Commit Graph

58413 Commits

Author SHA1 Message Date
Laurent Vivier
98670d47cd accel/tcg: add size paremeter in tlb_fill()
The MC68040 MMU provides the size of the access that
triggers the page fault.

This size is set in the Special Status Word which
is written in the stack frame of the access fault
exception.

So we need the size in m68k_cpu_unassigned_access() and
m68k_cpu_handle_mmu_fault().

To be able to do that, this patch modifies the prototype of
handle_mmu_fault handler, tlb_fill() and probe_write().
do_unassigned_access() already includes a size parameter.

This patch also updates handle_mmu_fault handlers and
tlb_fill() of all targets (only parameter, no code change).

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20180118193846.24953-2-laurent@vivier.eu>
2018-01-25 16:02:24 +01:00
Laurent Vivier
39e3e113bd target/m68k: fix TCG variable double free
t64 is also unconditionally freed after the switch () { ... }

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20180119114444.7590-1-laurent@vivier.eu>
2018-01-25 16:02:24 +01:00
Peter Maydell
0f79bfe38a -----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJaZ0sNAAoJEPMMOL0/L7480bQP/i5QO0c4MrXJ7VaEa1u6ubfv
 AELpodvD6hm0qDT8OIH/4g1PRFZvB1OGg1wd8sZg/aLLbxfiKQ0kR+6Kq+W6LLJY
 qD4xddVZnBVlcSDwGn6Rg3bStgISOBr+Z7fAOtLOFc6BJz5JryU4PSPLXIb4gxtX
 0DXPXnSSTj+yZUjoG408aqAAlFRgbbXcY9Yhx3hblEO3ZJWAv7qrtoL67PEgB4kh
 j2t/6SSpEvsrmsb1g4N0/NMb6csOAwcA3kiTiOE2fGhc6vS7hUpcQPDQi/FHfkWD
 Q9Qe5y1TUE+JCc1VAdjWy3+42yH+IFpJo8lshJZw0tSGk3GCXeRUI6jlsawMphq/
 Xo9zrIcXcTY/1ZWB9FWypr0orFLMphQPY6cwEu/60QvzQA8coeJk27zqXgL/G78y
 7bNqLhMVz1JkKO4uCkRGQVJuijLo3aO3OeFSEnl8QoZInoOaPd+aVh/FCs57hV3r
 mcXT+ab9lbNrx0BTMI8Cr4HzvHH5cAfNg8hK/hh9rVHkAopLGvHkNJWOLbtAawds
 MulpKlLMnuntU/LGfAVU+ccttWt8Hfd5vRwS3Ex99sTIU/yBYh8iSAHh0lweE00p
 RmGMuVn+aXwcnDAsTXR6+8Zn5GzK+o9eifwlFdhI7AkCPwhra4fVodi0d/0imvGE
 XHLy02hVBGUp+Hoyf0/r
 =2ycl
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-2.12-pull-request' into staging

# gpg: Signature made Tue 23 Jan 2018 14:47:41 GMT
# gpg:                using RSA key 0xF30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-2.12-pull-request:
  linux-user: implement renameat2
  page_unprotect(): handle calls to pages that are PAGE_WRITE
  linux-user: Propagate siginfo_t through to handle_cpu_signal()
  linux-user: remove nmi.c and fw-path-provider.c
  linux-user: Add getcpu() support
  linux-user: Add AT_SECURE auxval
  linux-user: Fix sched_get/setaffinity conversion
  linux-user/mmap.c: Avoid choosing NULL as start address
  linux-user: Translate flags argument to dup3 syscall
  linux-user: Don't use CMSG_ALIGN(sizeof struct cmsghdr)
  linux-user: Fix length calculations in host_to_target_cmsg()
  linux-user: wrap fork() in a start/end exclusive section
  linux-user: Fix locking order in fork_start()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-01-25 09:53:53 +00:00
Peter Maydell
f78b6f9b11 Block layer patches
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJaZyzMAAoJEH8JsnLIjy/WSOYP/jHffS2fOHtdLQU42G76HN0K
 jkhSUE8cuKFzgxuJDJhv10AGsGZvDIaRhuumPIFArQkcEwsFDfd0UqzC5GkCnhfn
 6frVPsRSUp9BqXqha1+6vOgVRobdBXPpS25ERfanTsbu3aPEDRnGpxmpMvyyimft
 BTUnWNCg2lM6bojXrC6oy7MqUdi9p9PviMcQAfnN07SmGa+s6tS2Jc9znvZwgL06
 o+oPukWVTAiub5qcH18BLA3T8xcCXWANdY9pUnNj7mXHoxg3kYzzYBArYDh6Kyju
 BkSEML1kNcUACFAZ+LSqQpnoc8/5cP+jY5cOBGtUUgjZSns/xnAZxALltds0I4m3
 fqQM68oOTX7squAYAaKYVYMirime6aa2OAn2afxPJildPp8uH4lNust95yiUyyJQ
 oqA3zfAnP5FfmTnzjLG7smYlRUlcHp8eMPyOKHxp3BuqTMbWY5KQETyDMk3QVnZr
 7fSFIdT4sRTdroKXUKHHu3RLFyCo77EBovxY2oUtt6v43qxQhLx0IFwW6jHrcLK9
 ifLOr1CqdgwH/OU7h6rzoLcGLX5/eOTxwcCbU0kP2cx4E60VBXmSaDq9TiwQhbeV
 4HteS+EP6R0WpCiAvsFl2aUd6iwDRHeYt0aKpYyUuTVrW2mfmLPaQP+tJLjEoaHF
 H5HlbNWy2gFAB2uQtmOd
 =gjNZ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches

# gpg: Signature made Tue 23 Jan 2018 12:38:36 GMT
# gpg:                using RSA key 0x7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>"
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream: (29 commits)
  iotests: Disable some tests for compat=0.10
  iotests: Split 177 into two parts for compat=0.10
  iotests: Make 059 pass on machines with little RAM
  iotests: Filter compat-dependent info in 198
  iotests: Make 191 work with qcow2 options
  iotests: Make 184 image-less
  iotests: Make 089 compatible with compat=0.10
  iotests: Fix 067 for compat=0.10
  iotests: Fix 059's reference output
  iotests: Fix 051 for compat=0.10
  iotests: Fix 020 for vmdk
  iotests: Skip 103 for refcount_bits=1
  iotests: Forbid 020 for non-file protocols
  iotests: Drop format-specific in _filter_img_info
  iotests: Fix _img_info for backslashes
  block/vmdk: Add blkdebug events
  block/qcow: Add blkdebug events
  qcow2: No persistent dirty bitmaps for compat=0.10
  block/vmdk: Fix , instead of ; at end of line
  qemu-iotests: Fix locking issue in 102
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-01-24 22:55:57 +00:00
Peter Maydell
834a336eb9 virtio: quick fix
Fixes a regression in virtio that's causing issues
 for many people.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJaaMBYAAoJECgfDbjSjVRpH9cH/izjScalZuvCN57+fqEtDW6C
 oudm+wWac91qAKY4U8UfWsR1Aph8bGqZKXwBPM7c/DTdzPAPjBmkY+P/E392wWAY
 6IoJIRTyQUYhABuftWt61UV6+waEGDFXegGlgcse8JZ/ddD62v/9Bll78w4nfivE
 w5DvMBYPzVJV4N7Q7CiP3XOf4qHD9TNAd/s6wSdmPCLT0VztLYsjvrfwuEY58bTa
 i3W16BUV3R1SUGBq+EWG2LjAUfyUDleTyTVA6tI+hWbazPFHDFfZO9/xFsAfgTpv
 Wmx45OAhPwr8lVeatF9ljh1AxBQUiUHHBN8rRKljU5evEERS/4lrR/FXWdalEvI=
 =2+BS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio: quick fix

Fixes a regression in virtio that's causing issues
for many people.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed 24 Jan 2018 17:20:24 GMT
# gpg:                using RSA key 0x281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  Revert "qemu: add a cleanup callback function to EventNotifier"
  Revert "virtio: postpone the execution of event_notifier_cleanup function"
  Revert "virtio: improve virtio devices initialization time"

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-01-24 19:24:26 +00:00
Michael S. Tsirkin
e044c0f8dd Revert "qemu: add a cleanup callback function to EventNotifier"
This reverts commit f87d72f5c5 as that is
part of a patchset reported to break cleanup and migration.

Cc: Gal Hammer <ghammer@redhat.com>
Cc: Sitong Liu <siliu@redhat.com>
Cc: Xiaoling Gao <xiagao@redhat.com>
Suggested-by: Greg Kurz <groug@kaod.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com>
Reported-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
2018-01-24 19:20:19 +02:00
Michael S. Tsirkin
1ef8185a06 Revert "virtio: postpone the execution of event_notifier_cleanup function"
This reverts commit 4fe6d78b2e as it is
reported to break cleanup and migration.

Cc: Gal Hammer <ghammer@redhat.com>
Cc: Sitong Liu <siliu@redhat.com>
Cc: Xiaoling Gao <xiagao@redhat.com>
Suggested-by: Greg Kurz <groug@kaod.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com>
Reported-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
2018-01-24 19:20:19 +02:00
Michael S. Tsirkin
ce3a9eaff4 Revert "virtio: improve virtio devices initialization time"
This reverts commit 6f0bb23072.

This reverts commit f87d72f5c5 as that is
reported to break cleanup and migration.

Cc: Gal Hammer <ghammer@redhat.com>
Cc: Sitong Liu <siliu@redhat.com>
Cc: Xiaoling Gao <xiagao@redhat.com>
Suggested-by: Greg Kurz <groug@kaod.org>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com>
Reported-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>
2018-01-24 19:20:19 +02:00
Peter Maydell
82de978a8b target/xtensa updates:
- make mini-bootloader independent of the initial CPU state;
 - add noMMU XTFPGA variants;
 - add two noMMU cores: de212 and sample_controller;
 - fix issues reported by coverity against xtensa translator and disassembler.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJaZkLBAAoJEFH5zJH4P6BE6mIQAJT1hjEhfgm3xiGfVJZYGo34
 Eo/KeyKC7QOUbr0R+E+J3h2yxSXWYbweoAZvFXkH5V4w/fhdvrCXZPVvDW0QjYY/
 wG0h+YfV/8cgVxq8AiaPHie//bLhKvJKpqH4A0HnCE4pBcslKwjOtFcG20RfOgk8
 PeQSa15QsyhOtTgdlg8rdRDECL6Lm8mXTWtOdxx8HQsl73REmNgkOZzQDSK6D5gM
 EcAJQTCcPNoDKblJKae/msSG/Vbv3PxECGaj6B72pKDSUW5Z/OqzxXDnwWXQyOgu
 q1WoPwL5U0u7uH5JE5wdD0EqwypQAbMAuzFTsove5pQlaCWdxDJzK+74NFOh6BcL
 JmLZbA4UIlA19KXiZdNKRbeH5O1U1E9xBe0wxLsqVagrwkBfpRAhI3MG1qZE1Id3
 3O6qsk26ATBGmJgTb80Wk1lPKZgKzdgcCJpzj+nz7slXp4uIQ6R3rU+6huONsGNJ
 bvz+25RAMzbFLd1l0sDsEegxmQ2BqC2Y8JqO5EKgKtT72Aooax3X6pWc8GCPuwxd
 1MCoi/ZfDcYQXNS++A3hpiKI6+qrn2t51TuyB2aUnHXtFrhlBDN1W+d+tcxl23gr
 pHIaOKbZ0nL1TmUOklAZicFMoxbDz1uebqetNS3OIYkpmuf7hMrAnKkbXUeqq9qo
 gy8+yJrXbEWPHeWZ4MtX
 =qf0K
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/xtensa/tags/20180122-xtensa' into staging

target/xtensa updates:

- make mini-bootloader independent of the initial CPU state;
- add noMMU XTFPGA variants;
- add two noMMU cores: de212 and sample_controller;
- fix issues reported by coverity against xtensa translator and disassembler.

# gpg: Signature made Mon 22 Jan 2018 20:00:01 GMT
# gpg:                using RSA key 0x51F9CC91F83FA044
# gpg: Good signature from "Max Filippov <filippov@cadence.com>"
# gpg:                 aka "Max Filippov <max.filippov@cogentembedded.com>"
# gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>"
# Primary key fingerprint: 2B67 854B 98E5 327D CDEB  17D8 51F9 CC91 F83F A044

* remotes/xtensa/tags/20180122-xtensa:
  target/xtensa: disas/xtensa: fix coverity warnings
  target/xtensa: add sample_controller core
  target/xtensa: allow different default CPU for MMU/noMMU
  target/xtensa: add de212 core
  hw/xtensa/xtfpga: support noMMU cores
  hw/xtensa/xtfpga: extract flash configuration
  hw/xtensa: extract xtensa_create_memory_regions
  target/xtensa: fix default sysrom/sysram addresses
  hw/xtensa/xtfpga: clean up function/structure names
  hw/xtensa/xtfpga: rewrite mini bootloader

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-01-24 16:59:36 +00:00
Peter Maydell
25bfd5a75f Pull request
v2:
  * Drop merge failure from a previous pull request that broke virtio-blk on ARM
    guests
  * Add Parallels XML patch series
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJaZgqoAAoJEJykq7OBq3PIwNIIAKD8OwjeQdtznD88ikMGd5CF
 PvBHOIXIX7GCaKdAFEP1MMB0xaTN93zhphPZfcQxnnbi2LrnzuP2WCSunKPPcGQJ
 ToMRxYV+OkS0Rm8/us9fQpmBf2PKouIlNXP4jZZuEYAmyZgoU7YBQHYP1sw2K6RE
 MHPBdKMKzb+S8u+HBx+oy1LQ0cKKRjCYXhdQ4p7rlWkXc5irQQh9d12W/EHS++cd
 5wgX5V3aj4rXD4XwXY/kgDXtSG37sgNOHx77W7gDO3KuBolEBVvPvbP7yrCZzfcC
 pGLPKwXnHTxOKlwLQ0weD+uIsJWv6XGKLhgX+MFWCVU1PvPuSTWcqfBplgTUU6s=
 =mjmD
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

v2:
 * Drop merge failure from a previous pull request that broke virtio-blk on ARM
   guests
 * Add Parallels XML patch series

# gpg: Signature made Mon 22 Jan 2018 16:00:40 GMT
# gpg:                using RSA key 0x9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>"
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  block/parallels: add backing support to readv/writev
  block/parallels: replace some magic numbers
  block/parallels: move some structures into header
  configure: add dependency
  docs/interop/prl-xml: description of Parallels Disk format
  block: add block_set_io_throttle virtio-blk-pci QMP example

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-01-24 15:28:36 +00:00
Andreas Schwab
95d0307cc1 linux-user: implement renameat2
This is needed for new architectures like RISC-V which do not provide any
other rename-like syscall.

Signed-off-by: Andreas Schwab <schwab@suse.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <mvm607su9qs.fsf@suse.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:27:33 +01:00
Peter Maydell
9c4bbee9e3 page_unprotect(): handle calls to pages that are PAGE_WRITE
If multiple guest threads in user-mode emulation write to a
page which QEMU has marked read-only because of cached TCG
translations, the threads can race in page_unprotect:

 * threads A & B both try to do a write to a page with code in it at
   the same time (ie which we've made non-writeable, so SEGV)
 * they race into the signal handler with this faulting address
 * thread A happens to get to page_unprotect() first and takes the
   mmap lock, so thread B sits waiting for it to be done
 * A then finds the page, marks it PAGE_WRITE and mprotect()s it writable
 * A can then continue OK (returns from signal handler to retry the
   memory access)
 * ...but when B gets the mmap lock it finds that the page is already
   PAGE_WRITE, and so it exits page_unprotect() via the "not due to
   protected translation" code path, and wrongly delivers the signal
   to the guest rather than just retrying the access

In particular, this meant that trying to run 'javac' in user-mode
emulation would fail with a spurious guest SIGSEGV.

Handle this by making page_unprotect() assume that a call for a page
which is already PAGE_WRITE is due to a race of this sort and return
a "fault handled" indication.

Since this would cause an infinite loop if we ever called
page_unprotect() for some other kind of fault than "write failed due
to bad access permissions", tighten the condition in
handle_cpu_signal() to check the signal number and si_code, and add a
comment so that if somebody does ever find themselves debugging an
infinite loop of faults they have some clue about why.

(The trick for identifying the correct setting for
current_tb_invalidated for thread B (needed to handle the precise-SMC
case) is due to Richard Henderson.  Paolo Bonzini suggested just
relying on si_code rather than trying anything more complicated.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <1511879725-9576-3-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:53 +01:00
Peter Maydell
a78b1299f1 linux-user: Propagate siginfo_t through to handle_cpu_signal()
Currently all the architecture/OS specific cpu_signal_handler()
functions call handle_cpu_signal() without passing it the
siginfo_t. We're going to want that so we can look at the si_code
to determine whether this is a SEGV_ACCERR access violation or
some other kind of fault, so change the functions to pass through
the pointer to the siginfo_t rather than just the si_addr value.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <1511879725-9576-2-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Laurent Vivier
bfdec7f80e linux-user: remove nmi.c and fw-path-provider.c
linux-user binaries don't need firmware and NMI,
so don't add them in this case, move QDEV
firmware functions to qdev-fw.c

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20171103193802.11876-1-laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Samuel Thibault
b827c3ed30 linux-user: Add getcpu() support
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20180112081435.21299-1-samuel.thibault@ens-lyon.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Marco A L Barbosa
444cd5c3ae linux-user: Add AT_SECURE auxval
Signed-off-by: Marco A L Barbosa <malbarbo@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20180111183714.22834-2-malbarbo@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Samuel Thibault
2e0a8713bd linux-user: Fix sched_get/setaffinity conversion
sched_get/setaffinity linux-user syscalls were missing conversions for
little/big endian, which is hairy since longs may not be the same size
either.

For simplicity, this just introduces loops to convert bit by bit like is
done for select.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20180109201643.1479-1-samuel.thibault@ens-lyon.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Maximilian Riemensberger
95e6d4305a linux-user/mmap.c: Avoid choosing NULL as start address
mmap() is required by the linux kernel ABI and POSIX to return a
non-NULL address when the implementation chooses a start address for the
mapping.

The current implementation of mmap_find_vma_reserved() can return NULL
as start address of a mapping which leads to subsequent crashes inside
the guests glibc, e.g. output of qemu-arm-static --strace executing a
test binary stx_test:

    1879 mmap2(NULL,8388608,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|0x20000,-1,0) = 0x00000000
    1879 write(2,0xf6fd39d0,79) stx_test: allocatestack.c:514: allocate_stack: Assertion `mem != NULL' failed.

This patch fixes mmap_find_vma_reserved() by skipping NULL as start
address while searching for a suitable mapping start address.

CC: Riku Voipio <riku.voipio@iki.fi>
CC: Laurent Vivier <laurent@vivier.eu>
CC: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Maximilian Riemensberger <riemensberger@cadami.net>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <1515286904-86418-1-git-send-email-riemensberger@cadami.net>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Peter Maydell
10fa993aae linux-user: Translate flags argument to dup3 syscall
The third argument to dup3() is a flags word which may be
O_CLOEXEC. We weren't translating this flag from target to
host value, which meant that if the target used a different
value from the host (eg sparc guest and x86 host) the dup3()
call would fail EINVAL. Do the correct translation.

Fixes: https://bugs.launchpad.net/qemu/+bug/1704658
Reported-by: Bruno Haible  <bruno@clisp.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1513351080-25917-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Peter Maydell
ad762b990f linux-user: Don't use CMSG_ALIGN(sizeof struct cmsghdr)
The Linux struct cmsghdr is already guaranteed to be sufficiently
aligned that CMSG_ALIGN(sizeof struct cmsghdr) is always equal
to sizeof struct cmsghdr. Stop doing the unnecessary alignment
arithmetic for host and target cmsghdr.

This follows kernel commit 1ff8cebf49ed9e9ca2 and brings our
TARGET_CMSG_* macros back into line with the kernel ones,
as well as making them easier to understand.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <1513345976-22958-3-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Peter Maydell
7174970a94 linux-user: Fix length calculations in host_to_target_cmsg()
The handling of length calculations in host_to_target_cmsg()
was rather confused:
 * when checking for whether the target cmsg header fit in
   the remaining buffer, we were using the host struct size,
   not the target size
 * we were setting tgt_len to "target payload + header length"
   but then using it as if it were the target payload length alone
 * in various message type cases we weren't handling the possibility
   that host or target buffers were truncated

Fix these problems. The second one in particular is liable
to result in us overrunning the guest provided buffer,
since we will try to convert more data than is actually
present.

Fixes: https://bugs.launchpad.net/qemu/+bug/1701808
Reported-by: Bruno Haible  <bruno@clisp.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <1513345976-22958-2-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Peter Maydell
06065c451f linux-user: wrap fork() in a start/end exclusive section
When we do a fork() in usermode emulation, we need to be in
a start/end exclusive section, so that we can ensure that no
other thread is in an RCU section. Otherwise you can get this
deadlock:

- fork thread: has mmap_lock, waits for rcu_sync_lock
  (because rcu_init_lock() is registered as a pthread_atfork() hook)
- RCU thread: has rcu_sync_lock, waits for rcu_read_(un)lock
- another CPU thread: in RCU critical section, waits for mmap_lock

This can show up if you have a heavily multithreaded guest program
that does a fork().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Stuart Monteith <stuart.monteith@linaro.org>
Message-Id: <1512650481-1723-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Peter Maydell
024949caf3 linux-user: Fix locking order in fork_start()
Our locking order is that the tb lock should be taken
inside the mmap_lock, but fork_start() grabs locks the
other way around. This means that if a heavily multithreaded
guest process (such as Java) calls fork() it can deadlock,
with the thread that called fork() stuck in fork_start()
with the tb lock and waiting for the mmap lock, but some
other thread in tb_find() with the mmap lock and waiting
for the tb lock. The cpu_list_lock() should also always be
taken last, not first.

Fix this by making fork_start() grab the locks in the
right order. The order in which we drop locks doesn't
matter, so we leave fork_end() the way it is.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-stable@nongnu.org
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1512397331-15238-1-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-01-23 14:20:52 +01:00
Peter Maydell
238e2d93c9 Various fixes/improvements, and support for the new 81/82
facility bits.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJaZdEGAAoJEN7Pa5PG8C+vVq4P/04/hQMMhlYjscydro35dwLT
 8pjhJ1QNxoAhfCd3Mmb9finl+rC1KQHbxDwJlzbtjNUVVP6y6k4lAFaISwL5Gqui
 b/L5luBBdSpBBsL7IWIfXnL+yJUTgkvt6goc3x0rlLm7SCKjzBbPbXKPYvrfRLFO
 Km6kMMx4zwG7qJEmDrrdDSeGGw1lviyWuGiRutxLYR52Mvd+U6m1/G/53e5oqj2v
 XZLbS1mPty/jbFENm850dAXiDY7DHgIawYuqLcdjA50KYymCyaZP/dOvrf0pAeUc
 /eVp6xAz7S4bqW9/rM8/PUpyqx3Mug1TFk0ePbJEtt+/JtN2AC7wKFXvTi56n9aa
 RFLV+2WaDnY8+vcOhZkb5ptAKsDBkAzJw5hbXKM/elnUjPk8o326fDMrCyoMhj84
 JyyqLWEeVCdiCP1xdz0D8WnBq33+FDqJ7P2YHWBpcSyodG+udS1Qttc38JxUKstH
 9olJk+atnAdmTU+KmZuF6CnBbGIBxXqJrIXnroMT3Ycp6qdQzHmNq4UrTv/tQM+B
 PLR14kWNvEiGVEGBPc65JUJjLM3MoXzmnY5c/C7cmSGRMgLCSjnpSW6tBNEn470J
 nTfca/PLaUzhbIjPDwmB+AYjKZ/y+Pl5pz8e5rY6qt+7C8/qaOYrPtVy0VRt2smW
 ki1fawgWY6I00i9a1z5l
 =bvX/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20180122' into staging

Various fixes/improvements, and support for the new 81/82
facility bits.

# gpg: Signature made Mon 22 Jan 2018 11:54:46 GMT
# gpg:                using RSA key 0xDECF6B93C6F02FAF
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>"
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>"
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>"
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>"
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>"
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20180122:
  s390x/kvm: provide stfle.81
  s390x/kvm: Handle bpb feature
  linux-headers: update
  s390x/tcg: fixup TEST PROTECTION
  s390x: fix storage attributes migration for non-small guests
  hw/s390x: Replace fprintf(stderr, "*\n" with qemu_log_mask()
  s390x/sclp: fix missing be conversion
  s390x/tcg: implement TEST PROTECTION
  s390x/sclp: fixup highest CPU address

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-01-23 13:10:24 +00:00
Kevin Wolf
8c0c5e636e Block patches
-----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJaZx3vAAoJEPQH2wBh1c9AmwMIAJEYXNcSMyxQWqzixfMri5qs
 pefoyv5gfzi3Gn7BQFluX+78mv0K828rueTfM3infydaqmPEacaPWtHMzDFWgsN8
 9DIFldXGJBo+vFaJkxXNZjT/jbQWhgqnfspOvYdBqvoVwBbUmYTf366aClNvYjn8
 Q/h3U/2KkNd3HddT7aFIn5S/4VQT8wEtkgcpnVSV642rldTw+Sa7qt6UX6/7nGVD
 afcV1ZJ/Ap48GcaPsbzQms2jt2WG6T0XzzjdGzhhq2qZmOy9IlnxZKRPwXCFbhV1
 0QoZBTYa+jX4Jeyp2agbZ2cJI/g2sAxwtbSEavBBl+E7iqzRXdODJ/8vM7fcwmY=
 =iJB4
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'mreitz/tags/pull-block-2018-01-23' into queue-block

Block patches

# gpg: Signature made Tue Jan 23 12:35:11 2018 CET
# gpg:                using RSA key F407DB0061D5CF40
# gpg: Good signature from "Max Reitz <mreitz@redhat.com>"
# Primary key fingerprint: 91BE B60A 30DB 3E88 57D1  1829 F407 DB00 61D5 CF40

* mreitz/tags/pull-block-2018-01-23: (25 commits)
  iotests: Disable some tests for compat=0.10
  iotests: Split 177 into two parts for compat=0.10
  iotests: Make 059 pass on machines with little RAM
  iotests: Filter compat-dependent info in 198
  iotests: Make 191 work with qcow2 options
  iotests: Make 184 image-less
  iotests: Make 089 compatible with compat=0.10
  iotests: Fix 067 for compat=0.10
  iotests: Fix 059's reference output
  iotests: Fix 051 for compat=0.10
  iotests: Fix 020 for vmdk
  iotests: Skip 103 for refcount_bits=1
  iotests: Forbid 020 for non-file protocols
  iotests: Drop format-specific in _filter_img_info
  iotests: Fix _img_info for backslashes
  block/vmdk: Add blkdebug events
  block/qcow: Add blkdebug events
  qcow2: No persistent dirty bitmaps for compat=0.10
  block/vmdk: Fix , instead of ; at end of line
  qemu-iotests: Fix locking issue in 102
  ...

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-01-23 12:40:46 +01:00
Max Reitz
94254c9b11 iotests: Disable some tests for compat=0.10
Tests 080, 130, 137, and 176 simply do not work with compat=0.10 for the
reasons stated there.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20171123020832.8165-10-mreitz@redhat.com>
[eblake: fix 177 in a separate commit]
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 20180117165420.15946-3-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Eric Blake
d6ac6e9363 iotests: Split 177 into two parts for compat=0.10
When originally written, test 177 explicitly took care to run
with compat=0.10.  Then I botched my own test in commit
81c219ac and f0a9c18f, by adding additional actions that require
v3 images.  Split out the new code into a new v3-only test, 204,
and revert 177 back to its original state other than a new comment.

Reported-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 20180117165420.15946-2-eblake@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
2291712c39 iotests: Make 059 pass on machines with little RAM
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171129192411.6637-1-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
b01a1944e5 iotests: Filter compat-dependent info in 198
There is a bit of image-specific information which depends on the qcow2
compat level.  Filter it so that 198 works with compat=0.10 (and any
refcount_bits value).

Note that we cannot simply drop the --format-specific switch because we
do need the "encrypt" information.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-18-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
2483537ed9 iotests: Make 191 work with qcow2 options
In order for 191 to work with an explicit refcount_bits or compat=0.10,
we should strip format-specific information from the output--and we can
do so by using _filter_img_info.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-17-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
b5d92efa08 iotests: Make 184 image-less
184 does not need an image, so don't use one.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-16-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
9853f5c496 iotests: Make 089 compatible with compat=0.10
The only thing that is missing is a _filter_img_info after the
"$QEMU_IO -c info" invocations.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-15-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
e121034d14 iotests: Fix 067 for compat=0.10
067 works very well with compat=0.10 once you remove format-specific
information from the QMP output.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-14-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
76bf133c43 iotests: Fix 059's reference output
As of commit 9877860e7b, vmdk fails
differently when opening the sample image.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-13-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
7e0db6f442 iotests: Fix 051 for compat=0.10
051 has both compat=1.1 and compat=0.10 tests (once it uses
lazy_refcounts, once it tests that setting them does not work).
For the compat=0.10 tests, it already explicitly creates a suitable
image.  So let's just ignore the user-specified compat level for the
lazy_refcounts test and explicitly create a compat=1.1 image there, too.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-12-mreitz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
8c97fcf4fe iotests: Fix 020 for vmdk
vmdk cannot work with anything but vmdk backing files, so make the
backing file be the same format as the overlay.

Reported-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-11-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
a03a57a0f9 iotests: Skip 103 for refcount_bits=1
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-9-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
8e5decb521 iotests: Forbid 020 for non-file protocols
This test does funny things like TEST_IMG="TEST_IMG.base" _make_test_img
that usually only work with the file protocol.  More specifically, they
do not work with the most interesting non-file protocols, so we might as
well skip this for anything but file.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-8-mreitz@redhat.com
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
1cc6169bb2 iotests: Drop format-specific in _filter_img_info
_filter_img_info should remove format-specific information, too.  We
already have such a filter in _img_info, and it is very useful for
query-block-named-block-nodes (etc.), too.

However, in 198 we need that information (but we still want the rest of
the filter), so make that filtering optional.  Note that "the rest of
the filter" includes filtering of the test directory, so we can drop the
_filter_testdir from 198 at the same time.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-7-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
6dd6d7abf0 iotests: Fix _img_info for backslashes
read without -r eats backslashes.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-6-mreitz@redhat.com
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
23c4b2a896 block/vmdk: Add blkdebug events
This is certainly not complete, but it includes at least write_aio and
read_aio.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-5-mreitz@redhat.com
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
0abb1475f8 block/qcow: Add blkdebug events
This is not necessarily complete, but it should include the most
important places.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-4-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:43 +01:00
Max Reitz
c9ceb3ec8a qcow2: No persistent dirty bitmaps for compat=0.10
Persistent dirty bitmaps require a properly functioning
autoclear_features field, or we cannot track when an unsupporting
program might overwrite them.  Therefore, we cannot support them for
compat=0.10 images.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-3-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00
Max Reitz
3c363575dc block/vmdk: Fix , instead of ; at end of line
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171123020832.8165-2-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00
Max Reitz
6bfc907dee qemu-iotests: Fix locking issue in 102
102 truncates a qcow2 file (the raw file) on purpose while a VM is
running.  However, image locking will usually prevent exactly this.

The fact that most people have not noticed until now (I suppose you may
have seen sporadic failures, but not taken them too seriously, like me)
further shows that this truncation is actually not really done
concurrently, but that the VM is still starting up by this point and has
not yet opened the image.  Remedy this by waiting for the monitor shell
to appear before the qemu-img invocation so we know the VM is up.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171129185102.29390-1-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00
Max Reitz
34ce111141 blockdev: Mark BD-{remove,insert}-medium stable
Now that iotest 093 test proves that the throttling configuration
survives a blockdev-remove-medium/blockdev-insert-medium pair, the
original reason for declaring these commands experimental is gone
(see commit 6e0abc251d).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171110224302.14424-5-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00
Max Reitz
82fcf66e05 blockdev: Drop BD-{remove,insert}-medium's @device
This is an incompatible change, which is fine as the commands are
experimental.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171110224302.14424-4-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00
Max Reitz
f6c3dc136f tests/ahci: Switch tray and medium commands to @id
Currently, the tray and medium commands in the AHCI test use the
deprecated @device parameter.  This patch switches all invocations over
to use @id.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171110224302.14424-3-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00
Max Reitz
1d701e0e7e iotests: Make BD-{remove,insert}-medium use @id
In some cases, these commands still use the deprecated @device
parameter.  Fix that so we can later drop that parameter from their
interface.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171110224302.14424-2-mreitz@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00
Max Reitz
ac5b787a6e qcow2: Repair unaligned preallocated zero clusters
We can easily repair unaligned preallocated zero clusters by discarding
them, so why not do it?

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20171110203759.14018-2-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2018-01-23 12:34:42 +01:00