None + opts,argv = getopt.getopt(sys.argv[1:], "f:c:o:d") + for k,v in opts: + if k == '-d': + debug += 1 + if k == '-f': + infile = v + if k == '-o': + outfile = v + if k == '-c': + maxCnt = int(v) + + if infile: + process(infile, outfile, maxCnt) + +if __name__ == "__main__": + main() diff --git a/qemu-options.hx b/qemu-options.hx index 29b98c3d4c55f..4cddb1596d5f0 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -1209,10 +1209,10 @@ SRST ERST DEF("hda", HAS_ARG, QEMU_OPTION_hda, - "-hda/-hdb file use 'file' as IDE hard disk 0/1 image\n", QEMU_ARCH_ALL) + "-hda/-hdb file use 'file' as hard disk 0/1 image\n", QEMU_ARCH_ALL) DEF("hdb", HAS_ARG, QEMU_OPTION_hdb, "", QEMU_ARCH_ALL) DEF("hdc", HAS_ARG, QEMU_OPTION_hdc, - "-hdc/-hdd file use 'file' as IDE hard disk 2/3 image\n", QEMU_ARCH_ALL) + "-hdc/-hdd file use 'file' as hard disk 2/3 image\n", QEMU_ARCH_ALL) DEF("hdd", HAS_ARG, QEMU_OPTION_hdd, "", QEMU_ARCH_ALL) SRST ``-hda file`` @@ -1222,18 +1222,22 @@ SRST ``-hdc file`` \ ``-hdd file`` - Use file as hard disk 0, 1, 2 or 3 image (see the :ref:`disk images` - chapter in the System Emulation Users Guide). + Use file as hard disk 0, 1, 2 or 3 image on the default bus of the + emulated machine (this is for example the IDE bus on most x86 machines, + but it can also be SCSI, virtio or something else on other target + architectures). See also the :ref:`disk images` chapter in the System + Emulation Users Guide. ERST DEF("cdrom", HAS_ARG, QEMU_OPTION_cdrom, - "-cdrom file use 'file' as IDE cdrom image (cdrom is ide1 master)\n", + "-cdrom file use 'file' as CD-ROM image\n", QEMU_ARCH_ALL) SRST ``-cdrom file`` - Use file as CD-ROM image (you cannot use ``-hdc`` and ``-cdrom`` at - the same time). You can use the host CD-ROM by using ``/dev/cdrom`` - as filename. + Use file as CD-ROM image on the default bus of the emulated machine + (which is IDE1 master on x86, so you cannot use ``-hdc`` and ``-cdrom`` + at the same time there). On systems that support it, you can use the + host CD-ROM by using ``/dev/cdrom`` as filename. ERST DEF("blockdev", HAS_ARG, QEMU_OPTION_blockdev, @@ -4206,6 +4210,16 @@ SRST Like ``-qmp`` but uses pretty JSON formatting. ERST +DEF("tracefile", HAS_ARG, QEMU_OPTION_tracefile, \ + "-tracefile file write BAP traces to file\n", + QEMU_ARCH_ARM) +STEXI +@item -tracefile @var{file} +@findex -tracefile +Write BAP traces into file @var{file}. +Default: /dev/shm/proto +ETEXI + DEF("mon", HAS_ARG, QEMU_OPTION_mon, \ "-mon [chardev=]name[,mode=readline|control][,pretty[=on|off]]\n", QEMU_ARCH_ALL) SRST diff --git a/roms/Makefile b/roms/Makefile index 6859685290bf9..67f709ba2dd64 100644 --- a/roms/Makefile +++ b/roms/Makefile @@ -147,7 +147,7 @@ skiboot: cp skiboot/skiboot.lid ../pc-bios/skiboot.lid efi: - python3 edk2-build.py --config edk2-build.config \ + $(PYTHON) edk2-build.py --config edk2-build.config \ --version-override "edk2-stable202302-for-qemu" \ --release-date "03/01/2023" rm -f ../pc-bios/edk2-*.fd.bz2 diff --git a/scripts/meson-buildoptions.sh b/scripts/meson-buildoptions.sh index 9da3fe299b75e..d7020af17537c 100644 --- a/scripts/meson-buildoptions.sh +++ b/scripts/meson-buildoptions.sh @@ -120,6 +120,7 @@ meson_options_help() { printf "%s\n" ' libdaxctl libdaxctl support' printf "%s\n" ' libdw debuginfo support' printf "%s\n" ' libiscsi libiscsi userspace initiator' + printf "%s\n" ' libkeyutils Linux keyutils support' printf "%s\n" ' libnfs libnfs block device driver' printf "%s\n" ' libpmem libpmem support' printf "%s\n" ' libssh ssh block device support' @@ -341,6 +342,8 @@ _meson_option_parse() { --libexecdir=*) quote_sh "-Dlibexecdir=$2" ;; --enable-libiscsi) printf "%s" -Dlibiscsi=enabled ;; --disable-libiscsi) printf "%s" -Dlibiscsi=disabled ;; + --enable-libkeyutils) printf "%s" -Dlibkeyutils=enabled ;; + --disable-libkeyutils) printf "%s" -Dlibkeyutils=disabled ;; --enable-libnfs) printf "%s" -Dlibnfs=enabled ;; --disable-libnfs) printf "%s" -Dlibnfs=disabled ;; --enable-libpmem) printf "%s" -Dlibpmem=enabled ;; diff --git a/softmmu/physmem.c b/softmmu/physmem.c index 3df73542e1fee..18277ddd67445 100644 --- a/softmmu/physmem.c +++ b/softmmu/physmem.c @@ -680,8 +680,7 @@ address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr orig_addr, IOMMUTLBEntry iotlb; int iommu_idx; hwaddr addr = orig_addr; - AddressSpaceDispatch *d = - qatomic_rcu_read(&cpu->cpu_ases[asidx].memory_dispatch); + AddressSpaceDispatch *d = cpu->cpu_ases[asidx].memory_dispatch; for (;;) { section = address_space_translate_internal(d, addr, &addr, plen, false); @@ -2412,10 +2411,16 @@ MemoryRegionSection *iotlb_to_section(CPUState *cpu, { int asidx = cpu_asidx_from_attrs(cpu, attrs); CPUAddressSpace *cpuas = &cpu->cpu_ases[asidx]; - AddressSpaceDispatch *d = qatomic_rcu_read(&cpuas->memory_dispatch); - MemoryRegionSection *sections = d->map.sections; + AddressSpaceDispatch *d = cpuas->memory_dispatch; + int section_index = index & ~TARGET_PAGE_MASK; + MemoryRegionSection *ret; + + assert(section_index < d->map.sections_nb); + ret = d->map.sections + section_index; + assert(ret->mr); + assert(ret->mr->ops); - return §ions[index & ~TARGET_PAGE_MASK]; + return ret; } static void io_mem_init(void) @@ -2481,23 +2486,42 @@ static void tcg_log_global_after_sync(MemoryListener *listener) } } +static void tcg_commit_cpu(CPUState *cpu, run_on_cpu_data data) +{ + CPUAddressSpace *cpuas = data.host_ptr; + + cpuas->memory_dispatch = address_space_to_dispatch(cpuas->as); + tlb_flush(cpu); +} + static void tcg_commit(MemoryListener *listener) { CPUAddressSpace *cpuas; - AddressSpaceDispatch *d; + CPUState *cpu; assert(tcg_enabled()); /* since each CPU stores ram addresses in its TLB cache, we must reset the modified entries */ cpuas = container_of(listener, CPUAddressSpace, tcg_as_listener); - cpu_reloading_memory_map(); - /* The CPU and TLB are protected by the iothread lock. - * We reload the dispatch pointer now because cpu_reloading_memory_map() - * may have split the RCU critical section. + cpu = cpuas->cpu; + + /* + * Defer changes to as->memory_dispatch until the cpu is quiescent. + * Otherwise we race between (1) other cpu threads and (2) ongoing + * i/o for the current cpu thread, with data cached by mmu_lookup(). + * + * In addition, queueing the work function will kick the cpu back to + * the main loop, which will end the RCU critical section and reclaim + * the memory data structures. + * + * That said, the listener is also called during realize, before + * all of the tcg machinery for run-on is initialized: thus halt_cond. */ - d = address_space_to_dispatch(cpuas->as); - qatomic_rcu_set(&cpuas->memory_dispatch, d); - tlb_flush(cpuas->cpu); + if (cpu->halt_cond) { + async_run_on_cpu(cpu, tcg_commit_cpu, RUN_ON_CPU_HOST_PTR(cpuas)); + } else { + tcg_commit_cpu(cpu, RUN_ON_CPU_HOST_PTR(cpuas)); + } } static void memory_map_init(void) diff --git a/softmmu/vl.c b/softmmu/vl.c index b0b96f67fac0c..14eb674c0d50e 100644 --- a/softmmu/vl.c +++ b/softmmu/vl.c @@ -135,6 +135,10 @@ #include "qemu/guest-random.h" #include "qemu/keyval.h" +#ifdef HAS_TRACEWRAP +#include "gtracewrap.h" +#endif + #define MAX_VIRTIO_CONSOLES 1 typedef struct BlockdevOptionsQueueEntry { @@ -179,6 +183,9 @@ static int num_serial_hds; static Chardev **serial_hds; static const char *log_mask; static const char *log_file; +#ifdef HAS_TRACEWRAP + const char *tracefile = NULL; +#endif static bool list_data_dirs; static const char *qtest_chrdev; static const char *qtest_log; @@ -3047,6 +3054,11 @@ void qemu_init(int argc, char **argv) monitor_parse(optarg, "readline", false); } break; +#ifdef HAS_TRACEWRAP + case QEMU_OPTION_tracefile: + tracefile = optarg; + break; +#endif case QEMU_OPTION_qmp: monitor_parse(optarg, "control", false); default_monitor = 0; @@ -3530,6 +3542,10 @@ void qemu_init(int argc, char **argv) } } } +#ifdef HAS_TRACEWRAP + do_qemu_set_trace(tracefile,0,NULL); +#endif + /* * Clear error location left behind by the loop. * Best done right after the loop. Do not insert code here! diff --git a/subprojects/berkeley-testfloat-3.wrap b/subprojects/berkeley-testfloat-3.wrap index 6ad80a37b2aae..c86dc078a8e35 100644 --- a/subprojects/berkeley-testfloat-3.wrap +++ b/subprojects/berkeley-testfloat-3.wrap @@ -1,5 +1,5 @@ [wrap-git] url = https://gitlab.com/qemu-project/berkeley-testfloat-3 -revision = 40619cbb3bf32872df8c53cc457039229428a263 +revision = e7af9751d9f9fd3b47911f51a5cfd08af256a9ab patch_directory = berkeley-testfloat-3 depth = 1 diff --git a/target/arm/kvm.c b/target/arm/kvm.c index b4c7654f49809..23aeb099490bc 100644 --- a/target/arm/kvm.c +++ b/target/arm/kvm.c @@ -247,6 +247,13 @@ int kvm_arm_get_max_vm_ipa_size(MachineState *ms, bool *fixed_ipa) return ret > 0 ? ret : 40; } +int kvm_arch_get_default_type(MachineState *ms) +{ + bool fixed_ipa; + int size = kvm_arm_get_max_vm_ipa_size(ms, &fixed_ipa); + return fixed_ipa ? 0 : size; +} + int kvm_arch_init(MachineState *ms, KVMState *s) { int ret = 0; diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c index 94bbd9661fd35..f89ea31f170d3 100644 --- a/target/arm/kvm64.c +++ b/target/arm/kvm64.c @@ -674,6 +674,7 @@ typedef struct CPRegStateLevel { */ static const CPRegStateLevel non_runtime_cpregs[] = { { KVM_REG_ARM_TIMER_CNT, KVM_PUT_FULL_STATE }, + { KVM_REG_ARM_PTIMER_CNT, KVM_PUT_FULL_STATE }, }; int kvm_arm_cpreg_level(uint64_t regidx) diff --git a/target/arm/tcg/cpu64.c b/target/arm/tcg/cpu64.c index 8019f00bc3f0d..1975253deaf8a 100644 --- a/target/arm/tcg/cpu64.c +++ b/target/arm/tcg/cpu64.c @@ -743,7 +743,7 @@ void aarch64_max_tcg_initfn(Object *obj) t = FIELD_DP64(t, ID_AA64ISAR0, AES, 2); /* FEAT_PMULL */ t = FIELD_DP64(t, ID_AA64ISAR0, SHA1, 1); /* FEAT_SHA1 */ t = FIELD_DP64(t, ID_AA64ISAR0, SHA2, 2); /* FEAT_SHA512 */ - t = FIELD_DP64(t, ID_AA64ISAR0, CRC32, 1); + t = FIELD_DP64(t, ID_AA64ISAR0, CRC32, 1); /* FEAT_CRC32 */ t = FIELD_DP64(t, ID_AA64ISAR0, ATOMIC, 2); /* FEAT_LSE */ t = FIELD_DP64(t, ID_AA64ISAR0, RDM, 1); /* FEAT_RDM */ t = FIELD_DP64(t, ID_AA64ISAR0, SHA3, 1); /* FEAT_SHA3 */ diff --git a/target/arm/tcg/hflags.c b/target/arm/tcg/hflags.c index 616c5fa7237f0..ea642384f5aee 100644 --- a/target/arm/tcg/hflags.c +++ b/target/arm/tcg/hflags.c @@ -306,6 +306,15 @@ static CPUARMTBFlags rebuild_hflags_a64(CPUARMState *env, int el, int fp_el, && !(env->pstate & PSTATE_TCO) && (sctlr & (el == 0 ? SCTLR_TCF0 : SCTLR_TCF))) { DP_TBFLAG_A64(flags, MTE_ACTIVE, 1); + if (!EX_TBFLAG_A64(flags, UNPRIV)) { + /* + * In non-unpriv contexts (eg EL0), unpriv load/stores + * act like normal ones; duplicate the MTE info to + * avoid translate-a64.c having to check UNPRIV to see + * whether it is OK to index into MTE_ACTIVE[]. + */ + DP_TBFLAG_A64(flags, MTE0_ACTIVE, 1); + } } } /* And again for unprivileged accesses, if required. */ diff --git a/target/arm/tcg/sme_helper.c b/target/arm/tcg/sme_helper.c index 1e67fcac308e7..296826ffe6aef 100644 --- a/target/arm/tcg/sme_helper.c +++ b/target/arm/tcg/sme_helper.c @@ -379,7 +379,7 @@ static inline void HNAME##_host(void *za, intptr_t off, void *host) \ { \ uint64_t *ptr = za + off; \ HOST(host, ptr[BE]); \ - HOST(host + 1, ptr[!BE]); \ + HOST(host + 8, ptr[!BE]); \ } \ static inline void VNAME##_v_host(void *za, intptr_t off, void *host) \ { \ diff --git a/target/arm/tcg/translate.c b/target/arm/tcg/translate.c index b71ac2d0d53cf..39541ecdf0a1b 100644 --- a/target/arm/tcg/translate.c +++ b/target/arm/tcg/translate.c @@ -3053,7 +3053,7 @@ void gen_gvec_ssra(unsigned vece, uint32_t rd_ofs, uint32_t rm_ofs, .vece = MO_32 }, { .fni8 = gen_ssra64_i64, .fniv = gen_ssra_vec, - .fno = gen_helper_gvec_ssra_b, + .fno = gen_helper_gvec_ssra_d, .prefer_i64 = TCG_TARGET_REG_BITS == 64, .opt_opc = vecop_list, .load_dest = true, diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index ebfaf3d24c793..b45ce20fd8d33 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -2556,6 +2556,11 @@ static void register_smram_listener(Notifier *n, void *unused) &smram_address_space, 1, "kvm-smram"); } +int kvm_arch_get_default_type(MachineState *ms) +{ + return 0; +} + int kvm_arch_init(MachineState *ms, KVMState *s) { uint64_t identity_base = 0xfffbc000; diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc index 8f93a239ddba3..0db19cda3b752 100644 --- a/target/i386/tcg/decode-new.c.inc +++ b/target/i386/tcg/decode-new.c.inc @@ -337,7 +337,7 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = { [0x07] = X86_OP_ENTRY3(PHSUBSW, V,x, H,x, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66), [0x10] = X86_OP_ENTRY2(PBLENDVB, V,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66), - [0x13] = X86_OP_ENTRY2(VCVTPH2PS, V,x, W,ph, vex11 cpuid(F16C) p_66), + [0x13] = X86_OP_ENTRY2(VCVTPH2PS, V,x, W,xh, vex11 cpuid(F16C) p_66), [0x14] = X86_OP_ENTRY2(BLENDVPS, V,x, W,x, vex4 cpuid(SSE41) p_66), [0x15] = X86_OP_ENTRY2(BLENDVPD, V,x, W,x, vex4 cpuid(SSE41) p_66), /* Listed incorrectly as type 4 */ @@ -565,7 +565,7 @@ static const X86OpEntry opcodes_0F3A[256] = { [0x15] = X86_OP_ENTRY3(PEXTRW, E,w, V,dq, I,b, vex5 cpuid(SSE41) zext0 p_66), [0x16] = X86_OP_ENTRY3(PEXTR, E,y, V,dq, I,b, vex5 cpuid(SSE41) p_66), [0x17] = X86_OP_ENTRY3(VEXTRACTPS, E,d, V,dq, I,b, vex5 cpuid(SSE41) p_66), - [0x1d] = X86_OP_ENTRY3(VCVTPS2PH, W,ph, V,x, I,b, vex11 cpuid(F16C) p_66), + [0x1d] = X86_OP_ENTRY3(VCVTPS2PH, W,xh, V,x, I,b, vex11 cpuid(F16C) p_66), [0x20] = X86_OP_ENTRY4(PINSRB, V,dq, H,dq, E,b, vex5 cpuid(SSE41) zext2 p_66), [0x21] = X86_OP_GROUP0(VINSERTPS), @@ -805,10 +805,20 @@ static void decode_sse_unary(DisasContext *s, CPUX86State *env, X86OpEntry *entr case 0x51: entry->gen = gen_VSQRT; break; case 0x52: entry->gen = gen_VRSQRT; break; case 0x53: entry->gen = gen_VRCP; break; - case 0x5A: entry->gen = gen_VCVTfp2fp; break; } } +static void decode_0F5A(DisasContext *s, CPUX86State *env, X86OpEntry *entry, uint8_t *b) +{ + static const X86OpEntry opcodes_0F5A[4] = { + X86_OP_ENTRY2(VCVTPS2PD, V,x, W,xh, vex2), /* VCVTPS2PD */ + X86_OP_ENTRY2(VCVTPD2PS, V,x, W,x, vex2), /* VCVTPD2PS */ + X86_OP_ENTRY3(VCVTSS2SD, V,x, H,x, W,x, vex2_rep3), /* VCVTSS2SD */ + X86_OP_ENTRY3(VCVTSD2SS, V,x, H,x, W,x, vex2_rep3), /* VCVTSD2SS */ + }; + *entry = *decode_by_prefix(s, opcodes_0F5A); +} + static void decode_0F5B(DisasContext *s, CPUX86State *env, X86OpEntry *entry, uint8_t *b) { static const X86OpEntry opcodes_0F5B[4] = { @@ -891,7 +901,7 @@ static const X86OpEntry opcodes_0F[256] = { [0x58] = X86_OP_ENTRY3(VADD, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2), [0x59] = X86_OP_ENTRY3(VMUL, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2), - [0x5a] = X86_OP_GROUP3(sse_unary, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2), /* CVTPS2PD */ + [0x5a] = X86_OP_GROUP0(0F5A), [0x5b] = X86_OP_GROUP0(0F5B), [0x5c] = X86_OP_ENTRY3(VSUB, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2), [0x5d] = X86_OP_ENTRY3(VMIN, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2), @@ -1104,7 +1114,7 @@ static bool decode_op_size(DisasContext *s, X86OpEntry *e, X86OpSize size, MemOp *ot = s->vex_l ? MO_256 : MO_128; return true; - case X86_SIZE_ph: /* SSE/AVX packed half precision */ + case X86_SIZE_xh: /* SSE/AVX packed half register */ *ot = s->vex_l ? MO_128 : MO_64; return true; diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h index cb6b8bcf678cd..a542ec168134e 100644 --- a/target/i386/tcg/decode-new.h +++ b/target/i386/tcg/decode-new.h @@ -92,7 +92,7 @@ typedef enum X86OpSize { /* Custom */ X86_SIZE_d64, X86_SIZE_f64, - X86_SIZE_ph, /* SSE/AVX packed half precision */ + X86_SIZE_xh, /* SSE/AVX packed half register */ } X86OpSize; typedef enum X86CPUIDFeature { diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc index 4fe8dec427464..45a3e55cbfb04 100644 --- a/target/i386/tcg/emit.c.inc +++ b/target/i386/tcg/emit.c.inc @@ -1914,12 +1914,22 @@ static void gen_VCOMI(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) set_cc_op(s, CC_OP_EFLAGS); } -static void gen_VCVTfp2fp(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) +static void gen_VCVTPD2PS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) { - gen_unary_fp_sse(s, env, decode, - gen_helper_cvtpd2ps_xmm, gen_helper_cvtps2pd_xmm, - gen_helper_cvtpd2ps_ymm, gen_helper_cvtps2pd_ymm, - gen_helper_cvtsd2ss, gen_helper_cvtss2sd); + if (s->vex_l) { + gen_helper_cvtpd2ps_ymm(cpu_env, OP_PTR0, OP_PTR2); + } else { + gen_helper_cvtpd2ps_xmm(cpu_env, OP_PTR0, OP_PTR2); + } +} + +static void gen_VCVTPS2PD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) +{ + if (s->vex_l) { + gen_helper_cvtps2pd_ymm(cpu_env, OP_PTR0, OP_PTR2); + } else { + gen_helper_cvtps2pd_xmm(cpu_env, OP_PTR0, OP_PTR2); + } } static void gen_VCVTPS2PH(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) @@ -1936,6 +1946,16 @@ static void gen_VCVTPS2PH(DisasContext *s, CPUX86State *env, X86DecodedInsn *dec } } +static void gen_VCVTSD2SS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) +{ + gen_helper_cvtsd2ss(cpu_env, OP_PTR0, OP_PTR1, OP_PTR2); +} + +static void gen_VCVTSS2SD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) +{ + gen_helper_cvtss2sd(cpu_env, OP_PTR0, OP_PTR1, OP_PTR2); +} + static void gen_VCVTSI2Sx(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) { int vec_len = vector_len(s, decode); diff --git a/target/i386/tcg/sysemu/fpu_helper.c b/target/i386/tcg/sysemu/fpu_helper.c index 1c3610da3b919..93506cdd94e0b 100644 --- a/target/i386/tcg/sysemu/fpu_helper.c +++ b/target/i386/tcg/sysemu/fpu_helper.c @@ -18,6 +18,7 @@ */ #include "qemu/osdep.h" +#include "qemu/main-loop.h" #include "cpu.h" #include "hw/irq.h" @@ -31,7 +32,9 @@ void x86_register_ferr_irq(qemu_irq irq) void fpu_check_raise_ferr_irq(CPUX86State *env) { if (ferr_irq && !(env->hflags2 & HF2_IGNNE_MASK)) { + qemu_mutex_lock_iothread(); qemu_irq_raise(ferr_irq); + qemu_mutex_unlock_iothread(); return; } } @@ -45,6 +48,9 @@ void cpu_clear_ignne(void) void cpu_set_ignne(void) { CPUX86State *env = &X86_CPU(first_cpu)->env; + + assert(qemu_mutex_iothread_locked()); + env->hflags2 |= HF2_IGNNE_MASK; /* * We get here in response to a write to port F0h. The chipset should diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c index 90c7b32f3623b..e0a622941cb60 100644 --- a/target/i386/tcg/translate.c +++ b/target/i386/tcg/translate.c @@ -4619,7 +4619,11 @@ static bool disas_insn(DisasContext *s, CPUState *cpu) case 0x0a: /* grp d9/2 */ switch (rm) { case 0: /* fnop */ - /* check exceptions (FreeBSD FPU probe) */ + /* + * check exceptions (FreeBSD FPU probe) + * needs to be treated as I/O because of ferr_irq + */ + translator_io_start(&s->base); gen_helper_fwait(cpu_env); update_fip = false; break; @@ -5548,6 +5552,8 @@ static bool disas_insn(DisasContext *s, CPUState *cpu) (HF_MP_MASK | HF_TS_MASK)) { gen_exception(s, EXCP07_PREX); } else { + /* needs to be treated as I/O because of ferr_irq */ + translator_io_start(&s->base); gen_helper_fwait(cpu_env); } break; diff --git a/target/mips/kvm.c b/target/mips/kvm.c index c14e8f550fcc6..e98aad01bd582 100644 --- a/target/mips/kvm.c +++ b/target/mips/kvm.c @@ -1266,7 +1266,7 @@ int kvm_arch_msi_data_to_gsi(uint32_t data) abort(); } -int mips_kvm_type(MachineState *machine, const char *vm_type) +int kvm_arch_get_default_type(MachineState *machine) { #if defined(KVM_CAP_MIPS_VZ) int r; diff --git a/target/mips/kvm_mips.h b/target/mips/kvm_mips.h index 171d53dbe1396..c711269d0af76 100644 --- a/target/mips/kvm_mips.h +++ b/target/mips/kvm_mips.h @@ -25,13 +25,4 @@ void kvm_mips_reset_vcpu(MIPSCPU *cpu); int kvm_mips_set_interrupt(MIPSCPU *cpu, int irq, int level); int kvm_mips_set_ipi_interrupt(MIPSCPU *cpu, int irq, int level); -#ifdef CONFIG_KVM -int mips_kvm_type(MachineState *machine, const char *vm_type); -#else -static inline int mips_kvm_type(MachineState *machine, const char *vm_type) -{ - return 0; -} -#endif - #endif /* KVM_MIPS_H */ diff --git a/target/mips/tcg/translate.c b/target/mips/tcg/translate.c index 9bb40f1849d6e..593fc804588f3 100644 --- a/target/mips/tcg/translate.c +++ b/target/mips/tcg/translate.c @@ -11212,7 +11212,6 @@ static void gen_branch(DisasContext *ctx, int insn_bytes) /* Branches completion */ clear_branch_hflags(ctx); ctx->base.is_jmp = DISAS_NORETURN; - /* FIXME: Need to clear can_do_io. */ switch (proc_hflags & MIPS_HFLAG_BMASK_BASE) { case MIPS_HFLAG_FBNSLOT: gen_goto_tb(ctx, 0, ctx->base.pc_next + insn_bytes); diff --git a/target/ppc/cpu.c b/target/ppc/cpu.c index 424f2e1741606..48257f7225d7b 100644 --- a/target/ppc/cpu.c +++ b/target/ppc/cpu.c @@ -59,6 +59,7 @@ void ppc_store_vscr(CPUPPCState *env, uint32_t vscr) env->vscr_sat.u64[0] = vscr & (1u << VSCR_SAT); env->vscr_sat.u64[1] = 0; set_flush_to_zero((vscr >> VSCR_NJ) & 1, &env->vec_status); + set_flush_inputs_to_zero((vscr >> VSCR_NJ) & 1, &env->vec_status); } uint32_t ppc_get_vscr(CPUPPCState *env) diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c index a8a935e26726d..dc1182cd37e05 100644 --- a/target/ppc/kvm.c +++ b/target/ppc/kvm.c @@ -108,6 +108,11 @@ static int kvm_ppc_register_host_cpu_type(void); static void kvmppc_get_cpu_characteristics(KVMState *s); static int kvmppc_get_dec_bits(void); +int kvm_arch_get_default_type(MachineState *ms) +{ + return 0; +} + int kvm_arch_init(MachineState *ms, KVMState *s) { cap_interrupt_unset = kvm_check_extension(s, KVM_CAP_PPC_UNSET_IRQ); diff --git a/target/ppc/translate/fixedpoint-impl.c.inc b/target/ppc/translate/fixedpoint-impl.c.inc index f47f1a50e87fc..b423c09c261b5 100644 --- a/target/ppc/translate/fixedpoint-impl.c.inc +++ b/target/ppc/translate/fixedpoint-impl.c.inc @@ -71,7 +71,7 @@ static bool do_ldst_quad(DisasContext *ctx, arg_D *a, bool store, bool prefixed) { #if defined(TARGET_PPC64) TCGv ea; - TCGv_i64 low_addr_gpr, high_addr_gpr; + TCGv_i64 lo, hi; TCGv_i128 t16; REQUIRE_INSNS_FLAGS(ctx, 64BX); @@ -94,21 +94,21 @@ static bool do_ldst_quad(DisasContext *ctx, arg_D *a, bool store, bool prefixed) gen_set_access_type(ctx, ACCESS_INT); ea = do_ea_calc(ctx, a->ra, tcg_constant_tl(a->si)); - if (prefixed || !ctx->le_mode) { - low_addr_gpr = cpu_gpr[a->rt]; - high_addr_gpr = cpu_gpr[a->rt + 1]; + if (ctx->le_mode && prefixed) { + lo = cpu_gpr[a->rt]; + hi = cpu_gpr[a->rt + 1]; } else { - low_addr_gpr = cpu_gpr[a->rt + 1]; - high_addr_gpr = cpu_gpr[a->rt]; + lo = cpu_gpr[a->rt + 1]; + hi = cpu_gpr[a->rt]; } t16 = tcg_temp_new_i128(); if (store) { - tcg_gen_concat_i64_i128(t16, low_addr_gpr, high_addr_gpr); + tcg_gen_concat_i64_i128(t16, lo, hi); tcg_gen_qemu_st_i128(t16, ea, ctx->mem_idx, DEF_MEMOP(MO_128)); } else { tcg_gen_qemu_ld_i128(t16, ea, ctx->mem_idx, DEF_MEMOP(MO_128)); - tcg_gen_extr_i128_i64(low_addr_gpr, high_addr_gpr, t16); + tcg_gen_extr_i128_i64(lo, hi, t16); } #else qemu_build_not_reached(); diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 6b93b04453c8c..400c29f6586dc 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -88,6 +88,7 @@ static const struct isa_ext_data isa_edata_arr[] = { ISA_EXT_DATA_ENTRY(zicsr, PRIV_VERSION_1_10_0, ext_icsr), ISA_EXT_DATA_ENTRY(zifencei, PRIV_VERSION_1_10_0, ext_ifencei), ISA_EXT_DATA_ENTRY(zihintpause, PRIV_VERSION_1_10_0, ext_zihintpause), + ISA_EXT_DATA_ENTRY(zmmul, PRIV_VERSION_1_12_0, ext_zmmul), ISA_EXT_DATA_ENTRY(zawrs, PRIV_VERSION_1_12_0, ext_zawrs), ISA_EXT_DATA_ENTRY(zfa, PRIV_VERSION_1_12_0, ext_zfa), ISA_EXT_DATA_ENTRY(zfbfmin, PRIV_VERSION_1_12_0, ext_zfbfmin), @@ -298,6 +299,17 @@ static uint8_t satp_mode_from_str(const char *satp_mode_str) uint8_t satp_mode_max_from_map(uint32_t map) { + /* + * 'map = 0' will make us return (31 - 32), which C will + * happily overflow to UINT_MAX. There's no good result to + * return if 'map = 0' (e.g. returning 0 will be ambiguous + * with the result for 'map = 1'). + * + * Assert out if map = 0. Callers will have to deal with + * it outside of this function. + */ + g_assert(map > 0); + /* map here has at least one bit set, so no problem with clz */ return 31 - __builtin_clz(map); } @@ -904,7 +916,7 @@ static void riscv_cpu_reset_hold(Object *obj) #ifndef CONFIG_USER_ONLY if (cpu->cfg.debug) { - riscv_trigger_init(env); + riscv_trigger_reset_hold(env); } if (kvm_enabled()) { @@ -1303,9 +1315,15 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp) static void riscv_cpu_satp_mode_finalize(RISCVCPU *cpu, Error **errp) { bool rv32 = riscv_cpu_mxl(&cpu->env) == MXL_RV32; - uint8_t satp_mode_map_max; - uint8_t satp_mode_supported_max = - satp_mode_max_from_map(cpu->cfg.satp_mode.supported); + uint8_t satp_mode_map_max, satp_mode_supported_max; + + /* The CPU wants the OS to decide which satp mode to use */ + if (cpu->cfg.satp_mode.supported == 0) { + return; + } + + satp_mode_supported_max = + satp_mode_max_from_map(cpu->cfg.satp_mode.supported); if (cpu->cfg.satp_mode.map == 0) { if (cpu->cfg.satp_mode.init == 0) { @@ -1473,6 +1491,12 @@ static void riscv_cpu_realize(DeviceState *dev, Error **errp) riscv_cpu_register_gdb_regs_for_features(cs); +#ifndef CONFIG_USER_ONLY + if (cpu->cfg.debug) { + riscv_trigger_realize(&cpu->env); + } +#endif + qemu_init_vcpu(cs); cpu_reset(cs); diff --git a/target/riscv/debug.c b/target/riscv/debug.c index 75ee1c4971ab2..ddd46b2d3e658 100644 --- a/target/riscv/debug.c +++ b/target/riscv/debug.c @@ -903,7 +903,17 @@ bool riscv_cpu_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp) return false; } -void riscv_trigger_init(CPURISCVState *env) +void riscv_trigger_realize(CPURISCVState *env) +{ + int i; + + for (i = 0; i < RV_MAX_TRIGGERS; i++) { + env->itrigger_timer[i] = timer_new_ns(QEMU_CLOCK_VIRTUAL, + riscv_itrigger_timer_cb, env); + } +} + +void riscv_trigger_reset_hold(CPURISCVState *env) { target_ulong tdata1 = build_tdata1(env, TRIGGER_TYPE_AD_MATCH, 0, 0); int i; @@ -928,7 +938,6 @@ void riscv_trigger_init(CPURISCVState *env) env->tdata3[i] = 0; env->cpu_breakpoint[i] = NULL; env->cpu_watchpoint[i] = NULL; - env->itrigger_timer[i] = timer_new_ns(QEMU_CLOCK_VIRTUAL, - riscv_itrigger_timer_cb, env); + timer_del(env->itrigger_timer[i]); } } diff --git a/target/riscv/debug.h b/target/riscv/debug.h index c471748d5a902..5794aa6ee5311 100644 --- a/target/riscv/debug.h +++ b/target/riscv/debug.h @@ -143,7 +143,8 @@ void riscv_cpu_debug_excp_handler(CPUState *cs); bool riscv_cpu_debug_check_breakpoint(CPUState *cs); bool riscv_cpu_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp); -void riscv_trigger_init(CPURISCVState *env); +void riscv_trigger_realize(CPURISCVState *env); +void riscv_trigger_reset_hold(CPURISCVState *env); bool riscv_itrigger_enabled(CPURISCVState *env); void riscv_itrigger_update_priv(CPURISCVState *env); diff --git a/target/riscv/insn_trans/trans_rvzfa.c.inc b/target/riscv/insn_trans/trans_rvzfa.c.inc index 2c715af3e5940..0fdd2698f6e2e 100644 --- a/target/riscv/insn_trans/trans_rvzfa.c.inc +++ b/target/riscv/insn_trans/trans_rvzfa.c.inc @@ -470,7 +470,7 @@ bool trans_fleq_d(DisasContext *ctx, arg_fleq_d *a) TCGv_i64 src1 = get_fpr_hs(ctx, a->rs1); TCGv_i64 src2 = get_fpr_hs(ctx, a->rs2); - gen_helper_fltq_s(dest, cpu_env, src1, src2); + gen_helper_fleq_d(dest, cpu_env, src1, src2); gen_set_gpr(ctx, a->rd, dest); return true; } @@ -485,7 +485,7 @@ bool trans_fltq_d(DisasContext *ctx, arg_fltq_d *a) TCGv_i64 src1 = get_fpr_hs(ctx, a->rs1); TCGv_i64 src2 = get_fpr_hs(ctx, a->rs2); - gen_helper_fltq_s(dest, cpu_env, src1, src2); + gen_helper_fltq_d(dest, cpu_env, src1, src2); gen_set_gpr(ctx, a->rd, dest); return true; } diff --git a/target/riscv/kvm.c b/target/riscv/kvm.c index b1fd2233c0399..dbcf26f27d392 100644 --- a/target/riscv/kvm.c +++ b/target/riscv/kvm.c @@ -914,6 +914,11 @@ int kvm_arch_add_msi_route_post(struct kvm_irq_routing_entry *route, return 0; } +int kvm_arch_get_default_type(MachineState *ms) +{ + return 0; +} + int kvm_arch_init(MachineState *ms, KVMState *s) { return 0; diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c index 9d8db493e6829..5e60c26031bb3 100644 --- a/target/riscv/pmp.c +++ b/target/riscv/pmp.c @@ -44,6 +44,10 @@ static inline uint8_t pmp_get_a_field(uint8_t cfg) */ static inline int pmp_is_locked(CPURISCVState *env, uint32_t pmp_index) { + /* mseccfg.RLB is set */ + if (MSECCFG_RLB_ISSET(env)) { + return 0; + } if (env->pmp_state.pmp[pmp_index].cfg_reg & PMP_LOCK) { return 1; diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c index 4d06754826628..35c9734979ff5 100644 --- a/target/riscv/vector_helper.c +++ b/target/riscv/vector_helper.c @@ -583,7 +583,7 @@ vext_ldff(void *vd, void *v0, target_ulong base, cpu_mmu_index(env, false)); if (host) { #ifdef CONFIG_USER_ONLY - if (page_check_range(addr, offset, PAGE_READ)) { + if (!page_check_range(addr, offset, PAGE_READ)) { vl = i; goto ProbeSuccess; } @@ -3562,7 +3562,7 @@ static uint32_t fwmaccbf16(uint16_t a, uint16_t b, uint32_t d, float_status *s) RVVCALL(OPFVV3, vfwmaccbf16_vv, WOP_UUU_H, H4, H2, H2, fwmaccbf16) GEN_VEXT_VV_ENV(vfwmaccbf16_vv, 4) -RVVCALL(OPFVF3, vfwmaccbf16_vf, WOP_UUU_H, H4, H2, fwmacc16) +RVVCALL(OPFVF3, vfwmaccbf16_vf, WOP_UUU_H, H4, H2, fwmaccbf16) GEN_VEXT_VF(vfwmaccbf16_vf, 4) static uint32_t fwnmacc16(uint16_t a, uint16_t b, uint32_t d, float_status *s) diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c index a9e5880349d9e..9117fab6e8ef5 100644 --- a/target/s390x/kvm/kvm.c +++ b/target/s390x/kvm/kvm.c @@ -340,6 +340,11 @@ static void ccw_machine_class_foreach(ObjectClass *oc, void *opaque) mc->default_cpu_type = S390_CPU_TYPE_NAME("host"); } +int kvm_arch_get_default_type(MachineState *ms) +{ + return 0; +} + int kvm_arch_init(MachineState *ms, KVMState *s) { object_class_foreach(ccw_machine_class_foreach, TYPE_S390_CCW_MACHINE, diff --git a/target/s390x/tcg/translate_vx.c.inc b/target/s390x/tcg/translate_vx.c.inc index f8df121d3d3b7..ec94d39df06e0 100644 --- a/target/s390x/tcg/translate_vx.c.inc +++ b/target/s390x/tcg/translate_vx.c.inc @@ -57,7 +57,7 @@ #define FPF_LONG 3 #define FPF_EXT 4 -static inline bool valid_vec_element(uint8_t enr, MemOp es) +static inline bool valid_vec_element(uint16_t enr, MemOp es) { return !(enr & ~(NUM_VEC_ELEMENTS(es) - 1)); } @@ -964,7 +964,7 @@ static DisasJumpType op_vpdi(DisasContext *s, DisasOps *o) static DisasJumpType op_vrep(DisasContext *s, DisasOps *o) { - const uint8_t enr = get_field(s, i2); + const uint16_t enr = get_field(s, i2); const uint8_t es = get_field(s, m4); if (es > ES_64 || !valid_vec_element(enr, es)) { @@ -3047,7 +3047,7 @@ static DisasJumpType op_vfmax(DisasContext *s, DisasOps *o) const uint8_t m5 = get_field(s, m5); gen_helper_gvec_3_ptr *fn; - if (m6 == 5 || m6 == 6 || m6 == 7 || m6 >= 13) { + if (m6 == 5 || m6 == 6 || m6 == 7 || m6 >= 13 || (m5 & 7)) { gen_program_exception(s, PGM_SPECIFICATION); return DISAS_NORETURN; } diff --git a/target/s390x/tcg/vec_helper.c b/target/s390x/tcg/vec_helper.c index 48d86722b2d0c..dafc4c3582c64 100644 --- a/target/s390x/tcg/vec_helper.c +++ b/target/s390x/tcg/vec_helper.c @@ -193,7 +193,7 @@ void HELPER(vstl)(CPUS390XState *env, const void *v1, uint64_t addr, uint64_t bytes) { /* Probe write access before actually modifying memory */ - probe_write_access(env, addr, bytes, GETPC()); + probe_write_access(env, addr, MIN(bytes, 16), GETPC()); if (likely(bytes >= 16)) { cpu_stq_data_ra(env, addr, s390_vec_read_element64(v1, 0), GETPC()); diff --git a/target/s390x/tcg/vec_string_helper.c b/target/s390x/tcg/vec_string_helper.c index 9b85becdfbff0..a19f429768f8f 100644 --- a/target/s390x/tcg/vec_string_helper.c +++ b/target/s390x/tcg/vec_string_helper.c @@ -474,9 +474,9 @@ DEF_VSTRC_CC_RT_HELPER(32) static int vstrs(S390Vector *v1, const S390Vector *v2, const S390Vector *v3, const S390Vector *v4, uint8_t es, bool zs) { - int substr_elen, substr_0, str_elen, i, j, k, cc; + int substr_elen, i, j, k, cc; int nelem = 16 >> es; - bool eos = false; + int str_leftmost_0; substr_elen = s390_vec_read_element8(v4, 7) >> es; @@ -498,47 +498,20 @@ static int vstrs(S390Vector *v1, const S390Vector *v2, const S390Vector *v3, } /* If ZS, look for eos in the searched string. */ + str_leftmost_0 = nelem; if (zs) { for (k = 0; k < nelem; k++) { if (s390_vec_read_element(v2, k, es) == 0) { - eos = true; + str_leftmost_0 = k; break; } } - str_elen = k; - } else { - str_elen = nelem; } - substr_0 = s390_vec_read_element(v3, 0, es); - - for (k = 0; ; k++) { - for (; k < str_elen; k++) { - if (s390_vec_read_element(v2, k, es) == substr_0) { - break; - } - } - - /* If we reached the end of the string, no match. */ - if (k == str_elen) { - cc = eos; /* no match (with or without zero char) */ - goto done; - } - - /* If the substring is only one char, match. */ - if (substr_elen == 1) { - cc = 2; /* full match */ - goto done; - } - - /* If the match begins at the last char, we have a partial match. */ - if (k == str_elen - 1) { - cc = 3; /* partial match */ - goto done; - } - + cc = str_leftmost_0 == nelem ? 0 : 1; /* No match. */ + for (k = 0; k < nelem; k++) { i = MIN(nelem, k + substr_elen); - for (j = k + 1; j < i; j++) { + for (j = k; j < i; j++) { uint32_t e2 = s390_vec_read_element(v2, j, es); uint32_t e3 = s390_vec_read_element(v3, j - k, es); if (e2 != e3) { @@ -546,9 +519,16 @@ static int vstrs(S390Vector *v1, const S390Vector *v2, const S390Vector *v3, } } if (j == i) { - /* Matched up until "end". */ - cc = i - k == substr_elen ? 2 : 3; /* full or partial match */ - goto done; + /* All elements matched. */ + if (k > str_leftmost_0) { + cc = 1; /* Ignored match. */ + k = nelem; + } else if (i - k == substr_elen) { + cc = 2; /* Full match. */ + } else { + cc = 3; /* Partial match. */ + } + break; } } diff --git a/target/tricore/translate.c b/target/tricore/translate.c index 19477338700db..e7fa5a825ac37 100644 --- a/target/tricore/translate.c +++ b/target/tricore/translate.c @@ -5317,8 +5317,11 @@ static void decode_rcpw_insert(DisasContext *ctx) } break; case OPC2_32_RCPW_INSERT: + /* tcg_gen_deposit_tl() does not handle the case of width = 0 */ + if (width == 0) { + tcg_gen_mov_tl(cpu_gpr_d[r2], cpu_gpr_d[r1]); /* if pos + width > 32 undefined result */ - if (pos + width <= 32) { + } else if (pos + width <= 32) { temp = tcg_constant_i32(const4); tcg_gen_deposit_tl(cpu_gpr_d[r2], cpu_gpr_d[r1], temp, pos, width); } @@ -6558,7 +6561,10 @@ static void decode_rrpw_extract_insert(DisasContext *ctx) break; case OPC2_32_RRPW_INSERT: - if (pos + width <= 32) { + /* tcg_gen_deposit_tl() does not handle the case of width = 0 */ + if (width == 0) { + tcg_gen_mov_tl(cpu_gpr_d[r3], cpu_gpr_d[r1]); + } else if (pos + width <= 32) { tcg_gen_deposit_tl(cpu_gpr_d[r3], cpu_gpr_d[r1], cpu_gpr_d[r2], pos, width); } diff --git a/tests/qemu-iotests/181 b/tests/qemu-iotests/181 index cb96d09ae5d03..dc90a10757f91 100755 --- a/tests/qemu-iotests/181 +++ b/tests/qemu-iotests/181 @@ -109,7 +109,7 @@ if [ ${QEMU_STATUS[$dest]} -lt 0 ]; then _notrun 'Postcopy is not supported' fi -_send_qemu_cmd $src 'migrate_set_parameter max_bandwidth 4k' "(qemu)" +_send_qemu_cmd $src 'migrate_set_parameter max-bandwidth 4k' "(qemu)" _send_qemu_cmd $src 'migrate_set_capability postcopy-ram on' "(qemu)" _send_qemu_cmd $src "migrate -d unix:${MIG_SOCKET}" "(qemu)" _send_qemu_cmd $src 'migrate_start_postcopy' "(qemu)" diff --git a/tests/qemu-iotests/tests/file-io-error b/tests/qemu-iotests/tests/file-io-error new file mode 100755 index 0000000000000..88ee5f670c496 --- /dev/null +++ b/tests/qemu-iotests/tests/file-io-error @@ -0,0 +1,119 @@ +#!/usr/bin/env bash +# group: rw +# +# Produce an I/O error in file-posix, and hope that it is not catastrophic. +# Regression test for: https://bugzilla.redhat.com/show_bug.cgi?id=2234374 +# +# Copyright (C) 2023 Red Hat, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +seq=$(basename "$0") +echo "QA output created by $seq" + +status=1 # failure is the default! + +_cleanup() +{ + _cleanup_qemu + rm -f "$TEST_DIR/fuse-export" +} +trap "_cleanup; exit \$status" 0 1 2 3 15 + +# get standard environment, filters and checks +. ../common.rc +. ../common.filter +. ../common.qemu + +# Format-agnostic (we do not use any), but we do test the file protocol +_supported_proto file +_require_drivers blkdebug null-co + +if [ "$IMGOPTSSYNTAX" = "true" ]; then + # We need `$QEMU_IO -f file` to work; IMGOPTSSYNTAX uses --image-opts, + # breaking -f. + _unsupported_fmt $IMGFMT +fi + +# This is a regression test of a bug in which flie-posix would access zone +# information in case of an I/O error even when there is no zone information, +# resulting in a division by zero. +# To reproduce the problem, we need to trigger an I/O error inside of +# file-posix, which can be done (rootless) by providing a FUSE export that +# presents only errors when accessed. + +_launch_qemu +_send_qemu_cmd $QEMU_HANDLE \ + "{'execute': 'qmp_capabilities'}" \ + 'return' + +_send_qemu_cmd $QEMU_HANDLE \ + "{'execute': 'blockdev-add', + 'arguments': { + 'driver': 'blkdebug', + 'node-name': 'node0', + 'inject-error': [{'event': 'none'}], + 'image': { + 'driver': 'null-co' + } + }}" \ + 'return' + +# FUSE mountpoint must exist and be a regular file +touch "$TEST_DIR/fuse-export" + +# The grep -v to filter fusermount's (benign) error when /etc/fuse.conf does +# not contain user_allow_other and the subsequent check for missing FUSE support +# have both been taken from iotest 308. +output=$(_send_qemu_cmd $QEMU_HANDLE \ + "{'execute': 'block-export-add', + 'arguments': { + 'id': 'exp0', + 'type': 'fuse', + 'node-name': 'node0', + 'mountpoint': '$TEST_DIR/fuse-export', + 'writable': true + }}" \ + 'return' \ + | grep -v 'option allow_other only allowed if') + +if echo "$output" | grep -q "Parameter 'type' does not accept value 'fuse'"; then + _notrun 'No FUSE support' +fi +echo "$output" + +echo +# This should fail, but gracefully, i.e. just print an I/O error, not crash. +$QEMU_IO -f file -c 'write 0 64M' "$TEST_DIR/fuse-export" | _filter_qemu_io +echo + +_send_qemu_cmd $QEMU_HANDLE \ + "{'execute': 'block-export-del', + 'arguments': {'id': 'exp0'}}" \ + 'return' + +_send_qemu_cmd $QEMU_HANDLE \ + '' \ + 'BLOCK_EXPORT_DELETED' + +_send_qemu_cmd $QEMU_HANDLE \ + "{'execute': 'blockdev-del', + 'arguments': {'node-name': 'node0'}}" \ + 'return' + +# success, all done +echo "*** done" +rm -f $seq.full +status=0 diff --git a/tests/qemu-iotests/tests/file-io-error.out b/tests/qemu-iotests/tests/file-io-error.out new file mode 100644 index 0000000000000..0f46455a94a71 --- /dev/null +++ b/tests/qemu-iotests/tests/file-io-error.out @@ -0,0 +1,33 @@ +QA output created by file-io-error +{'execute': 'qmp_capabilities'} +{"return": {}} +{'execute': 'blockdev-add', + 'arguments': { + 'driver': 'blkdebug', + 'node-name': 'node0', + 'inject-error': [{'event': 'none'}], + 'image': { + 'driver': 'null-co' + } + }} +{"return": {}} +{'execute': 'block-export-add', + 'arguments': { + 'id': 'exp0', + 'type': 'fuse', + 'node-name': 'node0', + 'mountpoint': 'TEST_DIR/fuse-export', + 'writable': true + }} +{"return": {}} + +write failed: Input/output error + +{'execute': 'block-export-del', + 'arguments': {'id': 'exp0'}} +{"return": {}} +{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "exp0"}} +{'execute': 'blockdev-del', + 'arguments': {'node-name': 'node0'}} +{"return": {}} +*** done diff --git a/tests/qtest/libqos/ahci.c b/tests/qtest/libqos/ahci.c index f53f12aa9965f..a2c94c6e06088 100644 --- a/tests/qtest/libqos/ahci.c +++ b/tests/qtest/libqos/ahci.c @@ -404,57 +404,110 @@ void ahci_port_clear(AHCIQState *ahci, uint8_t port) /** * Check a port for errors. */ -void ahci_port_check_error(AHCIQState *ahci, uint8_t port, - uint32_t imask, uint8_t emask) +void ahci_port_check_error(AHCIQState *ahci, AHCICommand *cmd) { + uint8_t port = cmd->port; uint32_t reg; - /* The upper 9 bits of the IS register all indicate errors. */ - reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); - reg &= ~imask; - reg >>= 23; - g_assert_cmphex(reg, ==, 0); + /* If expecting TF error, ensure that TFES is set. */ + if (cmd->errors) { + reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); + ASSERT_BIT_SET(reg, AHCI_PX_IS_TFES); + } else { + /* The upper 9 bits of the IS register all indicate errors. */ + reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); + reg &= ~cmd->interrupts; + reg >>= 23; + g_assert_cmphex(reg, ==, 0); + } - /* The Sata Error Register should be empty. */ + /* The Sata Error Register should be empty, even when expecting TF error. */ reg = ahci_px_rreg(ahci, port, AHCI_PX_SERR); g_assert_cmphex(reg, ==, 0); + /* If expecting TF error, and TFES was set, perform error recovery + * (see AHCI 1.3 section 6.2.2.1) such that we can send new commands. */ + if (cmd->errors) { + /* This will clear PxCI. */ + ahci_px_clr(ahci, port, AHCI_PX_CMD, AHCI_PX_CMD_ST); + + /* The port has 500ms to disengage. */ + usleep(500000); + reg = ahci_px_rreg(ahci, port, AHCI_PX_CMD); + ASSERT_BIT_CLEAR(reg, AHCI_PX_CMD_CR); + + /* Clear PxIS. */ + reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); + ahci_px_wreg(ahci, port, AHCI_PX_IS, reg); + + /* Check if we need to perform a COMRESET. + * Not implemented right now, as there is no reason why our QEMU model + * should need a COMRESET when expecting TF error. */ + reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD); + ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_BSY | AHCI_PX_TFD_STS_DRQ); + + /* Enable issuing new commands. */ + ahci_px_set(ahci, port, AHCI_PX_CMD, AHCI_PX_CMD_ST); + } + /* The TFD also has two error sections. */ reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD); - if (!emask) { + if (!cmd->errors) { ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_ERR); } else { ASSERT_BIT_SET(reg, AHCI_PX_TFD_STS_ERR); } - ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_ERR & (~emask << 8)); - ASSERT_BIT_SET(reg, AHCI_PX_TFD_ERR & (emask << 8)); + ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_ERR & (~cmd->errors << 8)); + ASSERT_BIT_SET(reg, AHCI_PX_TFD_ERR & (cmd->errors << 8)); } -void ahci_port_check_interrupts(AHCIQState *ahci, uint8_t port, - uint32_t intr_mask) +void ahci_port_check_interrupts(AHCIQState *ahci, AHCICommand *cmd) { + uint8_t port = cmd->port; uint32_t reg; + /* If we expect errors, error handling in ahci_port_check_error() will + * already have cleared PxIS, so in that case this function cannot verify + * and clear expected interrupts. */ + if (cmd->errors) { + return; + } + /* Check for expected interrupts */ reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); - ASSERT_BIT_SET(reg, intr_mask); + ASSERT_BIT_SET(reg, cmd->interrupts); /* Clear expected interrupts and assert all interrupts now cleared. */ - ahci_px_wreg(ahci, port, AHCI_PX_IS, intr_mask); + ahci_px_wreg(ahci, port, AHCI_PX_IS, cmd->interrupts); g_assert_cmphex(ahci_px_rreg(ahci, port, AHCI_PX_IS), ==, 0); } -void ahci_port_check_nonbusy(AHCIQState *ahci, uint8_t port, uint8_t slot) +void ahci_port_check_nonbusy(AHCIQState *ahci, AHCICommand *cmd) { + uint8_t slot = cmd->slot; + uint8_t port = cmd->port; uint32_t reg; - /* Assert that the command slot is no longer busy (NCQ) */ + /* For NCQ command with error PxSACT bit should still be set. + * For NCQ command without error, PxSACT bit should be cleared. + * For non-NCQ command, PxSACT bit should always be cleared. */ reg = ahci_px_rreg(ahci, port, AHCI_PX_SACT); - ASSERT_BIT_CLEAR(reg, (1 << slot)); + if (cmd->props->ncq && cmd->errors) { + ASSERT_BIT_SET(reg, (1 << slot)); + } else { + ASSERT_BIT_CLEAR(reg, (1 << slot)); + } - /* Non-NCQ */ + /* For non-NCQ command with error, PxCI bit should still be set. + * For non-NCQ command without error, PxCI bit should be cleared. + * For NCQ command without error, PxCI bit should be cleared. + * For NCQ command with error, PxCI bit may or may not be cleared. */ reg = ahci_px_rreg(ahci, port, AHCI_PX_CI); - ASSERT_BIT_CLEAR(reg, (1 << slot)); + if (!cmd->props->ncq && cmd->errors) { + ASSERT_BIT_SET(reg, (1 << slot)); + } else if (!cmd->errors) { + ASSERT_BIT_CLEAR(reg, (1 << slot)); + } /* And assert that we are generally not busy. */ reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD); @@ -1207,9 +1260,10 @@ void ahci_command_wait(AHCIQState *ahci, AHCICommand *cmd) #define RSET(REG, MASK) (BITSET(ahci_px_rreg(ahci, cmd->port, (REG)), (MASK))) - while (RSET(AHCI_PX_TFD, AHCI_PX_TFD_STS_BSY) || - RSET(AHCI_PX_CI, 1 << cmd->slot) || - (cmd->props->ncq && RSET(AHCI_PX_SACT, 1 << cmd->slot))) { + while (!RSET(AHCI_PX_TFD, AHCI_PX_TFD_STS_ERR) && + (RSET(AHCI_PX_TFD, AHCI_PX_TFD_STS_BSY) || + RSET(AHCI_PX_CI, 1 << cmd->slot) || + (cmd->props->ncq && RSET(AHCI_PX_SACT, 1 << cmd->slot)))) { usleep(50); } @@ -1226,9 +1280,9 @@ void ahci_command_verify(AHCIQState *ahci, AHCICommand *cmd) uint8_t slot = cmd->slot; uint8_t port = cmd->port; - ahci_port_check_error(ahci, port, cmd->interrupts, cmd->errors); - ahci_port_check_interrupts(ahci, port, cmd->interrupts); - ahci_port_check_nonbusy(ahci, port, slot); + ahci_port_check_nonbusy(ahci, cmd); + ahci_port_check_error(ahci, cmd); + ahci_port_check_interrupts(ahci, cmd); ahci_port_check_cmd_sanity(ahci, cmd); if (cmd->interrupts & AHCI_PX_IS_DHRS) { ahci_port_check_d2h_sanity(ahci, port, slot); diff --git a/tests/qtest/libqos/ahci.h b/tests/qtest/libqos/ahci.h index 88835b622830c..48017864bfacf 100644 --- a/tests/qtest/libqos/ahci.h +++ b/tests/qtest/libqos/ahci.h @@ -590,11 +590,9 @@ void ahci_set_command_header(AHCIQState *ahci, uint8_t port, void ahci_destroy_command(AHCIQState *ahci, uint8_t port, uint8_t slot); /* AHCI sanity check routines */ -void ahci_port_check_error(AHCIQState *ahci, uint8_t port, - uint32_t imask, uint8_t emask); -void ahci_port_check_interrupts(AHCIQState *ahci, uint8_t port, - uint32_t intr_mask); -void ahci_port_check_nonbusy(AHCIQState *ahci, uint8_t port, uint8_t slot); +void ahci_port_check_error(AHCIQState *ahci, AHCICommand *cmd); +void ahci_port_check_interrupts(AHCIQState *ahci, AHCICommand *cmd); +void ahci_port_check_nonbusy(AHCIQState *ahci, AHCICommand *cmd); void ahci_port_check_d2h_sanity(AHCIQState *ahci, uint8_t port, uint8_t slot); void ahci_port_check_pio_sanity(AHCIQState *ahci, AHCICommand *cmd); void ahci_port_check_cmd_sanity(AHCIQState *ahci, AHCICommand *cmd); diff --git a/tests/qtest/test-hmp.c b/tests/qtest/test-hmp.c index 6704be239be7e..c0d2d70689304 100644 --- a/tests/qtest/test-hmp.c +++ b/tests/qtest/test-hmp.c @@ -45,9 +45,9 @@ static const char *hmp_cmds[] = { "log all", "log none", "memsave 0 4096 \"/dev/null\"", - "migrate_set_parameter xbzrle_cache_size 1", - "migrate_set_parameter downtime_limit 1", - "migrate_set_parameter max_bandwidth 1", + "migrate_set_parameter xbzrle-cache-size 1", + "migrate_set_parameter downtime-limit 1", + "migrate_set_parameter max-bandwidth 1", "netdev_add user,id=net1", "set_link net1 off", "set_link net1 on", diff --git a/tests/tcg/tricore/asm/macros.h b/tests/tcg/tricore/asm/macros.h index b5087b5c97e53..51f6191ef2f7a 100644 --- a/tests/tcg/tricore/asm/macros.h +++ b/tests/tcg/tricore/asm/macros.h @@ -161,6 +161,21 @@ test_ ## num: \ insn DREG_CALC_RESULT, DREG_RS1, imm1, DREG_RS2, imm2; \ ) +#define TEST_D_DDII(insn, num, result, rs1, rs2, imm1, imm2) \ + TEST_CASE(num, DREG_CALC_RESULT, result, \ + LI(DREG_RS1, rs1); \ + LI(DREG_RS2, rs2); \ + rstv; \ + insn DREG_CALC_RESULT, DREG_RS1, DREG_RS2, imm1, imm2; \ + ) + +#define TEST_D_DIII(insn, num, result, rs1, imm1, imm2, imm3)\ + TEST_CASE(num, DREG_CALC_RESULT, result, \ + LI(DREG_RS1, rs1); \ + rstv; \ + insn DREG_CALC_RESULT, DREG_RS1, imm1, imm2, imm3; \ + ) + #define TEST_E_ED(insn, num, res_hi, res_lo, rs1_hi, rs1_lo, rs2) \ TEST_CASE_E(num, res_lo, res_hi, \ LI(EREG_RS1_LO, rs1_lo); \ diff --git a/tests/tcg/tricore/asm/test_insert.S b/tests/tcg/tricore/asm/test_insert.S index d5fd2237e1881..3978810121446 100644 --- a/tests/tcg/tricore/asm/test_insert.S +++ b/tests/tcg/tricore/asm/test_insert.S @@ -6,4 +6,13 @@ _start: # | | | | | | | TEST_D_DIDI(insert, 1, 0x7fffffff, 0xffffffff, 0xa, 0x10, 0x8) +# insn num result rs1 imm1 imm2 imm3 +# | | | | | | | + TEST_D_DIII(insert, 2, 0xd38fe370, 0xd38fe370, 0x4, 0x4 , 0x0) + TEST_D_DIII(insert, 3, 0xd38fe374, 0xd38fe370, 0x4, 0x0 , 0x4) + +# insn num result rs1 rs2 pos width +# | | | | | | | + TEST_D_DDII(insert, 4, 0x03c1e53c, 0x03c1e53c, 0x45821385, 0x7 ,0x0) + TEST_PASSFAIL diff --git a/tracewrap.c b/tracewrap.c new file mode 100644 index 0000000000000..f2afcb5bb221e --- /dev/null +++ b/tracewrap.c @@ -0,0 +1,360 @@ +#include "tracewrap.h" +#include "trace_consts.h" +#include "exec/cpu_ldst.h" + +#include +#include +#include "qemu/log.h" + +#include +#include +#include + +#include +#include + + +char tracer_name[] = "qemu"; +char tracer_version[] = "2.0.0/tracewrap"; + +static Frame * g_frame; +static uint64_t frames_per_toc_entry = 64LL; +static uint32_t open_frame = 0; +static FILE *file = NULL; + +/* don't use the following data directly! + use toc_init, toc_update and toc_write functions instead */ +static uint64_t *toc = NULL; +static int toc_entries = 0; +static int toc_capacity = 0; +static uint64_t toc_num_frames = 0; + +#define MD5LEN 16 +static guchar target_md5[MD5LEN]; +static char target_path[PATH_MAX] = "unknown"; + + +#define WRITE(x) do { \ + if (!file) \ + err(1, "qemu_trace is not initialized"); \ + if (fwrite(&(x), sizeof(x),1,file) != 1) \ + err(1, "fwrite failed"); \ + } while(0) + +#define WRITE_BUF(x,n) do { \ + if (!file) \ + err(1, "qemu_trace is not initialized"); \ + if (fwrite((x),1,(n),file) != n) \ + err(1, "fwrite failed"); \ + } while(0) + +#define SEEK(off) do { \ + if (fseek(file,(off), SEEK_SET) < 0) \ + err(1, "stream not seekable"); \ + } while(0) + + +static void toc_init(void) { + if (toc_entries != 0) + err(1, "qemu_trace was initialized twice"); + toc = g_new(uint64_t, 1024); + toc_capacity = 1024; + toc_entries = 0; +} + +static void toc_append(uint64_t entry) { + if (toc_capacity <= toc_entries) { + toc = g_renew(uint64_t, toc, toc_capacity * 2); + toc_capacity *= 2; + } + toc[toc_entries++] = entry; +} + +static void toc_write(void) { + int64_t toc_offset = ftell(file); + if (toc_offset > 0) { + int i = 0; + WRITE(frames_per_toc_entry); + for (i = 0; i < toc_entries; i++) + WRITE(toc[i]); + SEEK(num_trace_frames_offset); + WRITE(toc_num_frames); + SEEK(toc_offset_offset); + WRITE(toc_offset); + } +} + +static void toc_update(void) { + toc_num_frames++; + if (toc_num_frames % frames_per_toc_entry == 0) { + int64_t off = ftell(file); + if (off >= 0) toc_append(off); + } +} + +static void write_header(void) { + uint64_t toc_off = 0L; + WRITE(magic_number); + WRITE(out_trace_version); + WRITE(frame_arch); + WRITE(frame_mach); + WRITE(toc_num_frames); + WRITE(toc_off); +} + +static int list_length(char **list) { + int n=0; + if (list) { + char **p = list; + for (;*p;p++,n++); + } + return n; +} + +static void compute_target_md5(void) { + const GChecksumType md5 = G_CHECKSUM_MD5; + GChecksum *cs = g_checksum_new(md5); + FILE *target = fopen(target_path, "r"); + guchar buf[BUFSIZ]; + gsize expected_length = MD5LEN; + + if (!cs) err(1, "failed to create a checksum"); + if (!target) err(1, "failed to open target binary"); + if (g_checksum_type_get_length(md5) != expected_length) abort(); + + while (!feof(target)) { + size_t len = fread(buf,1,BUFSIZ,target); + if (ferror(target)) + err(1, "failed to read target binary"); + g_checksum_update(cs, buf, len); + } + + g_checksum_get_digest(cs, target_md5, &expected_length); + fclose(target); +} + +static void store_to_trace(ProtobufCBuffer *self, size_t len, const uint8_t *data) { + WRITE_BUF(data,len); +} + +static void init_tracer(Tracer *tracer, char **argv, char **envp) { + tracer__init(tracer); + tracer->name = tracer_name; + tracer->n_args = list_length(argv); + tracer->args = argv; + tracer->n_envp = list_length(envp); + tracer->envp = envp; + tracer->version = tracer_version; +} + +static void init_target(Target *target, char **argv, char **envp) { + compute_target_md5(); + + target__init(target); + target->path = target_path; + target->n_args = list_length(argv); + target->args = argv; + target->n_envp = list_length(envp); + target->envp = envp; + target->md5sum.len = MD5LEN; + target->md5sum.data = target_md5; +} + +#ifdef G_OS_UNIX +static void unix_fill_fstats(Fstats *fstats, char *path) { + struct stat stats; + if (stat(path, &stats) < 0) + err(1, "failed to obtain file stats"); + + fstats->size = stats.st_size; + fstats->atime = stats.st_atime; + fstats->mtime = stats.st_mtime; + fstats->ctime = stats.st_ctime; +} +#endif + + +static void init_fstats(Fstats *fstats) { + fstats__init(fstats); +#ifdef G_OS_UNIX + unix_fill_fstats(fstats, target_path); +#endif +} + + +static void write_meta( + char **tracer_argv, + char **tracer_envp, + char **target_argv, + char **target_envp) +{ + MetaFrame meta; + Tracer tracer; + Target target; + Fstats fstats; + ProtobufCBuffer buffer; + + buffer.append = store_to_trace; + + + meta_frame__init(&meta); + init_tracer(&tracer, tracer_argv, tracer_envp); + init_target(&target, target_argv, target_envp); + init_fstats(&fstats); + + meta.tracer = &tracer; + meta.target = ⌖ + meta.fstats = &fstats; + meta.time = time(NULL); + char *user = g_strdup(g_get_real_name()); + meta.user = user; + + char *host = g_strdup(g_get_host_name()); + meta.host = host; + + uint64_t size = meta_frame__get_packed_size(&meta); + WRITE(size); + + meta_frame__pack_to_buffer(&meta, &buffer); + + free(user); + free(host); +} + + +void qemu_trace_init(const char *filename, + const char *targetname, + char **argv, char **envp, + char **target_argv, + char **target_envp) { + qemu_log("Initializing tracer\n"); + if (realpath(targetname,target_path) == NULL) + err(1, "can't get target path"); + + + char *name = filename + ? g_strdup(filename) + : g_strdup_printf("%s.frames", basename(target_path)); + file = fopen(name, "wb"); + if (file == NULL) + err(1, "tracewrap: can't open trace file %s", name); + write_header(); + write_meta(argv, envp, target_argv, target_envp); + toc_init(); + g_free(name); +} + + +void qemu_trace_newframe(target_ulong addr, int __unused/*thread_id*/ ) { + int thread_id = 1; + if (open_frame) { + qemu_log("frame is still open"); + qemu_trace_endframe(NULL, 0, 0); + } + + open_frame = 1; + g_frame = g_new(Frame,1); + frame__init(g_frame); + + StdFrame *sframe = g_new(StdFrame, 1); + std_frame__init(sframe); + g_frame->std_frame = sframe; + + sframe->address = addr; + sframe->thread_id = thread_id; + + OperandValueList *ol_in = g_new(OperandValueList,1); + operand_value_list__init(ol_in); + ol_in->n_elem = 0; + sframe->operand_pre_list = ol_in; + + OperandValueList *ol_out = g_new(OperandValueList,1); + operand_value_list__init(ol_out); + ol_out->n_elem = 0; + sframe->operand_post_list = ol_out; +} + +static inline void free_operand(OperandInfo *oi) { + OperandInfoSpecific *ois = oi->operand_info_specific; + + //Free reg-operand + RegOperand *ro = ois->reg_operand; + if (ro && ro->name) + g_free(ro->name); + g_free(ro); + + //Free mem-operand + MemOperand *mo = ois->mem_operand; + g_free(mo); + g_free(oi->value.data); + g_free(oi->taint_info); + g_free(ois); + g_free(oi->operand_usage); + g_free(oi); +} + +void qemu_trace_add_operand(OperandInfo *oi, int inout) { + if (!open_frame) { + if (oi) + free_operand(oi); + return; + } + OperandValueList *ol; + if (inout & 0x1) { + ol = g_frame->std_frame->operand_pre_list; + } else { + ol = g_frame->std_frame->operand_post_list; + } + + oi->taint_info = g_new(TaintInfo, 1); + taint_info__init(oi->taint_info); + oi->taint_info->no_taint = 1; + oi->taint_info->has_no_taint = 1; + + ol->n_elem += 1; + ol->elem = g_renew(OperandInfo *, ol->elem, ol->n_elem); + ol->elem[ol->n_elem - 1] = oi; +} + +void qemu_trace_endframe(CPUArchState *env, target_ulong pc, target_ulong size) { + int i = 0; + StdFrame *sframe = g_frame->std_frame; + + if (!open_frame) return; + + sframe->rawbytes.len = size; + sframe->rawbytes.data = g_malloc(size); + for (i = 0; i < size; i++) { + sframe->rawbytes.data[i] = cpu_ldub_code(env, pc+i); + } + + size_t msg_size = frame__get_packed_size(g_frame); + uint8_t *packed_buffer = g_alloca(msg_size); + uint64_t packed_size = frame__pack(g_frame, packed_buffer); + WRITE(packed_size); + WRITE_BUF(packed_buffer, packed_size); + toc_update(); + + //counting num_frames in newframe does not work by far ... + //how comes? disas_arm_insn might not always return at the end? + for (i = 0; i < sframe->operand_pre_list->n_elem; i++) + free_operand(sframe->operand_pre_list->elem[i]); + g_free(sframe->operand_pre_list->elem); + g_free(sframe->operand_pre_list); + + for (i = 0; i < sframe->operand_post_list->n_elem; i++) + free_operand(sframe->operand_post_list->elem[i]); + g_free(sframe->operand_post_list->elem); + g_free(sframe->operand_post_list); + + g_free(sframe->rawbytes.data); + g_free(sframe); + g_free(g_frame); + open_frame = 0; +} + +void qemu_trace_finish(uint32_t exit_code) { + toc_write(); + if (fclose(file) != 0) + err(1,"failed to write trace file, the file maybe corrupted"); +} diff --git a/ui/console.c b/ui/console.c index 8da2170a7e93c..bca610b72ae01 100644 --- a/ui/console.c +++ b/ui/console.c @@ -1818,6 +1818,9 @@ bool dpy_ui_info_supported(QemuConsole *con) if (con == NULL) { con = active_console; } + if (con == NULL) { + return false; + } return con->hw_ops->ui_info != NULL; } diff --git a/ui/dbus-console.c b/ui/dbus-console.c index e19774f985c7c..36f7349585c56 100644 --- a/ui/dbus-console.c +++ b/ui/dbus-console.c @@ -150,6 +150,8 @@ dbus_display_console_dispose(GObject *object) DBusDisplayConsole *ddc = DBUS_DISPLAY_CONSOLE(object); unregister_displaychangelistener(&ddc->dcl); + g_clear_object(&ddc->iface_touch); + g_clear_object(&ddc->iface_mouse); g_clear_object(&ddc->iface_kbd); g_clear_object(&ddc->iface); g_clear_pointer(&ddc->listeners, g_hash_table_unref); diff --git a/ui/vnc.c b/ui/vnc.c index 92964dcc0c0a8..293ba5db5fa1d 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -2205,7 +2205,7 @@ static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) break; case VNC_ENCODING_XVP: if (vs->vd->power_control) { - vs->features |= VNC_FEATURE_XVP; + vs->features |= VNC_FEATURE_XVP_MASK; send_xvp_message(vs, VNC_XVP_CODE_INIT); } break; @@ -2454,7 +2454,7 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) vnc_client_cut_text(vs, read_u32(data, 4), data + 8); break; case VNC_MSG_CLIENT_XVP: - if (!(vs->features & VNC_FEATURE_XVP)) { + if (!vnc_has_feature(vs, VNC_FEATURE_XVP)) { error_report("vnc: xvp client message while disabled"); vnc_client_error(vs); break; @@ -2551,7 +2551,7 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) vs, vs->ioc, vs->as.fmt, vs->as.nchannels, vs->as.freq); break; default: - VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); + VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 2)); vnc_client_error(vs); break; } diff --git a/util/log.c b/util/log.c index def88a9402bae..d36c98da0b4ee 100644 --- a/util/log.c +++ b/util/log.c @@ -298,6 +298,8 @@ static bool qemu_set_log_internal(const char *filename, bool changed_name, r->fd = logfile; qatomic_rcu_set(&global_file, NULL); call_rcu(r, rcu_close_file, rcu); + } + if (changed_name) { logfile = NULL; } } diff --git a/util/oslib-win32.c b/util/oslib-win32.c index 19a0ea7fbe661..55b0189dc3042 100644 --- a/util/oslib-win32.c +++ b/util/oslib-win32.c @@ -479,7 +479,7 @@ int qemu_bind_wrap(int sockfd, const struct sockaddr *addr, return ret; } -EXCEPTION_DISPOSITION +QEMU_USED EXCEPTION_DISPOSITION win32_close_exception_handler(struct _EXCEPTION_RECORD *exception_record, void *registration, struct _CONTEXT *context, void *dispatcher)