forked from espressif/qemu
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update qemu #1
Merged
Merged
Update qemu #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch adds support for the XTheadSync ISA extension. The patch uses the T-Head specific decoder and translation. The implementation introduces a helper to execute synchronization tasks: helper_tlb_flush_all() performs a synchronized TLB flush on all CPUs. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-3-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the XTheadBa ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: Philipp Tomsich <philipp.tomsich@vrull.eu> Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-4-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the XTheadBb ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: Philipp Tomsich <philipp.tomsich@vrull.eu> Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-5-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the XTheadBs ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: Philipp Tomsich <philipp.tomsich@vrull.eu> Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-6-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the XTheadCondMov ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-7-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the T-Head MAC instructions. The patch uses the T-Head specific decoder and translation. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-8-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the T-Head MemPair instructions. The patch uses the T-Head specific decoder and translation. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-9-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the T-Head MemIdx instructions. The patch uses the T-Head specific decoder and translation. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-10-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the T-Head FMemIdx instructions. The patch uses the T-Head specific decoder and translation. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-11-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
There are no differences for floating point instructions in priv version 1.11 and 1.12. There is also no dependency for Zfh to priv version 1.12. Therefore allow Zfh to be enabled for priv version 1.11. Acked-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-12-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds the T-Head C906 to the list of known CPUs. Selecting this CPUs will automatically enable the available ISA extensions of the CPUs (incl. vendor extensions). Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-13-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch adds support for the XTheadFmv ISA extension. The patch uses the T-Head specific decoder and translation. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-14-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
The XThead* extensions are maintained by T-Head and VRULL. Adding a point of contact from both companies. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-15-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
commit fb3f373 added mechanism to generate virtual instruction exception during instruction decode when virt is enabled. However in some situations, illegal instruction exception can be raised due to state of CPU. One such situation is implementing branch tracking. [1] An indirect branch if doesn't land on a landing pad instruction, then cpu must raise an illegal instruction exception. Implementation would raise such expcetion due to missing landing pad inst and not due to decode. Thus DisasContext must have `virt_inst_excp` initialized to false during DisasContxt initialization for TB. [1] - https://github.com/riscv/riscv-cfi Signed-off-by: Deepak Gupta <debug@rivosinc.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230127191758.755844-1-debug@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
According to spec, ctzw should work with 32-bit register, not 64. For example, previous implementation returns 33 for (1<<33) input when the new one returns 32. Signed-off-by: Vladimir Isaev <vladimir.isaev@syntacore.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Suggested-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230204082312.43557-1-vladimir.isaev@syntacore.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Character must be returned via ret[0] field (copied to a0 by KVM). Return value should be set to 0 to indicate successful processing. Signed-off-by: Vladimir Isaev <vladimir.isaev@syntacore.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230203135155.12449-1-vladimir.isaev@syntacore.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
There is no need to declare an intermediate "MachineState *ms". Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230206085007.3618715-1-bmeng@tinylab.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Link: https://lore.kernel.org/r/20230120134314.81956-2-philmd@linaro.org [ clg: remove image_pow2ceil_expand() factoring ] Signed-off-by: Cédric Le Goater <clg@kaod.org>
The M2S-FG484 SOM uses a 16 MiB SPI flash (Spansion S25FL128SDPBHICO). Since the test asset is bigger, truncate it to the correct size to avoid when running the test_arm_emcraft_sf2 test: qemu-system-arm: device requires 16777216 bytes, block backend provides 67108864 bytes Add comment regarding the M2S-FG484 SOM hardware in hw/arm/msf2-som.c. Reported-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Cédric Le Goater <clg@kaod.org> Tested-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
supermicrox11-bmc is configured with ast2400-a1 SoC. This does not match the Supermicro documentation for X11 BMCs, and it does not match the devicetree file in the Linux kernel. As it turns out, some Supermicro X11 motherboards use AST2400 SoCs, while others use AST2500. Introduce new machine type supermicrox11-spi-bmc with AST2500 SoC to match the devicetree description in the Linux kernel. Hardware configuration details for this machine type are guesswork and taken from defaults as well as from the Linux kernel devicetree file. The new machine type was tested with aspeed-bmc-supermicro-x11spi.dts from the Linux kernel and with Linux versions 6.0.3 and 6.1-rc2. Linux booted successfully from initrd and from both SPI interfaces. Ethernet interfaces were confirmed to be operational. Signed-off-by: Guenter Roeck <linux@roeck-us.net> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Link: https://lore.kernel.org/r/20221025165109.1226001-1-linux@roeck-us.net [ clg: Renamed machine to 'supermicro-x11spi-bmc' ] Message-Id: <20221025165109.1226001-1-linux@roeck-us.net> Signed-off-by: Cédric Le Goater <clg@kaod.org>
With the `size += 4` before the call to `crc32`, the CRC calculation would overrun the buffer. Size is used in the while loop starting on line 1009 to determine how much data to write back, with the last four bytes coming from `crc_ptr`, so do need to increase it, but should do this after the computation. I'm unsure why this use of uninitialized memory in the CRC doesn't result in CRC errors, but it seems clear to me that it should not be included in the calculation. Signed-off-by: Stephen Longfield <slongfield@google.com> Reviewed-by: Hao Wu <wuhaotsh@google.com> Reviewed-by: Joel Stanley <joel@jms.id.au> Message-Id: <20221220221437.3303721-1-slongfield@google.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Update the test_arm_ast2600_debian test to - the latest Debian kernel - use the Rainier machine instead of Tacoma Both of which contains support for more hardware and thus exercises more of the hardware Qemu models. Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20220607011938.1676459-1-joel@jms.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Generated from hardware using the following command and then padding with 0xff to fill out a power-of-2: xxd -p /sys/bus/spi/devices/spi0.0/spi-nor/sfdp Cc: Michael Walle <michael@walle.cc> Cc: Tudor Ambarus <tudor.ambarus@linaro.org> Signed-off-by: Guenter Roeck <linux@roeck-us.net> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Joel Stanley <joel@jms.id.au> Message-Id: <20221221122213.1458540-1-linux@roeck-us.net> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Use buildroot 2022.11 based images plus some customization : - Linux version is bumped to 6.0.9 and kernel is built with a custom config similar to what OpenBMC provides. - U-Boot is switched to the one provided by OpenBMC for better support. - defconfigs includes more target tools for dev. Reviewed-by: Joel Stanley <joel@jms.id.au> Message-Id: <20230119123449.531826-7-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
…K boot Reviewed-by: Joel Stanley <joel@jms.id.au> Message-Id: <20230119123449.531826-8-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
These globals were moved to MachineClass by commit 71ae9e9 ("pc: Move option_rom_has_mr/rom_file_has_mr globals to MachineClass"). Finish cleanup. Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
This helper is useful in board initialization because lets users initialize and realize an EEPROM on an I2C bus with a single function call. Signed-off-by: Peter Delevoryas <peter@pjd.dev> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Corey Minyard <cminyard@mvista.com> Link: https://lore.kernel.org/r/20230128060543.95582-2-peter@pjd.dev Signed-off-by: Cédric Le Goater <clg@kaod.org>
aspeed_eeprom_init is an exact copy of at24c_eeprom_init, not needed. Signed-off-by: Peter Delevoryas <peter@pjd.dev> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Corey Minyard <cminyard@mvista.com> Link: https://lore.kernel.org/r/20230128060543.95582-3-peter@pjd.dev Signed-off-by: Cédric Le Goater <clg@kaod.org>
…elper Allows users to specify binary data to initialize an EEPROM, allowing users to emulate data programmed at manufacturing time. - Added init_rom and init_rom_size attributes to TYPE_AT24C_EE - Added at24c_eeprom_init_rom helper function to initialize attributes - If -drive property is provided, it overrides init_rom data Signed-off-by: Peter Delevoryas <peter@pjd.dev> Reviewed-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Tested-by: Ninad Palsule <ninadpalsule@us.ibm.com> Link: https://lore.kernel.org/r/20230128060543.95582-4-peter@pjd.dev Signed-off-by: Cédric Le Goater <clg@kaod.org>
- Create aspeed_eeprom.c and aspeed_eeprom.h - Include aspeed_eeprom.c in CONFIG_ASPEED meson source files - Include aspeed_eeprom.h in aspeed.c - Add fby35_bmc_fruid data - Use new at24c_eeprom_init_rom helper to initialize BMC FRUID EEPROM with data from aspeed_eeprom.c wget https://github.com/facebook/openbmc/releases/download/openbmc-e2294ff5d31d/fby35.mtd qemu-system-aarch64 -machine fby35-bmc -nographic -mtdblock fby35.mtd ... user: root pass: 0penBmc ... root@bmc-oob:~# fruid-util bb FRU Information : Baseboard --------------- : ------------------ Chassis Type : Rack Mount Chassis Chassis Part Number : N/A Chassis Serial Number : N/A Board Mfg Date : Fri Jan 7 10:30:00 2022 Board Mfg : XXXXXX Board Product : Management Board wBMC Board Serial : XXXXXXXXXXXXX Board Part Number : XXXXXXXXXXXXXX Board FRU ID : 1.0 Board Custom Data 1 : XXXXXXXXX Board Custom Data 2 : XXXXXXXXXXXXXXXXXX Product Manufacturer : XXXXXX Product Name : Yosemite V3.5 EVT2 Product Part Number : XXXXXXXXXXXXXX Product Version : EVT2 Product Serial : XXXXXXXXXXXXX Product Asset Tag : XXXXXXX Product FRU ID : 1.0 Product Custom Data 1 : XXXXXXXXX Product Custom Data 2 : N/A root@bmc-oob:~# fruid-util bmc FRU Information : BMC --------------- : ------------------ Board Mfg Date : Mon Jan 10 21:42:00 2022 Board Mfg : XXXXXX Board Product : BMC Storage Module Board Serial : XXXXXXXXXXXXX Board Part Number : XXXXXXXXXXXXXX Board FRU ID : 1.0 Board Custom Data 1 : XXXXXXXXX Board Custom Data 2 : XXXXXXXXXXXXXXXXXX Product Manufacturer : XXXXXX Product Name : Yosemite V3.5 EVT2 Product Part Number : XXXXXXXXXXXXXX Product Version : EVT2 Product Serial : XXXXXXXXXXXXX Product Asset Tag : XXXXXXX Product FRU ID : 1.0 Product Custom Data 1 : XXXXXXXXX Product Custom Data 2 : Config A root@bmc-oob:~# fruid-util nic FRU Information : NIC --------------- : ------------------ Board Mfg Date : Tue Nov 2 08:51:00 2021 Board Mfg : XXXXXXXX Board Product : Mellanox ConnectX-6 DX OCP3.0 Board Serial : XXXXXXXXXXXXXXXXXXXXXXXX Board Part Number : XXXXXXXXXXXXXXXXXXXXX Board FRU ID : FRU Ver 0.02 Product Manufacturer : XXXXXXXX Product Name : Mellanox ConnectX-6 DX OCP3.0 Product Part Number : XXXXXXXXXXXXXXXXXXXXX Product Version : A9 Product Serial : XXXXXXXXXXXXXXXXXXXXXXXX Product Custom Data 3 : ConnectX-6 DX Signed-off-by: Peter Delevoryas <peter@pjd.dev> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Corey Minyard <cminyard@mvista.com> Link: https://lore.kernel.org/r/20230128060543.95582-5-peter@pjd.dev Signed-off-by: Cédric Le Goater <clg@kaod.org>
FreeBSD implements pthread headers using TSA (thread safety analysis) annotations, therefore when an application is compiled with -Wthread-safety there are some locking/annotation requirements that the user of the pthread API has to follow. This will also be the case in QEMU, since bsd-user/mmap.c uses the pthread API. Therefore when building it with -Wthread-safety the compiler will throw warnings because the functions are not properly annotated. We need TSA to be enabled because it ensures that the critical sections of an annotated variable are properly locked. In order to make the compiler happy and avoid adding all the necessary macros to all callers (lock functions should use TSA_ACQUIRE, while unlock TSA_RELEASE, and this applies to all users of pthread_mutex_lock and pthread_mutex_unlock), simply use TSA_NO_TSA to supppress such warnings. Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Message-Id: <20230117135203.3049709-3-eesposit@redhat.com> Reviewed-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This enables clang's thread safety analysis (TSA), which we'll use to statically check the block graph locking. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20221207131838.239125-9-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230117135203.3049709-4-eesposit@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
g_hash_table_destroy() and g_hash_table_foreach_remove() (called by curl_drop_all_sockets()) both require the table to be non-NULL, or will print assertion failures (just print, no abort). There are several paths in curl_open() that can lead to the out_noclean label without s->sockets being allocated, so clean it only if it has been allocated. Example reproducer: $ qemu-img info -f http '' qemu-img: GLib: g_hash_table_foreach_remove: assertion 'hash_table != NULL' failed qemu-img: GLib: g_hash_table_destroy: assertion 'hash_table != NULL' failed qemu-img: Could not open '': http curl driver cannot handle the URL '' (does not start with 'http://') Closes: https://gitlab.com/qemu-project/qemu/-/issues/1475 Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Hanna Czenczek <hreitz@redhat.com> Message-Id: <20230206132949.92917-1-hreitz@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Some functions must not be called from coroutine context. The common pattern to use them anyway from a coroutine is running them in a BH and letting the calling coroutine yield to be woken up when the BH is completed. Instead of manually writing such wrappers, add support for generating them to block-coroutine-wrapper. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-2-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Images can't be opened in coroutine context because opening needs to change the block graph. Add no_co_wrappers so that coroutines have a simple way of opening images in a BH instead. At the same time, mark the wrapped functions as no_coroutine_fn. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-3-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-4-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-5-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-6-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine, as does qcow2_do_open(). Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-7-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-8-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-9-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-10-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-11-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
.bdrv_co_create implementations run in a coroutine. Therefore they are not allowed to open images directly. Fix the calls to use the corresponding no_co_wrappers instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-12-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
…pper bdrv_co_create_opts_simple() runs in a coroutine. Therefore it is not allowed to open images directly. Fix the call to use the corresponding no_co_wrapper instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-13-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20230126172432.436111-14-kwolf@redhat.com> Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Reviewed-by: Hanna Czenczek <hreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
* 7.55.0 deprecates CURLINFO_CONTENT_LENGTH_DOWNLOAD in favour of a *_T version, which returns curl_off_t instead of a double. * 7.85.0 deprecates CURLOPT_PROTOCOLS and CURLOPT_REDIR_PROTOCOLS in favour of *_STR variants, specifying the desired protocols via a string. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1440 Signed-off-by: Anton Johansson <anjo@rev.ng> Message-Id: <20230123201431.23118-1-anjo@rev.ng> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
bdrv_append() is called with bs_top AioContext held, but bdrv_attach_child_noperm() could change the AioContext of bs_top. bdrv_replace_node_noperm() calls bdrv_drained_begin() starting from commit 2398747 ("block: Don't poll in bdrv_replace_child_noperm()"). bdrv_drained_begin() can call BDRV_POLL_WHILE that assumes the new lock is taken, so let's temporarily hold the new AioContext to prevent QEMU from failing in BDRV_POLL_WHILE when it tries to release the wrong AioContext. Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2168209 Reported-by: Aihua Liang <aliang@redhat.com> Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Message-Id: <20230214171621.11574-1-sgarzare@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
I have to admit this is out of my scope now. Still feel free to Cc me directly if my help is needed :) Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Message-Id: <20230214182848.1564714-1-vsementsov@yandex-team.ru> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
…r threads When calling bdrv_getlength() in handle_aiocb_write_zeroes(), the function creates a new coroutine and then waits that it finishes using AIO_WAIT_WHILE. The problem is that this function could also run in a worker thread, that has a different AioContext from main loop and iothreads, therefore in AIO_WAIT_WHILE we will have in_aio_context_home_thread(ctx) == false and therefore assert(qemu_get_current_aio_context() == qemu_get_aio_context()); in the else branch will fail, crashing QEMU. Aside from that, bdrv_getlength() is wrong also conceptually, because it reads the BDS graph from another thread and is not protected by any lock. Replace it with raw_co_getlength, that doesn't create a coroutine and doesn't read the BDS graph. Reported-by: Ninad Palsule <ninad@linux.vnet.ibm.com> Suggested-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com> Message-Id: <20230209154522.1164401-1-eesposit@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
The last return statement should return true, as we already evaluated that start == next_dirty Also, fix hbitmap_status() description in header Cc: qemu-stable@nongnu.org Fixes: a642647 ("block/dirty-bitmap: introduce bdrv_dirty_bitmap_status()") Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko@virtuozzo.com> Message-Id: <20230202181523.423131-1-andrey.zhadchenko@virtuozzo.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Block layer patches - configure: Enable -Wthread-safety if present - no_co_wrapper to fix bdrv_open*() calls from coroutine context - curl fixes, including enablement of newer libcurl versions - MAINTAINERS: drop Vladimir from parallels block driver - hbitmap: fix hbitmap_status() return value for first dirty bit case - file-posix: Fix assertion failure in write_zeroes after moving bdrv_getlength() to co_wrapper # -----BEGIN PGP SIGNATURE----- # # iQJFBAABCAAvFiEE3D3rFZqa+V09dFb+fwmycsiPL9YFAmPvgm0RHGt3b2xmQHJl # ZGhhdC5jb20ACgkQfwmycsiPL9ZxQg//ZWwwh/s/P1PnKAjInNZZNklAWKThNEbZ # cF1S94w26IhEQqM0i6MflqcDsPU5t4xZtBUOizx++9M4G8amWnomJSdczUcKULla # Az9yweFC1Gu6ENdw+ql5VOzCfpdH5Bn9Jkly5fxuI4vmnBz1PH1Dnd3P4wuLq2sL # xna5dijVEhRc5mTKWjbp4nFfvQhucuEBPSNjgnZwEPbhciWxTMmB1GmyRvTxZy8v # UY8PcoTlxdKeVQ6DTmkOirphpGj7HeNCEQnZppWs7vHys2oGi9kmR5qTKUNZxGrY # 8yWiCiVDqbb50fhEC1srhph79bCij87QC1N33Bm+NuGjnjG4bKVx2B9DC8+6S/JS # e3x6u+r0dd6/t0rjKnt1+inYqmM+i5lBJ7+R0yhWUQ+DYkvttNf5yiotD8qvccWJ # Kcx14lfjPLK7siAMEY5K0bNMimhN4RR9oCLoPTOHei+vlxdfiMm2XPN61NNht5gD # lYZ8JMBsEF/o2ebqTgsJrIHS+Q/8MqcwSunBc54fcXZoF+eiza3W2ArXLNfAEfGE # U4JowNK2PrTIrpEjD+Vs0RsBBSmN5PcYIAz04ioODpDnYMq73/t3x9MKdVoxOT64 # AM7w58fSyWu8iwvkeA0d3XeVtSHFqZ49PqqIem4IegtnC/AXMUNrJ/VT99xHjeJY # oLhOJz7LUg0= # =FtaA # -----END PGP SIGNATURE----- # gpg: Signature made Fri 17 Feb 2023 13:34:37 GMT # gpg: using RSA key DC3DEB159A9AF95D3D7456FE7F09B272C88F2FD6 # gpg: issuer "kwolf@redhat.com" # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * tag 'for-upstream' of https://repo.or.cz/qemu/kevin: (22 commits) hbitmap: fix hbitmap_status() return value for first dirty bit case block/file-posix: don't use functions calling AIO_WAIT_WHILE in worker threads MAINTAINERS: drop Vladimir from parallels block driver block: temporarily hold the new AioContext of bs_top in bdrv_append() block: Handle curl 7.55.0, 7.85.0 version changes block: Assert non-coroutine context for bdrv_open_inherit() block: Fix bdrv_co_create_opts_simple() to open images with no_co_wrapper vpc: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper vmdk: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper vhdx: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper vdi: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper qed: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper qcow2: Fix open/create to open images with no_co_wrapper qcow: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper parallels: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper luks: Fix .bdrv_co_create(_opts) to open images with no_co_wrapper block: Create no_co_wrappers for open functions block-coroutine-wrapper: Introduce no_co_wrapper curl: Fix error path in curl_open() configure: Enable -Wthread-safety if present ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
…into staging Remove C virtiofsd We deprecated the C virtiofsd in commit 34deee7 in v7.0 in favour of the Rust implementation at https://gitlab.com/virtio-fs/virtiofsd since then, the Rust version has had more development and has held up well. It's time to say goodbye to the C version that got us going. Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEERfXHG0oMt/uXep+pBRYzHrxb/ecFAmPudNkACgkQBRYzHrxb # /ed2ZBAAlz+bjTIoWjJr5/5nSjydd5ucARYDX4n0PI2byVDHFVaUCTIi+rLrxCYs # qnb7HVmQW4y6zy15sM1xsbqSyrVgqvDheAJPWVekkoIuVT1t6wVpAZ7sykwx8U1I # ge2T6pXcc4xKptyGnMAB0v0T5r9hN2Peghg3/KBn6WSD1WM2rD6KmvU4untYOeST # I/KeoEDc4WUHtaPoDIduQlEcxGKJft6ifS0ksL0Jlf06aDg9UXxcuovtN6GtmnD2 # oNPYR0qG6aN4FynTrcVBN38N3cEosdCtEK0kgvbxulnQ4Iwxyi9hBkvUJA3UmjQ/ # THkWa9Gl+bFTGfNFxUEBV+0bBI46MFn2zXmpatPeV6NvKhiaDi4DDUczueUH1+s+ # C5KWYN3LuDznmM2NQzFipG1NtP2tif6wM2dYTOHf62n4UZBSe0xSdM1OKwqKXQnN # w5TPlZEvnaYY7vz2fjDlnLKAD9WxlxvMYjr/eJrrjDPSWGxAoe59q0nXBlzXi1Bl # 6GcCqt/GQpLbY9X2l2pb1bvFOZcPtPZ6CiLBCslKZ5MxmiCvZWnJQ2ZHe9ccQeUX # 22wWB5gkvWz/1bPddQR7JJ48HxBEPRd4aZ93A3jJfZqWCaTaHQ6bZboghVywMbXJ # P0wkwaXsFshcyuZfus/dq61y+jsIVR3EyxxRMxd2rO6Mg6nvTcs= # =0FYt # -----END PGP SIGNATURE----- # gpg: Signature made Thu 16 Feb 2023 18:24:25 GMT # gpg: using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7 # gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full] # Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7 * tag 'pull-virtiofs-20230216b' of https://gitlab.com/dagrh/qemu: virtiofsd: Swing deprecated message to removed-features virtiofsd: Remove source virtiofsd: Remove build and docs glue virtiofsd: Remove test Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
…mson/qemu into staging VFIO updates 2023-02-16 * Initial v2 migration support for vfio (Avihai Horon) * Add Cédric as vfio reviewer (Cédric Le Goater) # -----BEGIN PGP SIGNATURE----- # # iQJPBAABCAA5FiEEQvbATlQL0amee4qQI5ubbjuwiyIFAmPumhUbHGFsZXgud2ls # bGlhbXNvbkByZWRoYXQuY29tAAoJECObm247sIsijnMP/0Rz/lsGxym76mXtr5WY # OR5SDFpifpaUVi+1xTugYFPnZvN+RdnlcLrcp1g8G+lmd4ANqwT0b9XTTTI8WTau # DhSHW/05WgAOrf/jOSV29oNSf7jtGJZcDbAy8f5NXxwK/IRlJEDJfCaqxwYSyYf1 # nfC0ZwMTrBrA6pzF5OzIJSkhl/uPwlTsBxRnbN86Z22rE128ASjUtj1jir4rPLg0 # ClUn7Rrdk/Y6uXIB9c6TFC+wmG0QAVsklWIeNLUFWUak4H0gqp7AUmMlJV99i5Q7 # 3H4Zjspwn79llvGm4X1QpuLaop2QaIQaW4FTpzRSftelEosjIjkTCMrWTb4MKff1 # cgT0dmC1Hht+zQ0MPbmgeaiwPH/V7r+J9GffG6p2b4itdHmrKVsqKQMSQS/IJFBw # eiO1rENRXNcTnC29jPUhe1IS1DEwCNkWm9NgJoC5WPJYQXsiEvo4YDH/30FnByXg # KQdd5OxR7o6qJM5e4PUn4wd9sHsYU8IsIEJdKnynoS9qUdPqv0tJ+tLYWcBhQPJq # M8R+mDwImMzw0bgurg4607VgL9HJEXna2rgdd5hcMq88M+M5OpmowXlk4TTY4Ha9 # lmWSndYJG6npNY4NXcxbe4x5H8ndvHcO+g3weynsxPFjnL959NzQyWNFXFDBqBg3 # fhNVqYTrMOcEN5uv18o+mnsG # =oK7/ # -----END PGP SIGNATURE----- # gpg: Signature made Thu 16 Feb 2023 21:03:17 GMT # gpg: using RSA key 42F6C04E540BD1A99E7B8A90239B9B6E3BB08B22 # gpg: issuer "alex.williamson@redhat.com" # gpg: Good signature from "Alex Williamson <alex.williamson@redhat.com>" [full] # gpg: aka "Alex Williamson <alex@shazbot.org>" [full] # gpg: aka "Alex Williamson <alwillia@redhat.com>" [full] # gpg: aka "Alex Williamson <alex.l.williamson@gmail.com>" [full] # Primary key fingerprint: 42F6 C04E 540B D1A9 9E7B 8A90 239B 9B6E 3BB0 8B22 * tag 'vfio-updates-20230216.0' of https://gitlab.com/alex.williamson/qemu: MAINTAINERS: Add myself as VFIO reviewer docs/devel: Align VFIO migration docs to v2 protocol vfio: Alphabetize migration section of VFIO trace-events file vfio/migration: Remove VFIO migration protocol v1 vfio/migration: Implement VFIO migration protocol v2 vfio/migration: Rename functions/structs related to v1 protocol vfio/migration: Move migration v1 logic to vfio_migration_init() vfio/migration: Block multiple devices migration vfio/common: Change vfio_devices_all_running_and_saving() logic to equivalent one vfio/migration: Allow migration without VFIO IOMMU dirty tracking support vfio/migration: Fix NULL pointer dereference bug linux-headers: Update to v6.2-rc8 Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Replace fork-based fuzzing with reboots. Now the fuzzers will reboot the guest between inputs. # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCgAdFiEE+tTiv4cTddY0BRfETmYd3lg6lk4FAmPu/LoACgkQTmYd3lg6 # lk6RHg/7BRGI5ZPXb1MmTNCC+SroQ6TT++lO4b0hbkN2HO6U+WVvfuA6+0wg+8qC # 4bp+G1Tabpcq1MTYUuim6DBtWswgpqr0AbWNwn1eF7hya+3W9woH2POVYY2wwc7m # S3EdwXCCKo9gGXlaNrotnbwIk+o8B4BzXOXLIlRtg26wGYhT5fkJA/BQcHKDXz37 # ctyWxlyjIM8pNCgfybMvjC7MYtp8DufPsv/rrKx9t0TM7f1jPVgXLek7t0+ZwjeY # qz2Om2jiij1INgK9hTieWs4eHwpwre6vH2a+JKRkZ3sS7WYcj1auNKVJb3GvDqmc # wy+Nz5Lz4+aPP19pkCYjfz5w3CqEEsSlSDn5UVRbfl2fbENSceoNwo9huMXsF1pB # oO6NK2NxbOygmNpYxp+JEt45KFIXzUcIFQwbn8aCDODIl+0H2yu7/ll6XgELf1Pa # P83THOaVxIxfcI9VOdt/FwDq1ZzmV5nk/BkIGJeIWNYMbU4Gze6YoaL3U8AHDxKH # f6f3qDzcVJjqD0wKhvYcQ3kSPq+vHc/ioh6mYwos6VUEVYz/SLOY876MaSB/K4PE # ofBV7y6HvJ6AMwg1TBg4YtOP08gWK+4sYH+I09oU40U3UcwEpkbkQTF72lPQHxFs # 8UVRJrgWv/xzrwzXTX5ruQ633F8zuhqQTeERqksj1pPHJ3NdHps= # =F6qI # -----END PGP SIGNATURE----- # gpg: Signature made Fri 17 Feb 2023 04:04:10 GMT # gpg: using RSA key FAD4E2BF871375D6340517C44E661DDE583A964E # gpg: Good signature from "Alexander Bulekov <alxndr@bu.edu>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: FAD4 E2BF 8713 75D6 3405 17C4 4E66 1DDE 583A 964E * tag 'pr-2023-02-16' of https://gitlab.com/a1xndr/qemu: docs/fuzz: remove mentions of fork-based fuzzing fuzz: remove fork-fuzzing scaffolding fuzz/i440fx: remove fork-based fuzzer fuzz/virtio-blk: remove fork-based fuzzer fuzz/virtio-net: remove fork-based fuzzer fuzz/virtio-scsi: remove fork-based fuzzer fuzz/generic-fuzz: add a limit on DMA bytes written fuzz/generic-fuzz: use reboots instead of forks to reset state fuzz: add fuzz_reset API hw/sparse-mem: clear memory on reset Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
… staging # -----BEGIN PGP SIGNATURE----- # Version: GnuPG v1 # # iQEcBAABAgAGBQJj7xKYAAoJEO8Ells5jWIRDZQH/Rao24sq3j97qE5RzekvANzq # GnHUyLnl3yeOSNumv2BJInZTvgUpYL2etGQr3DtGRwOrr7w1vKB3zhY3V3jQefkh # f4rsEGkamL/qM2N2cGUIUSqevo7OGnP8aQojpEi4MWWZ30B3L6jqd4NqyA1gyndV # 1eBkpR+BY2PjcLbgvFUZEXeAn/vapE5NKULXUGhg5mMvgwYH3CgZXpqqkxr876za # S4rZMtReXKNeid14Z35SUjJdV2WKYmo/lN9+GQxF2YNLmDC3RtuFQVm038erSqvs # uLVSg8tiIlCyOcSDpR/BARNrxVwzlJp5X6ocapHubS/i0Rp/Zo7ezSk/XWH1gfU= # =UbzF # -----END PGP SIGNATURE----- # gpg: Signature made Fri 17 Feb 2023 05:37:28 GMT # gpg: using RSA key EF04965B398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal] # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * tag 'net-pull-request' of https://github.com/jasowang/qemu: vdpa: fix VHOST_BACKEND_F_IOTLB_ASID flag check net: stream: add a new option to automatically reconnect vmnet: stop recieving events when VM is stopped net: Increase L2TPv3 buffer to fit jumboframes hw/net/vmxnet3: allow VMXNET3_MAX_MTU itself as a value hw/net/lan9118: log [read|write]b when mode_16bit is enabled rather than abort net: Replace "Supported NIC models" with "Available NIC models" net: Restore printing of the help text with "-nic help" net: Move the code to collect available NIC models to a separate function Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
mattiantonini
pushed a commit
that referenced
this pull request
Feb 23, 2023
This is below memleak detected when to quit the qemu-system-x86_64 (with vhost-scsi-pci). (qemu) quit ================================================================= ==15568==ERROR: LeakSanitizer: detected memory leaks Direct leak of 40 byte(s) in 1 object(s) allocated from: #0 0x7f00aec57917 in __interceptor_calloc (/lib64/libasan.so.6+0xb4917) #1 0x7f00ada0d7b5 in g_malloc0 (/lib64/libglib-2.0.so.0+0x517b5) espressif#2 0x5648ffd38bac in vhost_scsi_start ../hw/scsi/vhost-scsi.c:92 espressif#3 0x5648ffd38d52 in vhost_scsi_set_status ../hw/scsi/vhost-scsi.c:131 espressif#4 0x5648ffda340e in virtio_set_status ../hw/virtio/virtio.c:2036 espressif#5 0x5648ff8de281 in virtio_ioport_write ../hw/virtio/virtio-pci.c:431 espressif#6 0x5648ff8deb29 in virtio_pci_config_write ../hw/virtio/virtio-pci.c:576 espressif#7 0x5648ffe5c0c2 in memory_region_write_accessor ../softmmu/memory.c:493 espressif#8 0x5648ffe5c424 in access_with_adjusted_size ../softmmu/memory.c:555 espressif#9 0x5648ffe6428f in memory_region_dispatch_write ../softmmu/memory.c:1515 espressif#10 0x5648ffe8613d in flatview_write_continue ../softmmu/physmem.c:2825 espressif#11 0x5648ffe86490 in flatview_write ../softmmu/physmem.c:2867 espressif#12 0x5648ffe86d9f in address_space_write ../softmmu/physmem.c:2963 espressif#13 0x5648ffe86e57 in address_space_rw ../softmmu/physmem.c:2973 espressif#14 0x5648fffbfb3d in kvm_handle_io ../accel/kvm/kvm-all.c:2639 espressif#15 0x5648fffc0e0d in kvm_cpu_exec ../accel/kvm/kvm-all.c:2890 espressif#16 0x5648fffc90a7 in kvm_vcpu_thread_fn ../accel/kvm/kvm-accel-ops.c:51 espressif#17 0x56490042400a in qemu_thread_start ../util/qemu-thread-posix.c:505 espressif#18 0x7f00ac3b6ea4 in start_thread (/lib64/libpthread.so.0+0x7ea4) Free the vsc->inflight at the 'stop' path. Fixes: b82526c ("vhost-scsi: support inflight io track") Cc: Joe Jin <joe.jin@oracle.com> Cc: Li Feng <fengli@smartx.com> Signed-off-by: Dongli Zhang <dongli.zhang@oracle.com> Message-Id: <20230104160433.21353-1-dongli.zhang@oracle.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
mattiantonini
pushed a commit
that referenced
this pull request
Feb 23, 2023
Fixes the appended use-after-free. The root cause is that during tb invalidation we use CPU_FOREACH, and therefore to safely free a vCPU we must wait for an RCU grace period to elapse. $ x86_64-linux-user/qemu-x86_64 tests/tcg/x86_64-linux-user/munmap-pthread ================================================================= ==1800604==ERROR: AddressSanitizer: heap-use-after-free on address 0x62d0005f7418 at pc 0x5593da6704eb bp 0x7f4961a7ac70 sp 0x7f4961a7ac60 READ of size 8 at 0x62d0005f7418 thread T2 #0 0x5593da6704ea in tb_jmp_cache_inval_tb ../accel/tcg/tb-maint.c:244 #1 0x5593da6704ea in do_tb_phys_invalidate ../accel/tcg/tb-maint.c:290 espressif#2 0x5593da670631 in tb_phys_invalidate__locked ../accel/tcg/tb-maint.c:306 espressif#3 0x5593da670631 in tb_invalidate_phys_page_range__locked ../accel/tcg/tb-maint.c:542 espressif#4 0x5593da67106d in tb_invalidate_phys_range ../accel/tcg/tb-maint.c:614 espressif#5 0x5593da6a64d4 in target_munmap ../linux-user/mmap.c:766 espressif#6 0x5593da6dba05 in do_syscall1 ../linux-user/syscall.c:10105 espressif#7 0x5593da6f564c in do_syscall ../linux-user/syscall.c:13329 espressif#8 0x5593da49e80c in cpu_loop ../linux-user/x86_64/../i386/cpu_loop.c:233 espressif#9 0x5593da6be28c in clone_func ../linux-user/syscall.c:6633 espressif#10 0x7f496231cb42 in start_thread nptl/pthread_create.c:442 espressif#11 0x7f49623ae9ff (/lib/x86_64-linux-gnu/libc.so.6+0x1269ff) 0x62d0005f7418 is located 28696 bytes inside of 32768-byte region [0x62d0005f0400,0x62d0005f8400) freed by thread T148 here: #0 0x7f49627b6460 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52 #1 0x5593da5ac057 in cpu_exec_unrealizefn ../cpu.c:180 espressif#2 0x5593da81f851 (/home/cota/src/qemu/build/qemu-x86_64+0x484851) Signed-off-by: Emilio Cota <cota@braap.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230111151628.320011-2-cota@braap.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20230124180127.1881110-27-alex.bennee@linaro.org>
mattiantonini
pushed a commit
that referenced
this pull request
Feb 23, 2023
Fixes this tsan crash, easy to reproduce with any large enough program: $ tests/unit/test-qht 1..2 ThreadSanitizer: CHECK failed: sanitizer_deadlock_detector.h:67 "((n_all_locks_)) < (((sizeof(all_locks_with_contexts_)/sizeof((all_locks_with_contexts_)[0]))))" (0x40, 0x40) (tid=1821568) #0 __tsan::CheckUnwind() ../../../../src/libsanitizer/tsan/tsan_rtl.cpp:353 (libtsan.so.2+0x90034) #1 __sanitizer::CheckFailed(char const*, int, char const*, unsigned long long, unsigned long long) ../../../../src/libsanitizer/sanitizer_common/sanitizer_termination.cpp:86 (libtsan.so.2+0xca555) espressif#2 __sanitizer::DeadlockDetectorTLS<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >::addLock(unsigned long, unsigned long, unsigned int) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector.h:67 (libtsan.so.2+0xb3616) espressif#3 __sanitizer::DeadlockDetectorTLS<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >::addLock(unsigned long, unsigned long, unsigned int) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector.h:59 (libtsan.so.2+0xb3616) espressif#4 __sanitizer::DeadlockDetector<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >::onLockAfter(__sanitizer::DeadlockDetectorTLS<__sanitizer::TwoLevelBitVector<1ul, __sanitizer::BasicBitVector<unsigned long> > >*, unsigned long, unsigned int) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector.h:216 (libtsan.so.2+0xb3616) espressif#5 __sanitizer::DD::MutexAfterLock(__sanitizer::DDCallback*, __sanitizer::DDMutex*, bool, bool) ../../../../src/libsanitizer/sanitizer_common/sanitizer_deadlock_detector1.cpp:169 (libtsan.so.2+0xb3616) espressif#6 __tsan::MutexPostLock(__tsan::ThreadState*, unsigned long, unsigned long, unsigned int, int) ../../../../src/libsanitizer/tsan/tsan_rtl_mutex.cpp:200 (libtsan.so.2+0xa3382) espressif#7 __tsan_mutex_post_lock ../../../../src/libsanitizer/tsan/tsan_interface_ann.cpp:384 (libtsan.so.2+0x76bc3) espressif#8 qemu_spin_lock /home/cota/src/qemu/include/qemu/thread.h:259 (test-qht+0x44a97) espressif#9 qht_map_lock_buckets ../util/qht.c:253 (test-qht+0x44a97) espressif#10 do_qht_iter ../util/qht.c:809 (test-qht+0x45f33) espressif#11 qht_iter ../util/qht.c:821 (test-qht+0x45f33) espressif#12 iter_check ../tests/unit/test-qht.c:121 (test-qht+0xe473) espressif#13 qht_do_test ../tests/unit/test-qht.c:202 (test-qht+0xe473) espressif#14 qht_test ../tests/unit/test-qht.c:240 (test-qht+0xe7c1) espressif#15 test_default ../tests/unit/test-qht.c:246 (test-qht+0xe828) espressif#16 <null> <null> (libglib-2.0.so.0+0x7daed) espressif#17 <null> <null> (libglib-2.0.so.0+0x7d80a) espressif#18 <null> <null> (libglib-2.0.so.0+0x7d80a) espressif#19 g_test_run_suite <null> (libglib-2.0.so.0+0x7dfe9) espressif#20 g_test_run <null> (libglib-2.0.so.0+0x7e055) espressif#21 main ../tests/unit/test-qht.c:259 (test-qht+0xd2c6) espressif#22 __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 (libc.so.6+0x29d8f) espressif#23 __libc_start_main_impl ../csu/libc-start.c:392 (libc.so.6+0x29e3f) espressif#24 _start <null> (test-qht+0xdb44) Signed-off-by: Emilio Cota <cota@braap.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230111151628.320011-5-cota@braap.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20230124180127.1881110-30-alex.bennee@linaro.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.