From bf5dcf8f2cf61283a46aea14867adbec1a20fe3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Wed, 12 May 2021 09:07:13 +0200 Subject: [PATCH 01/16] backends/tpm: Replace qemu_mutex_lock calls with QEMU_LOCK_GUARD MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Simplify the tpm_emulator_ctrlcmd() handler by replacing a pair of qemu_mutex_lock/qemu_mutex_unlock calls by the WITH_QEMU_LOCK_GUARD macro. Reviewed-by: Stefan Berger Reviewed-by: Christophe de Dinechin Signed-off-by: Philippe Mathieu-Daudé Message-Id: <20210512070713.3286188-1-philmd@redhat.com> Signed-off-by: Laurent Vivier --- backends/tpm/tpm_emulator.c | 34 +++++++++++++++------------------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/backends/tpm/tpm_emulator.c b/backends/tpm/tpm_emulator.c index a012adc193..e5f1063ab6 100644 --- a/backends/tpm/tpm_emulator.c +++ b/backends/tpm/tpm_emulator.c @@ -30,6 +30,7 @@ #include "qemu/error-report.h" #include "qemu/module.h" #include "qemu/sockets.h" +#include "qemu/lockable.h" #include "io/channel-socket.h" #include "sysemu/tpm_backend.h" #include "sysemu/tpm_util.h" @@ -124,31 +125,26 @@ static int tpm_emulator_ctrlcmd(TPMEmulator *tpm, unsigned long cmd, void *msg, uint32_t cmd_no = cpu_to_be32(cmd); ssize_t n = sizeof(uint32_t) + msg_len_in; uint8_t *buf = NULL; - int ret = -1; - qemu_mutex_lock(&tpm->mutex); + WITH_QEMU_LOCK_GUARD(&tpm->mutex) { + buf = g_alloca(n); + memcpy(buf, &cmd_no, sizeof(cmd_no)); + memcpy(buf + sizeof(cmd_no), msg, msg_len_in); - buf = g_alloca(n); - memcpy(buf, &cmd_no, sizeof(cmd_no)); - memcpy(buf + sizeof(cmd_no), msg, msg_len_in); - - n = qemu_chr_fe_write_all(dev, buf, n); - if (n <= 0) { - goto end; - } - - if (msg_len_out != 0) { - n = qemu_chr_fe_read_all(dev, msg, msg_len_out); + n = qemu_chr_fe_write_all(dev, buf, n); if (n <= 0) { - goto end; + return -1; + } + + if (msg_len_out != 0) { + n = qemu_chr_fe_read_all(dev, msg, msg_len_out); + if (n <= 0) { + return -1; + } } } - ret = 0; - -end: - qemu_mutex_unlock(&tpm->mutex); - return ret; + return 0; } static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_emu, From 989f622d418a81051ee8a2cb3942d18fcf5e3937 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Tue, 11 May 2021 12:41:55 +0200 Subject: [PATCH 02/16] hw/virtio: Pass virtio_feature_get_config_size() a const argument MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The VirtIOFeature structure isn't modified, mark it const. Signed-off-by: Philippe Mathieu-Daudé Acked-by: Jason Wang Reviewed-by: Richard Henderson Reviewed-by: Stefan Hajnoczi Reviewed-by: Stefano Garzarella Message-Id: <20210511104157.2880306-2-philmd@redhat.com> Signed-off-by: Laurent Vivier --- hw/virtio/virtio.c | 2 +- include/hw/virtio/virtio.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 9e13cb9e3a..e02544b2df 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -2981,7 +2981,7 @@ int virtio_set_features(VirtIODevice *vdev, uint64_t val) return ret; } -size_t virtio_feature_get_config_size(VirtIOFeature *feature_sizes, +size_t virtio_feature_get_config_size(const VirtIOFeature *feature_sizes, uint64_t host_features) { size_t config_size = 0; diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h index b7ece7a6a8..8bab9cfb75 100644 --- a/include/hw/virtio/virtio.h +++ b/include/hw/virtio/virtio.h @@ -43,7 +43,7 @@ typedef struct VirtIOFeature { size_t end; } VirtIOFeature; -size_t virtio_feature_get_config_size(VirtIOFeature *features, +size_t virtio_feature_get_config_size(const VirtIOFeature *features, uint64_t host_features); typedef struct VirtQueue VirtQueue; From f212f3e7f868cb0e82fdf2d68e83adcad4e33730 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Tue, 11 May 2021 12:41:56 +0200 Subject: [PATCH 03/16] virtio-blk: Constify VirtIOFeature feature_sizes[] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Philippe Mathieu-Daudé Acked-by: Jason Wang Reviewed-by: Richard Henderson Reviewed-by: Stefan Hajnoczi Reviewed-by: Stefano Garzarella Message-Id: <20210511104157.2880306-3-philmd@redhat.com> Signed-off-by: Laurent Vivier --- hw/block/virtio-blk.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c index d28979efb8..f139cd7cc9 100644 --- a/hw/block/virtio-blk.c +++ b/hw/block/virtio-blk.c @@ -40,7 +40,7 @@ * Starting from the discard feature, we can use this array to properly * set the config size depending on the features enabled. */ -static VirtIOFeature feature_sizes[] = { +static const VirtIOFeature feature_sizes[] = { {.flags = 1ULL << VIRTIO_BLK_F_DISCARD, .end = endof(struct virtio_blk_config, discard_sector_alignment)}, {.flags = 1ULL << VIRTIO_BLK_F_WRITE_ZEROES, From 28cbc87be58b490a31f5c2697c79cf0534cd3fea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Tue, 11 May 2021 12:41:57 +0200 Subject: [PATCH 04/16] virtio-net: Constify VirtIOFeature feature_sizes[] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Philippe Mathieu-Daudé Acked-by: Jason Wang Reviewed-by: Richard Henderson Reviewed-by: Stefan Hajnoczi Reviewed-by: Stefano Garzarella Message-Id: <20210511104157.2880306-4-philmd@redhat.com> Signed-off-by: Laurent Vivier --- hw/net/virtio-net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 66b9ff4511..6b7e8dd04e 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -89,7 +89,7 @@ VIRTIO_NET_RSS_HASH_TYPE_TCP_EX | \ VIRTIO_NET_RSS_HASH_TYPE_UDP_EX) -static VirtIOFeature feature_sizes[] = { +static const VirtIOFeature feature_sizes[] = { {.flags = 1ULL << VIRTIO_NET_F_MAC, .end = endof(struct virtio_net_config, mac)}, {.flags = 1ULL << VIRTIO_NET_F_STATUS, From 4962b312cd2a09902efdf34d91f529164e321b8d Mon Sep 17 00:00:00 2001 From: Greg Kurz Date: Fri, 7 May 2021 18:12:28 +0200 Subject: [PATCH 05/16] virtiofsd: Fix check of chown()'s return value Otherwise you always get this warning when using --socket-group=users vhost socket failed to set group to users (100) While here, print out the error if chown() fails. Fixes: f6698f2b03b0 ("tools/virtiofsd: add support for --socket-group") Signed-off-by: Greg Kurz Reviewed-by: Dr. David Alan Gilbert Message-Id: <162040394890.714971.15502455176528384778.stgit@bahia.lan> Signed-off-by: Laurent Vivier --- tools/virtiofsd/fuse_virtio.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c index 1170f375a5..9efdbd8ffd 100644 --- a/tools/virtiofsd/fuse_virtio.c +++ b/tools/virtiofsd/fuse_virtio.c @@ -1024,9 +1024,9 @@ static int fv_create_listen_socket(struct fuse_session *se) if (se->vu_socket_group) { struct group *g = getgrnam(se->vu_socket_group); if (g) { - if (!chown(se->vu_socket_path, -1, g->gr_gid)) { + if (chown(se->vu_socket_path, -1, g->gr_gid) == -1) { fuse_log(FUSE_LOG_WARNING, - "vhost socket failed to set group to %s (%d)\n", + "vhost socket failed to set group to %s (%d): %m\n", se->vu_socket_group, g->gr_gid); } } From 09ceb33091ab50ea632727d105057f2bd6324672 Mon Sep 17 00:00:00 2001 From: Michael Tokarev Date: Sat, 8 May 2021 12:33:15 +0300 Subject: [PATCH 06/16] qapi: spelling fix (addtional) Fixes: 3d0d3c30ae3a259bff176f85a3efa2d0816695af Signed-off-by: Michael Tokarev Reviewed-by: Kevin Wolf Message-Id: <20210508093315.393274-1-mjt@msgid.tls.msk.ru> Signed-off-by: Laurent Vivier --- qapi/qom.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/qapi/qom.json b/qapi/qom.json index cd0e76d564..40d70c434a 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -251,8 +251,8 @@ # # @max_queue_size: the maximum number of packets to keep in the queue for # comparing with incoming packets from @secondary_in. If the -# queue is full and addtional packets are received, the -# addtional packets are dropped. (default: 1024) +# queue is full and additional packets are received, the +# additional packets are dropped. (default: 1024) # # @vnet_hdr_support: if true, vnet header support is enabled (default: false) # From bcfec3763e44b6996384272bf43fbcfce7f45c57 Mon Sep 17 00:00:00 2001 From: Michael Tokarev Date: Sat, 8 May 2021 12:36:15 +0300 Subject: [PATCH 07/16] hw/gpio/aspeed: spelling fix (addtional) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: 36d737ee82b2972167e97901c5271ba3f904ba71 Signed-off-by: Michael Tokarev Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20210508093615.411920-1-mjt@msgid.tls.msk.ru> Signed-off-by: Laurent Vivier --- hw/gpio/aspeed_gpio.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/gpio/aspeed_gpio.c b/hw/gpio/aspeed_gpio.c index 985a259e05..34d8acb0e3 100644 --- a/hw/gpio/aspeed_gpio.c +++ b/hw/gpio/aspeed_gpio.c @@ -170,7 +170,7 @@ /* AST2600 only - 1.8V gpios */ /* * The AST2600 has same 3.6V gpios as the AST2400 (memory offsets 0x0-0x198) - * and addtional 1.8V gpios (memory offsets 0x800-0x9D4). + * and additional 1.8V gpios (memory offsets 0x800-0x9D4). */ #define GPIO_1_8V_REG_OFFSET 0x800 #define GPIO_1_8V_ABCD_DATA_VALUE ((0x800 - GPIO_1_8V_REG_OFFSET) >> 2) From 72fe4742c6e7fa3d237b5cb5866dfaf7733141e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Sun, 2 May 2021 18:39:30 +0200 Subject: [PATCH 08/16] hw/timer/etraxfs_timer: Convert to 3-phase reset (Resettable interface) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit TYPE_ETRAX_FS_TIMER is a sysbus device, so its DeviceClass::reset() handler is called automatically when its qbus parent is reset (we don't need to register it manually). Convert the generic reset to a enter/hold resettable ones, and remove the qemu_register_reset() call. Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Edgar E. Iglesias Message-Id: <20210502163931.552675-2-f4bug@amsat.org> Signed-off-by: Laurent Vivier --- hw/timer/etraxfs_timer.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/hw/timer/etraxfs_timer.c b/hw/timer/etraxfs_timer.c index 5379006086..4ba662190d 100644 --- a/hw/timer/etraxfs_timer.c +++ b/hw/timer/etraxfs_timer.c @@ -309,9 +309,9 @@ static const MemoryRegionOps timer_ops = { } }; -static void etraxfs_timer_reset(void *opaque) +static void etraxfs_timer_reset_enter(Object *obj, ResetType type) { - ETRAXTimerState *t = opaque; + ETRAXTimerState *t = ETRAX_TIMER(obj); ptimer_transaction_begin(t->ptimer_t0); ptimer_stop(t->ptimer_t0); @@ -325,6 +325,12 @@ static void etraxfs_timer_reset(void *opaque) t->rw_wd_ctrl = 0; t->r_intr = 0; t->rw_intr_mask = 0; +} + +static void etraxfs_timer_reset_hold(Object *obj) +{ + ETRAXTimerState *t = ETRAX_TIMER(obj); + qemu_irq_lower(t->irq); } @@ -343,14 +349,16 @@ static void etraxfs_timer_realize(DeviceState *dev, Error **errp) memory_region_init_io(&t->mmio, OBJECT(t), &timer_ops, t, "etraxfs-timer", 0x5c); sysbus_init_mmio(sbd, &t->mmio); - qemu_register_reset(etraxfs_timer_reset, t); } static void etraxfs_timer_class_init(ObjectClass *klass, void *data) { DeviceClass *dc = DEVICE_CLASS(klass); + ResettableClass *rc = RESETTABLE_CLASS(klass); dc->realize = etraxfs_timer_realize; + rc->phases.enter = etraxfs_timer_reset_enter; + rc->phases.hold = etraxfs_timer_reset_hold; } static const TypeInfo etraxfs_timer_info = { From fae5a0420754453beca3407250899254fb6745a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Sun, 2 May 2021 18:39:31 +0200 Subject: [PATCH 09/16] hw/rtc/mc146818rtc: Convert to 3-phase reset (Resettable interface) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit TYPE_MC146818_RTC is an ISA device, so its DeviceClass::reset() handler is called automatically when its qbus parent is reset (we don't need to register it manually). We have 2 reset() methods: a generic one and the qdev one. Merge them into a reset_enter handler (keeping the IRQ lowering to a reset_hold one), and remove the qemu_register_reset() call. Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Edgar E. Iglesias Message-Id: <20210502163931.552675-3-f4bug@amsat.org> Signed-off-by: Laurent Vivier --- hw/rtc/mc146818rtc.c | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/hw/rtc/mc146818rtc.c b/hw/rtc/mc146818rtc.c index 3d2d3854e7..4fbafddb22 100644 --- a/hw/rtc/mc146818rtc.c +++ b/hw/rtc/mc146818rtc.c @@ -871,22 +871,6 @@ static void rtc_notify_suspend(Notifier *notifier, void *data) rtc_set_memory(ISA_DEVICE(s), 0xF, 0xFE); } -static void rtc_reset(void *opaque) -{ - RTCState *s = opaque; - - s->cmos_data[RTC_REG_B] &= ~(REG_B_PIE | REG_B_AIE | REG_B_SQWE); - s->cmos_data[RTC_REG_C] &= ~(REG_C_UF | REG_C_IRQF | REG_C_PF | REG_C_AF); - check_update_timer(s); - - qemu_irq_lower(s->irq); - - if (s->lost_tick_policy == LOST_TICK_POLICY_SLEW) { - s->irq_coalesced = 0; - s->irq_reinject_on_ack_count = 0; - } -} - static const MemoryRegionOps cmos_ops = { .read = cmos_ioport_read, .write = cmos_ioport_write, @@ -961,7 +945,6 @@ static void rtc_realizefn(DeviceState *dev, Error **errp) memory_region_add_coalescing(&s->coalesced_io, 0, 1); qdev_set_legacy_instance_id(dev, RTC_ISA_BASE, 3); - qemu_register_reset(rtc_reset, s); object_property_add_tm(OBJECT(s), "date", rtc_get_date); @@ -997,15 +980,32 @@ static Property mc146818rtc_properties[] = { DEFINE_PROP_END_OF_LIST(), }; -static void rtc_resetdev(DeviceState *d) +static void rtc_reset_enter(Object *obj, ResetType type) { - RTCState *s = MC146818_RTC(d); + RTCState *s = MC146818_RTC(obj); /* Reason: VM do suspend self will set 0xfe * Reset any values other than 0xfe(Guest suspend case) */ if (s->cmos_data[0x0f] != 0xfe) { s->cmos_data[0x0f] = 0x00; } + + s->cmos_data[RTC_REG_B] &= ~(REG_B_PIE | REG_B_AIE | REG_B_SQWE); + s->cmos_data[RTC_REG_C] &= ~(REG_C_UF | REG_C_IRQF | REG_C_PF | REG_C_AF); + check_update_timer(s); + + + if (s->lost_tick_policy == LOST_TICK_POLICY_SLEW) { + s->irq_coalesced = 0; + s->irq_reinject_on_ack_count = 0; + } +} + +static void rtc_reset_hold(Object *obj) +{ + RTCState *s = MC146818_RTC(obj); + + qemu_irq_lower(s->irq); } static void rtc_build_aml(ISADevice *isadev, Aml *scope) @@ -1032,11 +1032,13 @@ static void rtc_build_aml(ISADevice *isadev, Aml *scope) static void rtc_class_initfn(ObjectClass *klass, void *data) { DeviceClass *dc = DEVICE_CLASS(klass); + ResettableClass *rc = RESETTABLE_CLASS(klass); ISADeviceClass *isa = ISA_DEVICE_CLASS(klass); dc->realize = rtc_realizefn; - dc->reset = rtc_resetdev; dc->vmsd = &vmstate_rtc; + rc->phases.enter = rtc_reset_enter; + rc->phases.hold = rtc_reset_hold; isa->build_aml = rtc_build_aml; device_class_set_props(dc, mc146818rtc_properties); set_bit(DEVICE_CATEGORY_MISC, dc->categories); From b6d003dbee81f1bf419c7cceec0c4c358184a601 Mon Sep 17 00:00:00 2001 From: Stefano Garzarella Date: Mon, 12 Apr 2021 19:02:55 +0200 Subject: [PATCH 10/16] cutils: fix memory leak in get_relocated_path() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit get_relocated_path() allocates a GString object and returns the character data (C string) to the caller without freeing the memory allocated for that object as reported by valgrind: 24 bytes in 1 blocks are definitely lost in loss record 2,805 of 6,532 at 0x4839809: malloc (vg_replace_malloc.c:307) by 0x55AABB8: g_malloc (in /usr/lib64/libglib-2.0.so.0.6600.8) by 0x55C2481: g_slice_alloc (in /usr/lib64/libglib-2.0.so.0.6600.8) by 0x55C4827: g_string_sized_new (in /usr/lib64/libglib-2.0.so.0.6600.8) by 0x55C4CEA: g_string_new (in /usr/lib64/libglib-2.0.so.0.6600.8) by 0x906314: get_relocated_path (cutils.c:1036) by 0x6E1F77: qemu_read_default_config_file (vl.c:2122) by 0x6E1F77: qemu_init (vl.c:2687) by 0x3E3AF8: main (main.c:49) Let's use g_string_free(gstring, false) to free only the GString object and transfer the ownership of the character data to the caller. Fixes: f4f5ed2cbd ("cutils: introduce get_relocated_path") Signed-off-by: Stefano Garzarella Reviewed-by: Marc-André Lureau Reviewed-by: Markus Armbruster Message-Id: <20210412170255.231406-1-sgarzare@redhat.com> Signed-off-by: Laurent Vivier --- util/cutils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/cutils.c b/util/cutils.c index ee908486da..c9b91e7535 100644 --- a/util/cutils.c +++ b/util/cutils.c @@ -1055,5 +1055,5 @@ char *get_relocated_path(const char *dir) assert(G_IS_DIR_SEPARATOR(dir[-1])); g_string_append(result, dir - 1); } - return result->str; + return g_string_free(result, false); } From b51d44677193002926a7519df89153df847f5f6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Tue, 6 Apr 2021 15:39:44 +0200 Subject: [PATCH 11/16] hw/mem/meson: Fix linking sparse-mem device with fuzzer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit sparse-mem.c is added to the 'mem_ss' source set, which itself is conditionally added to softmmu_ss if CONFIG_MEM_DEVICE is selected. But if CONFIG_MEM_DEVICE isn't selected, we get a link failure even if CONFIG_FUZZ is selected: /usr/bin/ld: tests_qtest_fuzz_generic_fuzz.c.o: in function `generic_pre_fuzz': tests/qtest/fuzz/generic_fuzz.c:826: undefined reference to `sparse_mem_init' clang-10: error: linker command failed with exit code 1 (use -v to see invocation) Fix by adding sparse-mem.c directly to the softmmu_ss set. Fixes: 230376d285b ("memory: add a sparse memory device for fuzzing") Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Alexander Bulekov Message-Id: <20210406133944.4193691-1-philmd@redhat.com> Signed-off-by: Laurent Vivier --- hw/mem/meson.build | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/mem/meson.build b/hw/mem/meson.build index ef79e04678..3c8fdef9f9 100644 --- a/hw/mem/meson.build +++ b/hw/mem/meson.build @@ -1,8 +1,9 @@ mem_ss = ss.source_set() mem_ss.add(files('memory-device.c')) -mem_ss.add(when: 'CONFIG_FUZZ', if_true: files('sparse-mem.c')) mem_ss.add(when: 'CONFIG_DIMM', if_true: files('pc-dimm.c')) mem_ss.add(when: 'CONFIG_NPCM7XX', if_true: files('npcm7xx_mc.c')) mem_ss.add(when: 'CONFIG_NVDIMM', if_true: files('nvdimm.c')) softmmu_ss.add_all(when: 'CONFIG_MEM_DEVICE', if_true: mem_ss) + +softmmu_ss.add(when: 'CONFIG_FUZZ', if_true: files('sparse-mem.c')) From 4872fdf71b52288105ae5513f892f39633bec28c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Sun, 25 Apr 2021 20:21:24 +0200 Subject: [PATCH 12/16] hw/pci-host: Do not build gpex-acpi.c if GPEX is not selected MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since its introduction in commit 5b85eabe68f ("acpi: add acpi_dsdt_add_gpex") we build gpex-acpi.c if ACPI is selected, even if the GPEX_HOST device isn't build. Add the missing Kconfig dependency. Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Alistair Francis Reviewed-by: Gerd Hoffmann Message-Id: <20210425182124.3735214-1-f4bug@amsat.org> Signed-off-by: Laurent Vivier --- hw/pci-host/meson.build | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/pci-host/meson.build b/hw/pci-host/meson.build index 34b3538beb..1698d3a192 100644 --- a/hw/pci-host/meson.build +++ b/hw/pci-host/meson.build @@ -3,7 +3,7 @@ pci_ss.add(when: 'CONFIG_PAM', if_true: files('pam.c')) pci_ss.add(when: 'CONFIG_PCI_BONITO', if_true: files('bonito.c')) pci_ss.add(when: 'CONFIG_PCI_EXPRESS_DESIGNWARE', if_true: files('designware.c')) pci_ss.add(when: 'CONFIG_PCI_EXPRESS_GENERIC_BRIDGE', if_true: files('gpex.c')) -pci_ss.add(when: 'CONFIG_ACPI', if_true: files('gpex-acpi.c')) +pci_ss.add(when: ['CONFIG_PCI_EXPRESS_GENERIC_BRIDGE', 'CONFIG_ACPI'], if_true: files('gpex-acpi.c')) pci_ss.add(when: 'CONFIG_PCI_EXPRESS_Q35', if_true: files('q35.c')) pci_ss.add(when: 'CONFIG_PCI_EXPRESS_XILINX', if_true: files('xilinx-pcie.c')) pci_ss.add(when: 'CONFIG_PCI_I440FX', if_true: files('i440fx.c')) From dcf20655ffca2b0219d2914db4aadcce4b61fa0a Mon Sep 17 00:00:00 2001 From: Jagannathan Raman Date: Fri, 7 May 2021 11:53:23 -0400 Subject: [PATCH 13/16] multi-process: Avoid logical AND of mutually exclusive tests Fixes an if statement that performs a logical AND of mutually exclusive tests Buglink: https://bugs.launchpad.net/qemu/+bug/1926995 Reviewed-by: Thomas Huth Signed-off-by: Jagannathan Raman Reviewed-by: Thomas Huth Reviewed-by: Stefan Hajnoczi Message-Id: <1620402803-9237-1-git-send-email-jag.raman@oracle.com> Signed-off-by: Laurent Vivier --- hw/remote/mpqemu-link.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/remote/mpqemu-link.c b/hw/remote/mpqemu-link.c index 9ce31526e8..e67a5de72c 100644 --- a/hw/remote/mpqemu-link.c +++ b/hw/remote/mpqemu-link.c @@ -218,7 +218,7 @@ uint64_t mpqemu_msg_send_and_await_reply(MPQemuMsg *msg, PCIProxyDev *pdev, bool mpqemu_msg_valid(MPQemuMsg *msg) { - if (msg->cmd >= MPQEMU_CMD_MAX && msg->cmd < 0) { + if (msg->cmd >= MPQEMU_CMD_MAX || msg->cmd < 0) { return false; } From 52a1c621f9d56d18212273c64b4119513a2db1f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Wed, 5 May 2021 18:10:46 +0200 Subject: [PATCH 14/16] target/sh4: Return error if CPUClass::get_phys_page_debug() fails MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If the get_physical_address() call fails, the SH4 get_phys_page_debug() handler returns an uninitialized address. Instead return -1, which correspond to "no page found" (see cpu_get_phys_page_debug() doc string). This fixes a warning emitted when building with CFLAGS=-O3 (using GCC 10.2.1 20201125): target/sh4/helper.c: In function ‘superh_cpu_get_phys_page_debug’: target/sh4/helper.c:446:12: warning: ‘physical’ may be used uninitialized in this function [-Wmaybe-uninitialized] 446 | return physical; | ^~~~~~~~ Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Reviewed-by: Yoshinori Sato Message-Id: <20210505161046.1397608-1-f4bug@amsat.org> Signed-off-by: Laurent Vivier --- target/sh4/helper.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/target/sh4/helper.c b/target/sh4/helper.c index bd8e034f17..2d622081e8 100644 --- a/target/sh4/helper.c +++ b/target/sh4/helper.c @@ -441,9 +441,12 @@ hwaddr superh_cpu_get_phys_page_debug(CPUState *cs, vaddr addr) target_ulong physical; int prot; - get_physical_address(&cpu->env, &physical, &prot, addr, MMU_DATA_LOAD); + if (get_physical_address(&cpu->env, &physical, &prot, addr, MMU_DATA_LOAD) + == MMU_OK) { + return physical; + } - return physical; + return -1; } void cpu_load_tlb(CPUSH4State * env) From 6cd04a88fa3fc5941fcd3677355e1b75efe9c7a8 Mon Sep 17 00:00:00 2001 From: Frederic Konrad Date: Wed, 28 Apr 2021 21:15:19 +0200 Subject: [PATCH 15/16] hw/avr/atmega.c: use the avr51 cpu for atmega1280 According to the as documentation: (https://sourceware.org/binutils/docs-2.36/as/AVR-Options.html) "Instruction set avr51 is for the enhanced AVR core with exactly 128K program memory space (MCU types: atmega128, atmega128a, atmega1280, atmega1281, atmega1284, atmega1284p, atmega128rfa1, atmega128rfr2, atmega1284rfr2, at90can128, at90usb1286, at90usb1287, m3000)." But when compiling a program for atmega1280 or avr51 and trying to execute it: $ cat > test.S << EOF > loop: > rjmp loop > EOF $ avr-gcc -nostdlib -nostartfiles -mmcu=atmega1280 test.S -o test.elf $ qemu-system-avr -serial mon:stdio -nographic -no-reboot -M mega \ -bios test.elf qemu-system-avr: Current machine: Arduino Mega (ATmega1280) with 'avr6' CPU qemu-system-avr: ELF image 'test.elf' is for 'avr51' CPU So this fixes the atmega1280 class to use an avr51 CPU. Signed-off-by: Frederic Konrad Reviewed-by: Joaquin de Andres Message-Id: <1619637319-22299-1-git-send-email-frederic.konrad@adacore.com> Signed-off-by: Laurent Vivier --- hw/avr/atmega.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/avr/atmega.c b/hw/avr/atmega.c index 80b8a41cb5..0608e2d475 100644 --- a/hw/avr/atmega.c +++ b/hw/avr/atmega.c @@ -401,7 +401,7 @@ static void atmega1280_class_init(ObjectClass *oc, void *data) { AtmegaMcuClass *amc = ATMEGA_MCU_CLASS(oc); - amc->cpu_type = AVR_CPU_TYPE_NAME("avr6"); + amc->cpu_type = AVR_CPU_TYPE_NAME("avr51"); amc->flash_size = 128 * KiB; amc->eeprom_size = 4 * KiB; amc->sram_size = 8 * KiB; From 29f9c636894c462fa54fad08049e51877905e93b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Sun, 2 May 2021 21:09:00 +0200 Subject: [PATCH 16/16] target/avr: Ignore unimplemented WDR opcode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Running the WDR opcode triggers a segfault: $ cat > foo.S << EOF > __start: > wdr > EOF $ avr-gcc -nostdlib -nostartfiles -mmcu=avr6 foo.S -o foo.elf $ qemu-system-avr -serial mon:stdio -nographic -no-reboot \ -M mega -bios foo.elf -d in_asm --singlestep IN: 0x00000000: WDR Segmentation fault (core dumped) (gdb) bt #0 0x00005555add0b23a in gdb_get_cpu_pid (cpu=0x5555af5a4af0) at ../gdbstub.c:718 #1 0x00005555add0b2dd in gdb_get_cpu_process (cpu=0x5555af5a4af0) at ../gdbstub.c:743 #2 0x00005555add0e477 in gdb_set_stop_cpu (cpu=0x5555af5a4af0) at ../gdbstub.c:2742 #3 0x00005555adc99b96 in cpu_handle_guest_debug (cpu=0x5555af5a4af0) at ../softmmu/cpus.c:306 #4 0x00005555adcc66ab in rr_cpu_thread_fn (arg=0x5555af5a4af0) at ../accel/tcg/tcg-accel-ops-rr.c:224 #5 0x00005555adefaf12 in qemu_thread_start (args=0x5555af5d9870) at ../util/qemu-thread-posix.c:521 #6 0x00007f692d940ea5 in start_thread () from /lib64/libpthread.so.0 #7 0x00007f692d6699fd in clone () from /lib64/libc.so.6 Since the watchdog peripheral is not implemented, simply log the opcode as unimplemented and keep going. Reported-by: Fred Konrad Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: KONRAD Frederic Message-Id: <20210502190900.604292-1-f4bug@amsat.org> Signed-off-by: Laurent Vivier --- target/avr/helper.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/target/avr/helper.c b/target/avr/helper.c index 35e1019594..981c29da45 100644 --- a/target/avr/helper.c +++ b/target/avr/helper.c @@ -188,11 +188,7 @@ void helper_break(CPUAVRState *env) void helper_wdr(CPUAVRState *env) { - CPUState *cs = env_cpu(env); - - /* WD is not implemented yet, placeholder */ - cs->exception_index = EXCP_DEBUG; - cpu_loop_exit(cs); + qemu_log_mask(LOG_UNIMP, "WDG reset (not implemented)\n"); } /*