Re: [PATCH] docs/about: Update the support statement for Windows

[Thomas Huth]

On 05/05/2022 17.09, Daniel P. Berrangé wrote:

On Thu, May 05, 2022 at 04:12:11PM +0200, Thomas Huth wrote:

On 05/05/2022 13.55, Daniel P. Berrangé wrote:

On Thu, May 05, 2022 at 09:14:57AM +0100, Daniel P. Berrangé wrote:

On Thu, May 05, 2022 at 09:48:41AM +0200, Thomas Huth wrote:

Our support statement for Windows currently talks about "Vista / Server
2008" - which is related to the API of Windows, and this is not easy
to understand for the non-technical users. It might also not be quite
true anymore, since we only compile-test QEMU with recent toolchains.


We documented Vista / Server 2008 because that is what our code is
declaring it wants in terms of Windows public APIs:

In osdep.h we have:

#ifdef _WIN32
/* as defined in sdkddkver.h */
#ifndef _WIN32_WINNT
#define _WIN32_WINNT 0x0600 /* Vista */
#endif

which tells Mingw / MSys not to expose windows header file declarations
that post-date Vista.


Of course we rely on 3rd party libraries and in particular GLib2 is
mandatory, and it also set _WIN32_WINNT. So our constraint is the
newer of the _WIN32_WINNT constraint set by QEMU and whatever version
of GLib2 being compiled against.

QEMU sets a min GLib of 2.56, and that version of GLib sets 0x0601
which means Windows >= 7.  So even though QEMU only asks for Vista,
in practice our minimum is 7.


Windows 7 does not receive any security updates since 2020 anymore, so I'd
rather would bump it to the level of Windows 8.1 directly instead. Or
directly go for Windows 10 to mimic the behavior that we have with most of
the Linux distros (max. two major releases at a time).


I like the simplicity of having the same rule everywhere.

I'm a little wary of people being stuck on old versions, when I see
current articles like this showing 20% of people still on Win7, way
more than Win8 surprisingly.

https://www.statista.com/statistics/993868/worldwide-windows-operating-system-market-share/


I still think it would be better to not provide QEMU to people who fail to 
make sure that their host system is up to date with security patches...



The thing with bumping the _WIN32_WINNT version higher though is that
we're not really doing it for any compelling technical reasons. Usually
when we bump min glib, it lets us cut out compatibility hacks and/or
get access to new APIs.

Bumping _WIN32_WINNT can do that, but the interesting place where that's
useful is mostly in GLib. I'm not sure what we'd make use of in the QEMU
side from setting a newer _WIN32_WINNT. Hence my suggestion that we just
let min GLib drive our min _WIN32_WINNT setting.


Ok, fair point. So let's raise the WIN32_WINNT setting to the same level as 
glib - but I think our support statement in our docs could be independent 
from that... I'll try to come up with a different phrasing in v2 of this patch.


 Thomas

[PATCH v2] docs/about: Update the support statement for Windows

[Thomas Huth]

Our support statement for Windows currently talks about "Vista / Server
2008" - which is related to the API of Windows, and this is not easy
to understand for the non-technical users. Additionally, glib sets the
_WIN32_WINNT macro to 0x0601 already, which indicates the Windows 7 API,
so QEMU effectively depends on the Windows 7 API, too.

Thus let's bump the _WIN32_WINNT setting in QEMU to the same level as
glib uses and adjust our support statement in the documentation to
something similar that we're using for Linux and the *BSD systems
(i.e. only the two most recent versions), which should hopefully be
easier to understand for the users now.

And since we're nowadays also compile-testing QEMU with MSYS2 on Windows
itself, I think we could mention this build environment here, too.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/880
Signed-off-by: Thomas Huth 
---
 v2: Rephrase and update the _WIN32_WINNT macro, too

 docs/about/build-platforms.rst | 14 +-
 include/qemu/osdep.h   |  2 +-
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/docs/about/build-platforms.rst b/docs/about/build-platforms.rst
index e9163ba556..1958edb430 100644
--- a/docs/about/build-platforms.rst
+++ b/docs/about/build-platforms.rst
@@ -86,11 +86,15 @@ similar versions.
 Windows
 ---
 
-The project supports building with current versions of the MinGW toolchain,
-hosted on Linux (Debian/Fedora).
-
-The version of the Windows API that's currently targeted is Vista / Server
-2008.
+The project aims to support the two most recent versions of Windows that are
+still supported by the vendor. The minimum Windows API that is currently
+targeted is "Windows 7", so theoretically the QEMU binaries can still be run
+on older versions of Windows, too. However, such old versions of Windows are
+not tested anymore, so it is recommended to use one of the latest versions of
+Windows instead.
+
+The project supports building QEMU with current versions of the MinGW
+toolchain, either hosted on Linux (Debian/Fedora) or via MSYS2 on Windows.
 
 .. _Homebrew: https://brew.sh/
 .. _MacPorts: https://www.macports.org/
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 1c1e7eca98..e2f88597b6 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -75,7 +75,7 @@ QEMU_EXTERN_C int daemon(int, int);
 #ifdef _WIN32
 /* as defined in sdkddkver.h */
 #ifndef _WIN32_WINNT
-#define _WIN32_WINNT 0x0600 /* Vista */
+#define _WIN32_WINNT 0x0601 /* Windows 7 API */
 #endif
 /* reduces the number of implicitly included headers */
 #ifndef WIN32_LEAN_AND_MEAN
-- 
2.27.0

Re: [PATCH] util: NUMA aware memory preallocation

[Paolo Bonzini]

On 5/11/22 18:54, Daniel P. Berrangé wrote:

On Wed, May 11, 2022 at 01:07:47PM +0200, Paolo Bonzini wrote:

On 5/11/22 12:10, Daniel P. Berrangé wrote:

I expect creating/deleting I/O threads is cheap in comparison to
the work done for preallocation. If libvirt is using -preconfig
and object-add to create the memory backend, then we could have
option of creating the I/O threads dynamically in -preconfig mode,
create the memory backend, and then delete the I/O threads again.


I think this is very overengineered.  Michal's patch is doing the obvious
thing and if it doesn't work that's because Libvirt is trying to micromanage
QEMU.


Calling it micromanaging is putting a very negative connotation on
this. What we're trying todo is enforce a host resource policy for
QEMU, in a way that a compromised QEMU can't escape, which is a
valuable protection.


I'm sorry if that was a bit exaggerated, but the negative connotation 
was intentional.



As mentioned on IRC, if the reason is to prevent moving around threads in
realtime (SCHED_FIFO, SCHED_RR) classes, that should be fixed at the kernel
level.


We use cgroups where it is available to us, but we don't always have
the freedom that we'd like.


I understand.  I'm thinking of a new flag to sched_setscheduler that 
fixes the CPU affinity and policy of the thread and prevents changing it 
in case QEMU is compromised later.  The seccomp/SELinux sandboxes can 
prevent setting the SCHED_FIFO class without this flag.


In addition, my hunch is that this works only because the RT setup of 
QEMU is not safe against priority inversion.  IIRC the iothreads are set 
with a non-realtime priority, but actually they should have a _higher_ 
priority than the CPU threads, and the thread pool I/O bound workers 
should have an even higher priority; otherwise you have a priority 
inversion situation where an interrupt is pending that would wake up the 
CPU, but the iothreads cannot process it because they have a lower 
priority than the CPU.


So the iothread and the associated util/thread-pool.c thread pool are 
the wrong tools to solve Michal's issue; they are not meant for 
background CPU-bound work, even though they _might_ work due to their 
incorrect RT setup.


Paolo

Re: [PATCH] vhost-backend: do not depend on CONFIG_VHOST_VSOCK

[Stefano Garzarella]

On Wed, May 11, 2022 at 09:43:28AM +0200, Paolo Bonzini wrote:

The vsock callbacks .vhost_vsock_set_guest_cid and
.vhost_vsock_set_running are the only ones to be conditional
on #ifdef CONFIG_VHOST_VSOCK.  This is different from any other
device-dependent callbacks like .vhost_scsi_set_endpoint, and it
also broke when CONFIG_VHOST_VSOCK was changed to a per-target
symbol.

It would be possible to also use the CONFIG_DEVICES include, but
really there is no reason for most virtio files to be per-target
so just remove the #ifdef to fix the issue.



I'm i doubt whether or not to add the following Fixes tag, since that 
commit only highlighted the problem:


Fixes: 9972ae314f ("build: move vhost-vsock configuration to Kconfig")


Reported-by: Dov Murik 
Signed-off-by: Paolo Bonzini 
---
hw/virtio/vhost-backend.c | 4 
1 file changed, 4 deletions(-)


Anyway, the path LGTM:

Reviewed-by: Stefano Garzarella 

Thanks,
Stefano



diff --git a/hw/virtio/vhost-backend.c b/hw/virtio/vhost-backend.c
index e409a865ae..4de8b6b3b0 100644
--- a/hw/virtio/vhost-backend.c
+++ b/hw/virtio/vhost-backend.c
@@ -203,7 +203,6 @@ static int vhost_kernel_get_vq_index(struct vhost_dev *dev, 
int idx)
return idx - dev->vq_index;
}

-#ifdef CONFIG_VHOST_VSOCK
static int vhost_kernel_vsock_set_guest_cid(struct vhost_dev *dev,
uint64_t guest_cid)
{
@@ -214,7 +213,6 @@ static int vhost_kernel_vsock_set_running(struct vhost_dev 
*dev, int start)
{
return vhost_kernel_call(dev, VHOST_VSOCK_SET_RUNNING, &start);
}
-#endif /* CONFIG_VHOST_VSOCK */

static void vhost_kernel_iotlb_read(void *opaque)
{
@@ -319,10 +317,8 @@ const VhostOps kernel_ops = {
.vhost_set_owner = vhost_kernel_set_owner,
.vhost_reset_device = vhost_kernel_reset_device,
.vhost_get_vq_index = vhost_kernel_get_vq_index,
-#ifdef CONFIG_VHOST_VSOCK
.vhost_vsock_set_guest_cid = vhost_kernel_vsock_set_guest_cid,
.vhost_vsock_set_running = vhost_kernel_vsock_set_running,
-#endif /* CONFIG_VHOST_VSOCK */
.vhost_set_iotlb_callback = vhost_kernel_set_iotlb_callback,
.vhost_send_device_iotlb_msg = vhost_kernel_send_device_iotlb_msg,
};
--
2.36.0

[RFC PATCH v2 4/8] net: stream: Don't ignore EINVAL on netdev socket connection

[Laurent Vivier]

From: Stefano Brivio 

Other errors are treated as failure by net_stream_client_init(),
but if connect() returns EINVAL, we'll fail silently. Remove the
related exception.

Signed-off-by: Stefano Brivio 
[lvivier: applied to net/stream.c]
Signed-off-by: Laurent Vivier 
---
 net/stream.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/net/stream.c b/net/stream.c
index fdc97ee43a56..12fc26b9f4c7 100644
--- a/net/stream.c
+++ b/net/stream.c
@@ -365,8 +365,7 @@ static int net_stream_client_init(NetClientState *peer,
 if (errno == EINTR || errno == EWOULDBLOCK) {
 /* continue */
 } else if (errno == EINPROGRESS ||
-   errno == EALREADY ||
-   errno == EINVAL) {
+   errno == EALREADY) {
 break;
 } else {
 error_setg_errno(errp, errno, "can't connect socket");
-- 
2.35.3

[RFC PATCH v2 7/8] net: dgram: move mcast specific code from net_socket_fd_init_dgram()

[Laurent Vivier]

It is less complex to manage special cases directly in
net_dgram_mcast_init() and net_dgram_udp_init().

Signed-off-by: Laurent Vivier 
---
 net/dgram.c | 143 +++-
 1 file changed, 73 insertions(+), 70 deletions(-)

diff --git a/net/dgram.c b/net/dgram.c
index 16b4d4c94c81..c0cf0410792e 100644
--- a/net/dgram.c
+++ b/net/dgram.c
@@ -301,52 +301,11 @@ static NetClientInfo net_dgram_socket_info = {
 static NetDgramState *net_dgram_fd_init_dgram(NetClientState *peer,
   const char *model,
   const char *name,
-  int fd, int is_fd,
-  SocketAddress *mcast,
+  int fd,
   Error **errp)
 {
-struct sockaddr_in *saddr = NULL;
-int newfd;
 NetClientState *nc;
 NetDgramState *s;
-SocketAddress *sa;
-SocketAddressType sa_type;
-
-sa = socket_local_address(fd, errp);
-if (!sa) {
-return NULL;
-}
-sa_type = sa->type;
-qapi_free_SocketAddress(sa);
-
-/*
- * fd passed: multicast: "learn" dgram_dst address from bound address and
- * save it. Because this may be "shared" socket from a "master" process,
- * datagrams would be recv() by ONLY ONE process: we must "clone" this
- * dgram socket --jjo
- */
-
-if (is_fd && mcast != NULL) {
-saddr = g_new(struct sockaddr_in, 1);
-
-if (convert_host_port(saddr, mcast->u.inet.host, 
mcast->u.inet.port,
-  errp) < 0) {
-goto err;
-}
-/* must be bound */
-if (saddr->sin_addr.s_addr == 0) {
-error_setg(errp, "can't setup multicast destination address");
-goto err;
-}
-/* clone dgram socket */
-newfd = net_dgram_mcast_create(saddr, NULL, errp);
-if (newfd < 0) {
-goto err;
-}
-/* clone newfd to fd, close newfd */
-dup2(newfd, fd);
-close(newfd);
-}
 
 nc = qemu_new_net_client(&net_dgram_socket_info, peer, model, name);
 
@@ -358,24 +317,7 @@ static NetDgramState 
*net_dgram_fd_init_dgram(NetClientState *peer,
 net_socket_rs_init(&s->rs, net_dgram_rs_finalize, false);
 net_dgram_read_poll(s, true);
 
-/* mcast: save bound address as dst */
-if (saddr) {
-g_assert(s->dgram_dst == NULL);
-s->dgram_dst = (struct sockaddr *)saddr;
-snprintf(nc->info_str, sizeof(nc->info_str),
- "fd=%d (cloned mcast=%s:%d)",
- fd, inet_ntoa(saddr->sin_addr), ntohs(saddr->sin_port));
-} else {
-snprintf(nc->info_str, sizeof(nc->info_str), "fd=%d %s", fd,
- SocketAddressType_str(sa_type));
-}
-
 return s;
-
-err:
-g_free(saddr);
-closesocket(fd);
-return NULL;
 }
 
 static void net_dgram_connect(void *opaque)
@@ -420,6 +362,7 @@ static int net_dgram_mcast_init(NetClientState *peer,
 NetDgramState *s;
 int fd, ret;
 struct sockaddr_in *saddr;
+gchar *info_str;
 
 if (remote->type != SOCKET_ADDRESS_TYPE_INET) {
 error_setg(errp, "multicast only support inet type");
@@ -439,6 +382,9 @@ static int net_dgram_mcast_init(NetClientState *peer,
 g_free(saddr);
 return -1;
 }
+info_str = g_strdup_printf("mcast=%s:%d",
+   inet_ntoa(saddr->sin_addr),
+   ntohs(saddr->sin_port));
 } else {
 switch (local->type) {
 case SOCKET_ADDRESS_TYPE_INET: {
@@ -456,9 +402,14 @@ static int net_dgram_mcast_init(NetClientState *peer,
 g_free(saddr);
 return -1;
 }
+info_str = g_strdup_printf("mcast=%s:%d",
+   inet_ntoa(saddr->sin_addr),
+   ntohs(saddr->sin_port));
 break;
 }
-case SOCKET_ADDRESS_TYPE_FD:
+case SOCKET_ADDRESS_TYPE_FD: {
+int newfd;
+
 fd = monitor_fd_param(monitor_cur(), local->u.fd.str, errp);
 if (fd == -1) {
 g_free(saddr);
@@ -471,7 +422,46 @@ static int net_dgram_mcast_init(NetClientState *peer,
  name, fd);
 return -1;
 }
+
+/*
+ * fd passed: multicast: "learn" dgram_dst address from bound
+ * address and save it. Because this may be "shared" socket from a
+ * "master" process, datagrams would be recv() by ONLY ONE process:
+ * we must "clone" this dgram socket --jjo
+ */
+
+saddr = g_new(struct sockaddr_in, 1);
+
+if (convert_host_port(saddr,

[RFC PATCH v2 3/8] qapi: net: add stream and dgram netdevs

[Laurent Vivier]

Copied from socket netdev file and modified to use SocketAddress
to be able to introduce new features like unix socket.

"udp" and "mcast" are squashed into dgram netdev, multicast is detected
according to the IP address type.
"listen" and "connect" modes are managed by stream netdev. An optional
parameter "server" defines the mode (server by default)

Signed-off-by: Laurent Vivier 
---
 hmp-commands.hx |   2 +-
 net/clients.h   |   6 +
 net/dgram.c | 630 
 net/hub.c   |   2 +
 net/meson.build |   2 +
 net/net.c   |  24 +-
 net/stream.c| 425 
 qapi/net.json   |  38 ++-
 8 files changed, 1125 insertions(+), 4 deletions(-)
 create mode 100644 net/dgram.c
 create mode 100644 net/stream.c

diff --git a/hmp-commands.hx b/hmp-commands.hx
index 03e6a73d1f55..172dbab1dfed 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -1269,7 +1269,7 @@ ERST
 {
 .name   = "netdev_add",
 .args_type  = "netdev:O",
-.params = 
"[user|tap|socket|vde|bridge|hubport|netmap|vhost-user],id=str[,prop=value][,...]",
+.params = 
"[user|tap|socket|stream|dgram|vde|bridge|hubport|netmap|vhost-user],id=str[,prop=value][,...]",
 .help   = "add host network device",
 .cmd= hmp_netdev_add,
 .command_completion = netdev_add_completion,
diff --git a/net/clients.h b/net/clients.h
index 92f9b59aedce..c1b51d79b147 100644
--- a/net/clients.h
+++ b/net/clients.h
@@ -40,6 +40,12 @@ int net_init_hubport(const Netdev *netdev, const char *name,
 int net_init_socket(const Netdev *netdev, const char *name,
 NetClientState *peer, Error **errp);
 
+int net_init_stream(const Netdev *netdev, const char *name,
+NetClientState *peer, Error **errp);
+
+int net_init_dgram(const Netdev *netdev, const char *name,
+   NetClientState *peer, Error **errp);
+
 int net_init_tap(const Netdev *netdev, const char *name,
  NetClientState *peer, Error **errp);
 
diff --git a/net/dgram.c b/net/dgram.c
new file mode 100644
index ..aa4240501ed0
--- /dev/null
+++ b/net/dgram.c
@@ -0,0 +1,630 @@
+/*
+ * QEMU System Emulator
+ *
+ * Copyright (c) 2003-2008 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to 
deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include "qemu/osdep.h"
+
+#include "net/net.h"
+#include "clients.h"
+#include "monitor/monitor.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu/option.h"
+#include "qemu/sockets.h"
+#include "qemu/iov.h"
+#include "qemu/main-loop.h"
+#include "qemu/cutils.h"
+
+typedef struct NetDgramState {
+NetClientState nc;
+int listen_fd;
+int fd;
+SocketReadState rs;
+  /* contains inet host and port destination iff connectionless (SOCK_DGRAM) */
+struct sockaddr_in dgram_dst;
+IOHandler *send_fn;   /* differs between SOCK_STREAM/SOCK_DGRAM */
+bool read_poll;   /* waiting to receive data? */
+bool write_poll;  /* waiting to transmit data? */
+} NetDgramState;
+
+static void net_dgram_accept(void *opaque);
+static void net_dgram_writable(void *opaque);
+
+static void net_dgram_update_fd_handler(NetDgramState *s)
+{
+qemu_set_fd_handler(s->fd,
+s->read_poll ? s->send_fn : NULL,
+s->write_poll ? net_dgram_writable : NULL,
+s);
+}
+
+static void net_dgram_read_poll(NetDgramState *s, bool enable)
+{
+s->read_poll = enable;
+net_dgram_update_fd_handler(s);
+}
+
+static void net_dgram_write_poll(NetDgramState *s, bool enable)
+{
+s->write_poll = enable;
+net_dgram_update_fd_handler(s);
+}
+
+static void net_dgram_writable(void *opaque)
+{
+NetDgramState *s = opaque;
+
+net_dgram_write_poll(s, false);
+
+qemu_flush_queued_packets(&s->nc);
+}
+
+static ssize_t net_dgram_receive_dgram(NetClientState

[RFC PATCH v2 5/8] net: stream: add unix socket

[Laurent Vivier]

Signed-off-by: Laurent Vivier 
---
 net/stream.c | 106 +++
 1 file changed, 99 insertions(+), 7 deletions(-)

diff --git a/net/stream.c b/net/stream.c
index 12fc26b9f4c7..dca50508ed84 100644
--- a/net/stream.c
+++ b/net/stream.c
@@ -234,7 +234,7 @@ static NetStreamState 
*net_stream_fd_init_stream(NetClientState *peer,
 static void net_stream_accept(void *opaque)
 {
 NetStreamState *s = opaque;
-struct sockaddr_in saddr;
+struct sockaddr_storage saddr;
 socklen_t len;
 int fd;
 
@@ -252,9 +252,27 @@ static void net_stream_accept(void *opaque)
 s->fd = fd;
 s->nc.link_down = false;
 net_stream_connect(s);
-snprintf(s->nc.info_str, sizeof(s->nc.info_str),
- "connection from %s:%d",
- inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port));
+switch (saddr.ss_family) {
+case AF_INET: {
+struct sockaddr_in *saddr_in = (struct sockaddr_in *)&saddr;
+
+snprintf(s->nc.info_str, sizeof(s->nc.info_str),
+ "connection from %s:%d",
+ inet_ntoa(saddr_in->sin_addr), ntohs(saddr_in->sin_port));
+break;
+}
+case AF_UNIX: {
+struct sockaddr_un saddr_un;
+
+len = sizeof(saddr_un);
+getsockname(s->listen_fd, (struct sockaddr *)&saddr_un, &len);
+snprintf(s->nc.info_str, sizeof(s->nc.info_str),
+ "connect from %s", saddr_un.sun_path);
+break;
+}
+default:
+g_assert_not_reached();
+}
 }
 
 static int net_stream_server_init(NetClientState *peer,
@@ -295,8 +313,40 @@ static int net_stream_server_init(NetClientState *peer,
 break;
 }
 case SOCKET_ADDRESS_TYPE_UNIX: {
-error_setg(errp, "only support inet type");
-return -1;
+struct sockaddr_un saddr_un;
+
+ret = unlink(addr->u.q_unix.path);
+if (ret < 0 && errno != ENOENT) {
+error_setg_errno(errp, errno, "failed to unlink socket %s",
+ addr->u.q_unix.path);
+return -1;
+}
+
+saddr_un.sun_family = PF_UNIX;
+ret = snprintf(saddr_un.sun_path, sizeof(saddr_un.sun_path), "%s",
+   addr->u.q_unix.path);
+if (ret < 0 || ret >= sizeof(saddr_un.sun_path)) {
+error_setg(errp, "UNIX socket path '%s' is too long",
+   addr->u.q_unix.path);
+error_append_hint(errp, "Path must be less than %zu bytes\n",
+  sizeof(saddr_un.sun_path));
+}
+
+fd = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
+if (fd < 0) {
+error_setg_errno(errp, errno, "can't create stream socket");
+return -1;
+}
+qemu_socket_set_nonblock(fd);
+
+ret = bind(fd, (struct sockaddr *)&saddr_un, sizeof(saddr_un));
+if (ret < 0) {
+error_setg_errno(errp, errno, "can't create socket with path: %s",
+ saddr_un.sun_path);
+closesocket(fd);
+return -1;
+}
+break;
 }
 case SOCKET_ADDRESS_TYPE_FD:
 fd = monitor_fd_param(monitor_cur(), addr->u.fd.str, errp);
@@ -382,6 +432,48 @@ static int net_stream_client_init(NetClientState *peer,
ntohs(saddr_in.sin_port));
 break;
 }
+case SOCKET_ADDRESS_TYPE_UNIX: {
+struct sockaddr_un saddr_un;
+
+saddr_un.sun_family = PF_UNIX;
+ret = snprintf(saddr_un.sun_path, sizeof(saddr_un.sun_path), "%s",
+   addr->u.q_unix.path);
+if (ret < 0 || ret >= sizeof(saddr_un.sun_path)) {
+error_setg(errp, "UNIX socket path '%s' is too long",
+   addr->u.q_unix.path);
+error_append_hint(errp, "Path must be less than %zu bytes\n",
+  sizeof(saddr_un.sun_path));
+}
+
+fd = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
+if (fd < 0) {
+error_setg_errno(errp, errno, "can't create stream socket");
+return -1;
+}
+qemu_socket_set_nonblock(fd);
+
+connected = 0;
+for (;;) {
+ret = connect(fd, (struct sockaddr *)&saddr_un, sizeof(saddr_un));
+if (ret < 0) {
+if (errno == EINTR || errno == EWOULDBLOCK) {
+/* continue */
+} else if (errno == EAGAIN ||
+   errno == EALREADY) {
+break;
+} else {
+error_setg_errno(errp, errno, "can't connect socket");
+closesocket(fd);
+return -1;
+}
+} else {
+connected = 1;
+break;
+}
+}
+info_str = g_strdup_printf(" connect to %s", saddr_un.sun_path);
+break;
+}
 case SOCKET_ADDRESS_TYPE_FD:
 fd = monitor_fd_para

[RFC PATCH v2 2/8] qapi: net: introduce a way to bypass qemu_opts_parse_noisily()

[Laurent Vivier]

As qemu_opts_parse_noisily() flattens the QAPI structures ("type" field
of Netdev structure can collides with "type" field of SocketAddress),
we introduce a way to bypass qemu_opts_parse_noisily() and use directly
visit_type_Netdev() to parse the backend parameters.

Signed-off-by: Laurent Vivier 
---
 net/net.c | 54 ++
 1 file changed, 54 insertions(+)

diff --git a/net/net.c b/net/net.c
index 58c05c200622..2aab7167316c 100644
--- a/net/net.c
+++ b/net/net.c
@@ -54,6 +54,7 @@
 #include "net/colo-compare.h"
 #include "net/filter.h"
 #include "qapi/string-output-visitor.h"
+#include "qapi/qobject-input-visitor.h"
 
 /* Net bridge is currently not supported for W32. */
 #if !defined(_WIN32)
@@ -63,6 +64,17 @@
 static VMChangeStateEntry *net_change_state_entry;
 static QTAILQ_HEAD(, NetClientState) net_clients;
 
+typedef struct NetdevQueueEntry {
+bool is_netdev;
+Netdev *nd;
+Location loc;
+QSIMPLEQ_ENTRY(NetdevQueueEntry) entry;
+} NetdevQueueEntry;
+
+typedef QSIMPLEQ_HEAD(, NetdevQueueEntry) NetdevQueue;
+
+static NetdevQueue nd_queue = QSIMPLEQ_HEAD_INITIALIZER(nd_queue);
+
 /***/
 /* network device redirectors */
 
@@ -1559,6 +1571,19 @@ int net_init_clients(Error **errp)
 
 QTAILQ_INIT(&net_clients);
 
+while (!QSIMPLEQ_EMPTY(&nd_queue)) {
+NetdevQueueEntry *nd = QSIMPLEQ_FIRST(&nd_queue);
+
+QSIMPLEQ_REMOVE_HEAD(&nd_queue, entry);
+loc_push_restore(&nd->loc);
+if (net_client_init1(nd->nd, nd->is_netdev, errp) < 0) {
+return -1;
+}
+loc_pop(&nd->loc);
+qapi_free_Netdev(nd->nd);
+g_free(nd);
+}
+
 if (qemu_opts_foreach(qemu_find_opts("netdev"),
   net_init_netdev, NULL, errp)) {
 return -1;
@@ -1575,8 +1600,37 @@ int net_init_clients(Error **errp)
 return 0;
 }
 
+/*
+ * netdev_is_modern() returns true when the backend needs to bypass
+ * qemu_opts_parse_noisily()
+ */
+static bool netdev_is_modern(const char *optarg)
+{
+return false;
+}
+
 int net_client_parse(QemuOptsList *opts_list, const char *optarg)
 {
+if (netdev_is_modern(optarg)) {
+/*
+ * We need to bypass qemu_opts_parse_noisily() to accept
+ * new style object like addr.type=inet in SocketAddress
+ */
+Visitor *v;
+NetdevQueueEntry *nd;
+
+v = qobject_input_visitor_new_str(optarg, "type",
+  &error_fatal);
+nd = g_new(NetdevQueueEntry, 1);
+visit_type_Netdev(v, NULL, &nd->nd, &error_fatal);
+visit_free(v);
+loc_save(&nd->loc);
+nd->is_netdev = strcmp(opts_list->name, "netdev") == 0;
+
+QSIMPLEQ_INSERT_TAIL(&nd_queue, nd, entry);
+return 0;
+}
+
 if (!qemu_opts_parse_noisily(opts_list, optarg, true)) {
 return -1;
 }
-- 
2.35.3

[RFC PATCH v2 0/8] qapi: net: add unix socket type support to netdev backend

[Laurent Vivier]

"-netdev socket" only supports inet sockets.

It's not a complex task to add support for unix sockets, but
the socket netdev parameters are not defined to manage well unix
socket parameters.

As discussed in:

  "socket.c added support for unix domain socket datagram transport"
  
https://lore.kernel.org/qemu-devel/1c0e1bc5-904f-46b0-8044-68e43e67b...@gmail.com/

This series adds support of unix socket type using SocketAddress QAPI structure.

Two new netdev backends, "stream" and "dgram" are added, that are barely a copy 
of "socket"
backend but they use the SocketAddress QAPI to provide socket parameters.
And then they also implement unix sockets (TCP and UDP).

Some examples of CLI syntax:

  for TCP:

  -netdev stream,id=socket0,addr.type=inet,addr.host=localhost,addr.port=1234
  -netdev 
stream,id=socket0,server=off,addr.type=inet,addr.host=localhost,addr.port=1234

  -netdev dgram,id=socket0,\
  local.type=inet,local.host=localhost,local.port=1234,\
  remote.type=inet,remote.host=localhost,remote.port=1235

  for UNIX:

  -netdev stream,id=socket0,addr.type=unix,addr.path=/tmp/qemu0
  -netdev stream,id=socket0,server=off,addr.type=unix,addr.path=/tmp/qemu0

  -netdev dgram,id=socket0,\
  local.type=unix,local.path=/tmp/qemu0,\
  remote.type=unix,remote.path=/tmp/qemu1

  for FD:

  -netdev stream,id=socket0,addr.type=fd,addr.str=4
  -netdev stream,id=socket0,server=off,addr.type=fd,addr.str=5

  -netdev dgram,id=socket0,local.type=fd,addr.str=4

v2:
  - use "stream" and "dgram" rather than "socket-ng,mode=stream"
and ""socket-ng,mode=dgram"
  - extract code to bypass qemu_opts_parse_noisily() to
a new patch
  - do not ignore EINVAL (Stefano)
  - fix "-net" option

CC: Ralph Schmieder 
CC: Stefano Brivio 
CC: Daniel P. Berrangé 
CC: Markus Armbruster 

Laurent Vivier (7):
  net: introduce convert_host_port()
  qapi: net: introduce a way to bypass qemu_opts_parse_noisily()
  qapi: net: add stream and dgram netdevs
  net: stream: add unix socket
  net: dgram: make dgram_dst generic
  net: dgram: move mcast specific code from net_socket_fd_init_dgram()
  net: dgram: add unix socket

Stefano Brivio (1):
  net: stream: Don't ignore EINVAL on netdev socket connection

 hmp-commands.hx|   2 +-
 include/qemu/sockets.h |   2 +
 net/clients.h  |   6 +
 net/dgram.c| 706 +
 net/hub.c  |   2 +
 net/meson.build|   2 +
 net/net.c  | 138 ++--
 net/stream.c   | 516 ++
 qapi/net.json  |  38 ++-
 9 files changed, 1379 insertions(+), 33 deletions(-)
 create mode 100644 net/dgram.c
 create mode 100644 net/stream.c

-- 
2.35.3

[RFC PATCH v2 8/8] net: dgram: add unix socket

[Laurent Vivier]

Signed-off-by: Laurent Vivier 
---
 net/dgram.c | 65 ++---
 1 file changed, 62 insertions(+), 3 deletions(-)

diff --git a/net/dgram.c b/net/dgram.c
index c0cf0410792e..9f20bdbc163c 100644
--- a/net/dgram.c
+++ b/net/dgram.c
@@ -85,8 +85,15 @@ static ssize_t net_dgram_receive_dgram(NetClientState *nc,
 
 do {
 if (s->dgram_dst) {
-ret = sendto(s->fd, buf, size, 0, s->dgram_dst,
- sizeof(struct sockaddr_in));
+socklen_t len;
+
+if (s->dgram_dst->sa_family == AF_INET) {
+len = sizeof(struct sockaddr_in);
+} else {
+len = sizeof(struct sockaddr_un);
+}
+
+ret = sendto(s->fd, buf, size, 0, s->dgram_dst, len);
 } else {
 ret = send(s->fd, buf, size, 0);
 }
@@ -508,7 +515,7 @@ static int net_dgram_udp_init(NetClientState *peer,
 }
 } else {
 if (local->type != SOCKET_ADDRESS_TYPE_FD) {
-error_setg(errp, "type=inet requires remote parameter");
+error_setg(errp, "type=inet or unix require remote parameter");
 return -1;
 }
 }
@@ -558,6 +565,58 @@ static int net_dgram_udp_init(NetClientState *peer,
 
 break;
 }
+case SOCKET_ADDRESS_TYPE_UNIX: {
+struct sockaddr_un laddr_un, raddr_un;
+
+ret = unlink(local->u.q_unix.path);
+if (ret < 0 && errno != ENOENT) {
+error_setg_errno(errp, errno, "failed to unlink socket %s",
+ local->u.q_unix.path);
+return -1;
+}
+
+laddr_un.sun_family = PF_UNIX;
+ret = snprintf(laddr_un.sun_path, sizeof(laddr_un.sun_path), "%s",
+   local->u.q_unix.path);
+if (ret < 0 || ret >= sizeof(laddr_un.sun_path)) {
+error_setg(errp, "UNIX socket path '%s' is too long",
+   local->u.q_unix.path);
+error_append_hint(errp, "Path must be less than %zu bytes\n",
+  sizeof(laddr_un.sun_path));
+}
+
+raddr_un.sun_family = PF_UNIX;
+ret = snprintf(raddr_un.sun_path, sizeof(raddr_un.sun_path), "%s",
+   remote->u.q_unix.path);
+if (ret < 0 || ret >= sizeof(raddr_un.sun_path)) {
+error_setg(errp, "UNIX socket path '%s' is too long",
+   remote->u.q_unix.path);
+error_append_hint(errp, "Path must be less than %zu bytes\n",
+  sizeof(raddr_un.sun_path));
+}
+
+fd = qemu_socket(PF_UNIX, SOCK_DGRAM, 0);
+if (fd < 0) {
+error_setg_errno(errp, errno, "can't create datagram socket");
+return -1;
+}
+
+ret = bind(fd, (struct sockaddr *)&laddr_un, sizeof(laddr_un));
+if (ret < 0) {
+error_setg_errno(errp, errno, "can't bind unix=%s to socket",
+ laddr_un.sun_path);
+closesocket(fd);
+return -1;
+}
+qemu_socket_set_nonblock(fd);
+
+dgram_dst = g_malloc(sizeof(raddr_un));
+memcpy(dgram_dst, &raddr_un, sizeof(raddr_un));
+
+info_str = g_strdup_printf("udp=%s:%s",
+   laddr_un.sun_path, raddr_un.sun_path);
+break;
+}
 case SOCKET_ADDRESS_TYPE_FD: {
 SocketAddress *sa;
 SocketAddressType sa_type;
-- 
2.35.3

[RFC PATCH v2 6/8] net: dgram: make dgram_dst generic

[Laurent Vivier]

dgram_dst is a sockaddr_in structure. To be able to use it with
unix socket, use a pointer to a generic sockaddr structure.

Signed-off-by: Laurent Vivier 
---
 net/dgram.c | 76 +++--
 1 file changed, 45 insertions(+), 31 deletions(-)

diff --git a/net/dgram.c b/net/dgram.c
index aa4240501ed0..16b4d4c94c81 100644
--- a/net/dgram.c
+++ b/net/dgram.c
@@ -39,9 +39,8 @@ typedef struct NetDgramState {
 int listen_fd;
 int fd;
 SocketReadState rs;
-  /* contains inet host and port destination iff connectionless (SOCK_DGRAM) */
-struct sockaddr_in dgram_dst;
-IOHandler *send_fn;   /* differs between SOCK_STREAM/SOCK_DGRAM */
+struct sockaddr *dgram_dst; /* contains destination iff connectionless */
+IOHandler *send_fn;
 bool read_poll;   /* waiting to receive data? */
 bool write_poll;  /* waiting to transmit data? */
 } NetDgramState;
@@ -85,10 +84,9 @@ static ssize_t net_dgram_receive_dgram(NetClientState *nc,
 ssize_t ret;
 
 do {
-if (s->dgram_dst.sin_family != AF_UNIX) {
-ret = sendto(s->fd, buf, size, 0,
- (struct sockaddr *)&s->dgram_dst,
- sizeof(s->dgram_dst));
+if (s->dgram_dst) {
+ret = sendto(s->fd, buf, size, 0, s->dgram_dst,
+ sizeof(struct sockaddr_in));
 } else {
 ret = send(s->fd, buf, size, 0);
 }
@@ -289,6 +287,8 @@ static void net_dgram_cleanup(NetClientState *nc)
 closesocket(s->listen_fd);
 s->listen_fd = -1;
 }
+g_free(s->dgram_dst);
+s->dgram_dst = NULL;
 }
 
 static NetClientInfo net_dgram_socket_info = {
@@ -305,7 +305,7 @@ static NetDgramState 
*net_dgram_fd_init_dgram(NetClientState *peer,
   SocketAddress *mcast,
   Error **errp)
 {
-struct sockaddr_in saddr;
+struct sockaddr_in *saddr = NULL;
 int newfd;
 NetClientState *nc;
 NetDgramState *s;
@@ -327,24 +327,25 @@ static NetDgramState 
*net_dgram_fd_init_dgram(NetClientState *peer,
  */
 
 if (is_fd && mcast != NULL) {
-if (convert_host_port(&saddr, mcast->u.inet.host,
-  mcast->u.inet.port, errp) < 0) {
+saddr = g_new(struct sockaddr_in, 1);
+
+if (convert_host_port(saddr, mcast->u.inet.host, 
mcast->u.inet.port,
+  errp) < 0) {
 goto err;
 }
 /* must be bound */
-if (saddr.sin_addr.s_addr == 0) {
+if (saddr->sin_addr.s_addr == 0) {
 error_setg(errp, "can't setup multicast destination address");
 goto err;
 }
 /* clone dgram socket */
-newfd = net_dgram_mcast_create(&saddr, NULL, errp);
+newfd = net_dgram_mcast_create(saddr, NULL, errp);
 if (newfd < 0) {
 goto err;
 }
 /* clone newfd to fd, close newfd */
 dup2(newfd, fd);
 close(newfd);
-
 }
 
 nc = qemu_new_net_client(&net_dgram_socket_info, peer, model, name);
@@ -358,16 +359,13 @@ static NetDgramState 
*net_dgram_fd_init_dgram(NetClientState *peer,
 net_dgram_read_poll(s, true);
 
 /* mcast: save bound address as dst */
-if (is_fd && mcast != NULL) {
-s->dgram_dst = saddr;
+if (saddr) {
+g_assert(s->dgram_dst == NULL);
+s->dgram_dst = (struct sockaddr *)saddr;
 snprintf(nc->info_str, sizeof(nc->info_str),
  "fd=%d (cloned mcast=%s:%d)",
- fd, inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port));
+ fd, inet_ntoa(saddr->sin_addr), ntohs(saddr->sin_port));
 } else {
-if (sa_type == SOCKET_ADDRESS_TYPE_UNIX) {
-s->dgram_dst.sin_family = AF_UNIX;
-}
-
 snprintf(nc->info_str, sizeof(nc->info_str), "fd=%d %s", fd,
  SocketAddressType_str(sa_type));
 }
@@ -375,6 +373,7 @@ static NetDgramState 
*net_dgram_fd_init_dgram(NetClientState *peer,
 return s;
 
 err:
+g_free(saddr);
 closesocket(fd);
 return NULL;
 }
@@ -420,21 +419,24 @@ static int net_dgram_mcast_init(NetClientState *peer,
 {
 NetDgramState *s;
 int fd, ret;
-struct sockaddr_in saddr;
+struct sockaddr_in *saddr;
 
 if (remote->type != SOCKET_ADDRESS_TYPE_INET) {
 error_setg(errp, "multicast only support inet type");
 return -1;
 }
 
-if (convert_host_port(&saddr, remote->u.inet.host, remote->u.inet.port,
+saddr = g_new(struct sockaddr_in, 1);
+if (convert_host_port(saddr, remote->u.inet.host, remote->u.inet.port,
   errp) < 0) {
+g_free(saddr);
 return -1;
 }
 
 if (!local) {
-fd = net_dgram_mcast_create(&saddr, NULL, errp);
+ 

Re: [PATCH] util: NUMA aware memory preallocation

[Daniel P . Berrangé]

On Thu, May 12, 2022 at 09:41:29AM +0200, Paolo Bonzini wrote:
> On 5/11/22 18:54, Daniel P. Berrangé wrote:
> > On Wed, May 11, 2022 at 01:07:47PM +0200, Paolo Bonzini wrote:
> > > On 5/11/22 12:10, Daniel P. Berrangé wrote:
> > > > I expect creating/deleting I/O threads is cheap in comparison to
> > > > the work done for preallocation. If libvirt is using -preconfig
> > > > and object-add to create the memory backend, then we could have
> > > > option of creating the I/O threads dynamically in -preconfig mode,
> > > > create the memory backend, and then delete the I/O threads again.
> > > 
> > > I think this is very overengineered.  Michal's patch is doing the obvious
> > > thing and if it doesn't work that's because Libvirt is trying to 
> > > micromanage
> > > QEMU.
> > 
> > Calling it micromanaging is putting a very negative connotation on
> > this. What we're trying todo is enforce a host resource policy for
> > QEMU, in a way that a compromised QEMU can't escape, which is a
> > valuable protection.
> 
> I'm sorry if that was a bit exaggerated, but the negative connotation was
> intentional.
> 
> > > As mentioned on IRC, if the reason is to prevent moving around threads in
> > > realtime (SCHED_FIFO, SCHED_RR) classes, that should be fixed at the 
> > > kernel
> > > level.
> > 
> > We use cgroups where it is available to us, but we don't always have
> > the freedom that we'd like.
> 
> I understand.  I'm thinking of a new flag to sched_setscheduler that fixes
> the CPU affinity and policy of the thread and prevents changing it in case
> QEMU is compromised later.  The seccomp/SELinux sandboxes can prevent
> setting the SCHED_FIFO class without this flag.
> 
> In addition, my hunch is that this works only because the RT setup of QEMU
> is not safe against priority inversion.  IIRC the iothreads are set with a
> non-realtime priority, but actually they should have a _higher_ priority
> than the CPU threads, and the thread pool I/O bound workers should have an
> even higher priority; otherwise you have a priority inversion situation
> where an interrupt is pending that would wake up the CPU, but the iothreads
> cannot process it because they have a lower priority than the CPU.

At least for RHEL deployments of KVM-RT, IIC the expectation is that
the VCPUs with RT priority never do I/O, and that there is at least 1
additional non-RT vCPU from which the OS performs I/O. IOW, the RT
VCPU works in a completely self contained manner with no interaction
to any other QEMU threads. If that's not the case, then you would
have to make sure those other threads have priority / schedular
adjustments to avoid priority inversion

With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

[RFC PATCH v2 1/8] net: introduce convert_host_port()

[Laurent Vivier]

Signed-off-by: Laurent Vivier 
---
 include/qemu/sockets.h |  2 ++
 net/net.c  | 62 ++
 2 files changed, 34 insertions(+), 30 deletions(-)

diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h
index 038faa157f59..47194b9732f8 100644
--- a/include/qemu/sockets.h
+++ b/include/qemu/sockets.h
@@ -47,6 +47,8 @@ void socket_listen_cleanup(int fd, Error **errp);
 int socket_dgram(SocketAddress *remote, SocketAddress *local, Error **errp);
 
 /* Old, ipv4 only bits.  Don't use for new code. */
+int convert_host_port(struct sockaddr_in *saddr, const char *host,
+  const char *port, Error **errp);
 int parse_host_port(struct sockaddr_in *saddr, const char *str,
 Error **errp);
 int socket_init(void);
diff --git a/net/net.c b/net/net.c
index a094cf1d2929..58c05c200622 100644
--- a/net/net.c
+++ b/net/net.c
@@ -66,55 +66,57 @@ static QTAILQ_HEAD(, NetClientState) net_clients;
 /***/
 /* network device redirectors */
 
-int parse_host_port(struct sockaddr_in *saddr, const char *str,
-Error **errp)
+int convert_host_port(struct sockaddr_in *saddr, const char *host,
+  const char *port, Error **errp)
 {
-gchar **substrings;
 struct hostent *he;
-const char *addr, *p, *r;
-int port, ret = 0;
+const char *r;
+long p;
 
 memset(saddr, 0, sizeof(*saddr));
 
-substrings = g_strsplit(str, ":", 2);
-if (!substrings || !substrings[0] || !substrings[1]) {
-error_setg(errp, "host address '%s' doesn't contain ':' "
-   "separating host from port", str);
-ret = -1;
-goto out;
-}
-
-addr = substrings[0];
-p = substrings[1];
-
 saddr->sin_family = AF_INET;
-if (addr[0] == '\0') {
+if (host[0] == '\0') {
 saddr->sin_addr.s_addr = 0;
 } else {
-if (qemu_isdigit(addr[0])) {
-if (!inet_aton(addr, &saddr->sin_addr)) {
+if (qemu_isdigit(host[0])) {
+if (!inet_aton(host, &saddr->sin_addr)) {
 error_setg(errp, "host address '%s' is not a valid "
-   "IPv4 address", addr);
-ret = -1;
-goto out;
+   "IPv4 address", host);
+return -1;
 }
 } else {
-he = gethostbyname(addr);
+he = gethostbyname(host);
 if (he == NULL) {
-error_setg(errp, "can't resolve host address '%s'", addr);
-ret = -1;
-goto out;
+error_setg(errp, "can't resolve host address '%s'", host);
+return -1;
 }
 saddr->sin_addr = *(struct in_addr *)he->h_addr;
 }
 }
-port = strtol(p, (char **)&r, 0);
-if (r == p) {
-error_setg(errp, "port number '%s' is invalid", p);
+if (qemu_strtol(port, &r, 0, &p) != 0) {
+error_setg(errp, "port number '%s' is invalid", port);
+return -1;
+}
+saddr->sin_port = htons(p);
+return 0;
+}
+
+int parse_host_port(struct sockaddr_in *saddr, const char *str,
+Error **errp)
+{
+gchar **substrings;
+int ret;
+
+substrings = g_strsplit(str, ":", 2);
+if (!substrings || !substrings[0] || !substrings[1]) {
+error_setg(errp, "host address '%s' doesn't contain ':' "
+   "separating host from port", str);
 ret = -1;
 goto out;
 }
-saddr->sin_port = htons(port);
+
+ret = convert_host_port(saddr, substrings[0], substrings[1], errp);
 
 out:
 g_strfreev(substrings);
-- 
2.35.3

[PATCH qemu v17 03/16] target/riscv: rvv: Rename ambiguous esz

[~eopxd]

From: eopXD 

No functional change intended in this commit.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Reviewed-by: Alistair Francis 
---
 target/riscv/vector_helper.c | 76 ++--
 1 file changed, 38 insertions(+), 38 deletions(-)

diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 60840325c4..3b79b9cbc2 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -125,9 +125,9 @@ static inline int32_t vext_lmul(uint32_t desc)
 /*
  * Get the maximum number of elements can be operated.
  *
- * esz: log2 of element size in bytes.
+ * log2_esz: log2 of element size in bytes.
  */
-static inline uint32_t vext_max_elems(uint32_t desc, uint32_t esz)
+static inline uint32_t vext_max_elems(uint32_t desc, uint32_t log2_esz)
 {
 /*
  * As simd_desc support at most 2048 bytes, the max vlen is 1024 bits.
@@ -136,7 +136,7 @@ static inline uint32_t vext_max_elems(uint32_t desc, 
uint32_t esz)
 uint32_t vlenb = simd_maxsz(desc);
 
 /* Return VLMAX */
-int scale = vext_lmul(desc) - esz;
+int scale = vext_lmul(desc) - log2_esz;
 return scale < 0 ? vlenb >> -scale : vlenb << scale;
 }
 
@@ -231,11 +231,11 @@ vext_ldst_stride(void *vd, void *v0, target_ulong base,
  target_ulong stride, CPURISCVState *env,
  uint32_t desc, uint32_t vm,
  vext_ldst_elem_fn *ldst_elem,
- uint32_t esz, uintptr_t ra)
+ uint32_t log2_esz, uintptr_t ra)
 {
 uint32_t i, k;
 uint32_t nf = vext_nf(desc);
-uint32_t max_elems = vext_max_elems(desc, esz);
+uint32_t max_elems = vext_max_elems(desc, log2_esz);
 
 for (i = env->vstart; i < env->vl; i++, env->vstart++) {
 if (!vm && !vext_elem_mask(v0, i)) {
@@ -244,7 +244,7 @@ vext_ldst_stride(void *vd, void *v0, target_ulong base,
 
 k = 0;
 while (k < nf) {
-target_ulong addr = base + stride * i + (k << esz);
+target_ulong addr = base + stride * i + (k << log2_esz);
 ldst_elem(env, adjust_addr(env, addr), i + k * max_elems, vd, ra);
 k++;
 }
@@ -289,18 +289,18 @@ GEN_VEXT_ST_STRIDE(vsse64_v, int64_t, ste_d)
 /* unmasked unit-stride load and store operation*/
 static void
 vext_ldst_us(void *vd, target_ulong base, CPURISCVState *env, uint32_t desc,
- vext_ldst_elem_fn *ldst_elem, uint32_t esz, uint32_t evl,
+ vext_ldst_elem_fn *ldst_elem, uint32_t log2_esz, uint32_t evl,
  uintptr_t ra)
 {
 uint32_t i, k;
 uint32_t nf = vext_nf(desc);
-uint32_t max_elems = vext_max_elems(desc, esz);
+uint32_t max_elems = vext_max_elems(desc, log2_esz);
 
 /* load bytes from guest memory */
 for (i = env->vstart; i < evl; i++, env->vstart++) {
 k = 0;
 while (k < nf) {
-target_ulong addr = base + ((i * nf + k) << esz);
+target_ulong addr = base + ((i * nf + k) << log2_esz);
 ldst_elem(env, adjust_addr(env, addr), i + k * max_elems, vd, ra);
 k++;
 }
@@ -399,12 +399,12 @@ vext_ldst_index(void *vd, void *v0, target_ulong base,
 void *vs2, CPURISCVState *env, uint32_t desc,
 vext_get_index_addr get_index_addr,
 vext_ldst_elem_fn *ldst_elem,
-uint32_t esz, uintptr_t ra)
+uint32_t log2_esz, uintptr_t ra)
 {
 uint32_t i, k;
 uint32_t nf = vext_nf(desc);
 uint32_t vm = vext_vm(desc);
-uint32_t max_elems = vext_max_elems(desc, esz);
+uint32_t max_elems = vext_max_elems(desc, log2_esz);
 
 /* load bytes from guest memory */
 for (i = env->vstart; i < env->vl; i++, env->vstart++) {
@@ -414,7 +414,7 @@ vext_ldst_index(void *vd, void *v0, target_ulong base,
 
 k = 0;
 while (k < nf) {
-abi_ptr addr = get_index_addr(base, i, vs2) + (k << esz);
+abi_ptr addr = get_index_addr(base, i, vs2) + (k << log2_esz);
 ldst_elem(env, adjust_addr(env, addr), i + k * max_elems, vd, ra);
 k++;
 }
@@ -480,13 +480,13 @@ static inline void
 vext_ldff(void *vd, void *v0, target_ulong base,
   CPURISCVState *env, uint32_t desc,
   vext_ldst_elem_fn *ldst_elem,
-  uint32_t esz, uintptr_t ra)
+  uint32_t log2_esz, uintptr_t ra)
 {
 void *host;
 uint32_t i, k, vl = 0;
 uint32_t nf = vext_nf(desc);
 uint32_t vm = vext_vm(desc);
-uint32_t max_elems = vext_max_elems(desc, esz);
+uint32_t max_elems = vext_max_elems(desc, log2_esz);
 target_ulong addr, offset, remain;
 
 /* probe every access*/
@@ -494,12 +494,12 @@ vext_ldff(void *vd, void *v0, target_ulong base,
 if (!vm && !vext_elem_mask(v0, i)) {
 continue;
 }
-addr = adjust_addr(env, base + i * (nf << esz));
+addr = adjust_addr(env, base + i * (nf << log2_esz));
 if (i == 0)

Re: [PATCH 3/3] ui: Remove deprecated options "-sdl" and "-curses"

[Daniel P . Berrangé]

On Wed, May 11, 2022 at 07:51:47PM +0200, Thomas Huth wrote:
> We have "-sdl" and "-curses", but no "-gtk" and no "-cocoa" ...
> these old-style options are rather confusing than helpful nowadays.
> Now that the deprecation period is over, let's remove them, so we
> get a cleaner interface (where "-display" is the only way to select
> the user interface).
> 
> Signed-off-by: Thomas Huth 
> ---
>  docs/about/deprecated.rst   | 10 --
>  docs/about/removed-features.rst | 10 ++
>  softmmu/vl.c| 19 ---
>  qemu-options.hx | 24 ++--
>  4 files changed, 12 insertions(+), 51 deletions(-)

Reviewed-by: Daniel P. Berrangé 


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH 1/3] ui: Remove deprecated parameters of the "-display sdl" option

[Daniel P . Berrangé]

On Wed, May 11, 2022 at 07:51:45PM +0200, Thomas Huth wrote:
> These parameters are in the way for further refactoring (since they
> use an underscore in the name which is forbidden in QAPI), so let's
> remove these now that their deprecation period is over.
> 
> Signed-off-by: Thomas Huth 
> ---
>  docs/about/deprecated.rst   | 16 -
>  docs/about/removed-features.rst | 17 ++
>  softmmu/vl.c| 41 +
>  qemu-options.hx | 32 ++---
>  4 files changed, 20 insertions(+), 86 deletions(-)

Reviewed-by: Daniel P. Berrangé 


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

[PATCH qemu v17 08/16] target/riscv: rvv: Add tail agnostic for vector integer shift instructions

[~eopxd]

From: eopXD 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  3 ++-
 target/riscv/vector_helper.c| 11 +++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 2a338f815e..347f7faf28 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -1832,7 +1832,7 @@ do_opivx_gvec_shift(DisasContext *s, arg_rmrr *a, 
GVecGen2sFn32 *gvec_fn,
 return false;
 }
 
-if (a->vm && s->vl_eq_vlmax) {
+if (a->vm && s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 TCGv_i32 src1 = tcg_temp_new_i32();
 
 tcg_gen_trunc_tl_i32(src1, get_gpr(s, a->rs1, EXT_NONE));
@@ -1891,6 +1891,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
+data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index d4408d13c8..39865df095 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -1270,6 +1270,9 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,  
\
 { \
 uint32_t vm = vext_vm(desc);  \
 uint32_t vl = env->vl;\
+uint32_t esz = sizeof(TS1);   \
+uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
+uint32_t vta = vext_vta(desc);\
 uint32_t i;   \
   \
 for (i = env->vstart; i < vl; i++) {  \
@@ -1281,6 +1284,8 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,  
\
 *((TS1 *)vd + HS1(i)) = OP(s2, s1 & MASK);\
 } \
 env->vstart = 0;  \
+/* set tail elements to 1s */ \
+vext_set_elems_1s(vd, vta, vl * esz, total_elems * esz);  \
 }
 
 GEN_VEXT_SHIFT_VV(vsll_vv_b, uint8_t,  uint8_t, H1, H1, DO_SLL, 0x7)
@@ -1305,6 +1310,10 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1,   
   \
 {   \
 uint32_t vm = vext_vm(desc);\
 uint32_t vl = env->vl;  \
+uint32_t esz = sizeof(TD);  \
+uint32_t total_elems =  \
+vext_get_total_elems(env, desc, esz);   \
+uint32_t vta = vext_vta(desc);  \
 uint32_t i; \
 \
 for (i = env->vstart; i < vl; i++) {\
@@ -1315,6 +1324,8 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1,
  \
 *((TD *)vd + HD(i)) = OP(s2, s1 & MASK);\
 }   \
 env->vstart = 0;\
+/* set tail elements to 1s */   \
+vext_set_elems_1s(vd, vta, vl * esz, total_elems * esz);\
 }
 
 GEN_VEXT_SHIFT_VX(vsll_vx_b, uint8_t, int8_t, H1, H1, DO_SLL, 0x7)
-- 
2.34.2

[PATCH qemu v17 04/16] target/riscv: rvv: Early exit when vstart >= vl

[~eopxd]

From: eopXD 

According to v-spec (section 5.4):
When vstart ≥ vl, there are no body elements, and no elements are
updated in any destination vector register group, including that
no tail elements are updated with agnostic values.

vmsbf.m, vmsif.m, vmsof.m, viota.m, vcompress instructions themselves
require vstart to be zero. So they don't need the early exit.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc | 27 +
 1 file changed, 27 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 90327509f7..4d5dfa794a 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -652,6 +652,7 @@ static bool ldst_us_trans(uint32_t vd, uint32_t rs1, 
uint32_t data,
 
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 dest = tcg_temp_new_ptr();
 mask = tcg_temp_new_ptr();
@@ -818,6 +819,7 @@ static bool ldst_stride_trans(uint32_t vd, uint32_t rs1, 
uint32_t rs2,
 
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 dest = tcg_temp_new_ptr();
 mask = tcg_temp_new_ptr();
@@ -925,6 +927,7 @@ static bool ldst_index_trans(uint32_t vd, uint32_t rs1, 
uint32_t vs2,
 
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 dest = tcg_temp_new_ptr();
 mask = tcg_temp_new_ptr();
@@ -1067,6 +1070,7 @@ static bool ldff_trans(uint32_t vd, uint32_t rs1, 
uint32_t data,
 
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 dest = tcg_temp_new_ptr();
 mask = tcg_temp_new_ptr();
@@ -1221,6 +1225,7 @@ do_opivv_gvec(DisasContext *s, arg_rmrr *a, GVecGen3Fn 
*gvec_fn,
 }
 
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 if (a->vm && s->vl_eq_vlmax) {
 gvec_fn(s->sew, vreg_ofs(s, a->rd),
@@ -1268,6 +1273,7 @@ static bool opivx_trans(uint32_t vd, uint32_t rs1, 
uint32_t vs2, uint32_t vm,
 
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 dest = tcg_temp_new_ptr();
 mask = tcg_temp_new_ptr();
@@ -1432,6 +1438,7 @@ static bool opivi_trans(uint32_t vd, uint32_t imm, 
uint32_t vs2, uint32_t vm,
 
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 dest = tcg_temp_new_ptr();
 mask = tcg_temp_new_ptr();
@@ -1518,6 +1525,7 @@ static bool do_opivv_widen(DisasContext *s, arg_rmrr *a,
 uint32_t data = 0;
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
@@ -1598,6 +1606,7 @@ static bool do_opiwv_widen(DisasContext *s, arg_rmrr *a,
 uint32_t data = 0;
 TCGLabel *over = gen_new_label();
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
@@ -1675,6 +1684,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
 }; \
 TCGLabel *over = gen_new_label();  \
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);  \
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over); \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
@@ -1856,6 +1866,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
 }; \
 TCGLabel *over = gen_new_label();  \
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);  \
+tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over); \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
@@ -2066,6 +2077,7 @@ static bool trans_v

Re: [PATCH 2/3] ui: Switch "-display sdl" to use the QAPI parser

[Daniel P . Berrangé]

On Wed, May 11, 2022 at 07:51:46PM +0200, Thomas Huth wrote:
> The "-display sdl" option still uses a hand-crafted parser for its
> parameters since some of them used underscores which is forbidden
> in QAPI. Now that the problematic parameters have been removed, we can
> switch to use the QAPI parser instead.
> 
> This introduces the new "DisplaySDL" QAPI struct that is used to hold
> the parameters that are unique to the SDL display. The only specific
> parameter is currently "grab-mod" which is modeled as a string, so that
> it could be extended for other arbitrary modifiers later more easily.
> 
> Signed-off-by: Thomas Huth 
> ---
>  qapi/ui.json| 17 +-
>  include/sysemu/sysemu.h |  2 --
>  softmmu/globals.c   |  2 --
>  softmmu/vl.c| 70 +
>  ui/sdl2.c   | 13 
>  5 files changed, 30 insertions(+), 74 deletions(-)

Reviewed-by: Daniel P. Berrangé 


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH] qapi: make machine type deprecation a warning

[Paolo Bonzini]

On 5/11/22 20:44, Markus Armbruster wrote:

Paolo Bonzini  writes:


Signed-off-by: Paolo Bonzini 
---
  softmmu/vl.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index c2919579fd..fbef0f5c5f 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -3723,7 +3723,7 @@ void qemu_init(int argc, char **argv, char **envp)
  
  machine_class = MACHINE_GET_CLASS(current_machine);

  if (!qtest_enabled() && machine_class->deprecation_reason) {
-error_report("Machine type '%s' is deprecated: %s",
+warn_report("Machine type '%s' is deprecated: %s",
   machine_class->name, machine_class->deprecation_reason);
  }


Anti-pattern: error_report() not followed by "fail function".


Good point, thanks for writing it down... That's what I couldn't put my 
fingers on (hence the scant commit message).  I'll augment the commit 
message with the following:


error_report should generally be followed by a failure; if we can 
proceed anyway, that is just a warning and should be communicated

properly to the user with warn_report.

Paolo


The commit only changes the message printed to stderr.  The commit
message made me expect it would change an actual (fatal?) error into a
mere warning.  It's too late in my day to come up with a clearer
phrasing, so

Reviewed-by: Markus Armbruster 

[PATCH qemu v17 00/16] Add tail agnostic behavior for rvv instructions

[~eopxd]

According to v-spec, tail agnostic behavior can be either kept as
undisturbed or set elements' bits to all 1s. To distinguish the
difference of tail policies, QEMU should be able to simulate the tail
agnostic behavior as "set tail elements' bits to all 1s". An option
'rvv_ta_all_1s' is added to enable the behavior, it is default as
disabled.

There are multiple possibility for agnostic elements according to
v-spec. The main intent of this patch-set tries to add option that
can distinguish between tail policies. Setting agnostic elements to
all 1s makes things simple and allow QEMU to express this.

We may explore other possibility of agnostic behavior by adding
other options in the future. Please understand that this patch-set
is limited.

v2 updates:
- Addressed comments from Weiwei Li
- Added commit tail agnostic on load / store instructions (which
  I forgot to include into the patch-set)

v3 updates:
- Missed the very 1st commit, adding it back

v4 updates:
- Renamed vlmax to total_elems
- Deal with tail element when vl_eq_vlmax == true

v5 updates:
- Let `vext_get_total_elems` take `desc` and `esz`
- Utilize `simd_maxsz(desc)` to get `vlenb`
- Fix alignments to code

v6 updates:
- Fix `vext_get_total_elems`

v7 updates:
- Reuse `max_elems` for vector load / store helper functions. The
  translation sets desc's `lmul` to `min(1, lmul)`, making
  `vext_max_elems` equivalent to `vext_get_total_elems`.

v8 updates:
- Simplify `vext_set_elems_1s`, don't need `vext_set_elems_1s_fns`
- Fix `vext_get_total_elems`, it should derive upon EMUL instead
  of LMUL

v9 updates:
- Let instructions that is tail agnostic regardless of vta respect the
  option and not the vta.

v10 updates:
- Correct range to set element to 1s for load instructions

v11 updates:
- Separate addition of option 'rvv_ta_all_1s' as a new (last) commit
- Add description to show intent of the option in first commit for the
  optional tail agnostic behavior
- Tag WeiWei as Reviewed-by for all commits
- Tag Alistair as Reviewed-by for commit 01, 02
- Tag Alistair as Acked-by for commit 03

v12 updates:
- Add missing space in WeiWei's "Reviewed-by" tag

v13 updates:
- Fix tail agnostic for vext_ldst_us. The function operates on input
  parameter 'evl' rather than 'env->vl'.
- Fix tail elements for vector segment load / store instructions
  A vector segment load / store instruction may contain fractional
  lmul with nf * lmul > 1. The rest of the elements in the last
  register should be treated as tail elements.
- Fix tail agnostic length for instructions with mask destination
  register. Instructions with mask destination register should have
  'vlen - vl' tail elements.

v14 updates:
- Pass lmul information to into vector helper function.
  `vext_get_total_elems` needs it.

v15 updates:
- Rebase to latest `master`
- Tag Alistair as Acked by for commit 04 ~ 14
- Tag Alistair as Acked by for commit 15

v16 updates:
- Fix bug, when encountering situation when lmul < 0 and vl_eq_vlmax,
  the original version will override on `vd` but the computation will
  override again, meaning the tail elements will not be set correctly.
  Now, we don't use TCG functions if we are trying to simulate all 1s
  for agnostic and use vector helpers instead.

v17 updates:
- Add "Prune access_type parameter" commit to cleanup vector load/
  store functions. Then add parameter `is_load` in vector helper
  functions to enable vta behavior in the commit for adding vta on
  vector load/store functions.

eopXD (16):
  target/riscv: rvv: Prune redundant ESZ, DSZ parameter passed
  target/riscv: rvv: Prune redundant access_type parameter passed
  target/riscv: rvv: Rename ambiguous esz
  target/riscv: rvv: Early exit when vstart >= vl
  target/riscv: rvv: Add tail agnostic for vv instructions
  target/riscv: rvv: Add tail agnostic for vector load / store
instructions
  target/riscv: rvv: Add tail agnostic for vx, vvm, vxm instructions
  target/riscv: rvv: Add tail agnostic for vector integer shift
instructions
  target/riscv: rvv: Add tail agnostic for vector integer comparison
instructions
  target/riscv: rvv: Add tail agnostic for vector integer merge and move
instructions
  target/riscv: rvv: Add tail agnostic for vector fix-point arithmetic
instructions
  target/riscv: rvv: Add tail agnostic for vector floating-point
instructions
  target/riscv: rvv: Add tail agnostic for vector reduction instructions
  target/riscv: rvv: Add tail agnostic for vector mask instructions
  target/riscv: rvv: Add tail agnostic for vector permutation
instructions
  target/riscv: rvv: Add option 'rvv_ta_all_1s' to enable optional tail
agnostic behavior

 target/riscv/cpu.c  |1 +
 target/riscv/cpu.h  |2 +
 target/riscv/cpu_helper.c   |2 +
 target/riscv/insn_trans/trans_rvv.c.inc |   99 +-
 target/riscv/internals.h|6 +-
 target/riscv/translate.c|4 +
 target/riscv

[PATCH qemu v17 06/16] target/riscv: rvv: Add tail agnostic for vector load / store instructions

[~eopxd]

From: eopXD 

Destination register of unit-stride mask load and store instructions are
always written with a tail-agnostic policy.

A vector segment load / store instruction may contain fractional lmul
with nf * lmul > 1. The rest of the elements in the last register should
be treated as tail elements.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc | 11 
 target/riscv/translate.c|  2 +
 target/riscv/vector_helper.c| 86 +
 3 files changed, 86 insertions(+), 13 deletions(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index efdf5d6d81..1f3eeff9eb 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -711,6 +711,7 @@ static bool ld_us_op(DisasContext *s, arg_r2nfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, false);
 }
 
@@ -748,6 +749,7 @@ static bool st_us_op(DisasContext *s, arg_r2nfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, true);
 }
 
@@ -774,6 +776,8 @@ static bool ld_us_mask_op(DisasContext *s, arg_vlm_v *a, 
uint8_t eew)
 /* EMUL = 1, NFIELDS = 1 */
 data = FIELD_DP32(data, VDATA, LMUL, 0);
 data = FIELD_DP32(data, VDATA, NF, 1);
+/* Mask destination register are always tail-agnostic */
+data = FIELD_DP32(data, VDATA, VTA, s->cfg_vta_all_1s);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, false);
 }
 
@@ -791,6 +795,8 @@ static bool st_us_mask_op(DisasContext *s, arg_vsm_v *a, 
uint8_t eew)
 /* EMUL = 1, NFIELDS = 1 */
 data = FIELD_DP32(data, VDATA, LMUL, 0);
 data = FIELD_DP32(data, VDATA, NF, 1);
+/* Mask destination register are always tail-agnostic */
+data = FIELD_DP32(data, VDATA, VTA, s->cfg_vta_all_1s);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, true);
 }
 
@@ -862,6 +868,7 @@ static bool ld_stride_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 return ldst_stride_trans(a->rd, a->rs1, a->rs2, data, fn, s, false);
 }
 
@@ -891,6 +898,7 @@ static bool st_stride_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 fn = fns[eew];
 if (fn == NULL) {
 return false;
@@ -991,6 +999,7 @@ static bool ld_index_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 return ldst_index_trans(a->rd, a->rs1, a->rs2, data, fn, s, false);
 }
 
@@ -1043,6 +1052,7 @@ static bool st_index_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 return ldst_index_trans(a->rd, a->rs1, a->rs2, data, fn, s, true);
 }
 
@@ -1108,6 +1118,7 @@ static bool ldff_op(DisasContext *s, arg_r2nfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 return ldff_trans(a->rd, a->rs1, data, fn, s);
 }
 
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index 832353be54..384ffcc0fa 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -95,6 +95,7 @@ typedef struct DisasContext {
 int8_t lmul;
 uint8_t sew;
 uint8_t vta;
+bool cfg_vta_all_1s;
 target_ulong vstart;
 bool vl_eq_vlmax;
 uint8_t ntemp;
@@ -1093,6 +1094,7 @@ static void riscv_tr_init_disas_context(DisasContextBase 
*dcbase, CPUState *cs)
 ctx->sew = FIELD_EX32(tb_flags, TB_FLAGS, SEW);
 ctx->lmul = sextract32(FIELD_EX32(tb_flags, TB_FLAGS, LMUL), 0, 3);
 ctx->vta = FIELD_EX32(tb_flags, TB_FLAGS, VTA) && cpu->cfg.rvv_ta_all_1s;
+ctx->cfg_vta_all_1s = cpu->cfg.rvv_ta_all_1s;
 ctx->vstart = env->vstart;
 ctx->vl_eq_vlmax = FIELD_EX32(tb_flags, TB_FLAGS, VL_EQ_VLMAX);
 ctx->misa_mxl_max = env->misa_

[PATCH qemu v17 05/16] target/riscv: rvv: Add tail agnostic for vv instructions

[~eopxd]

From: eopXD 

According to v-spec, tail agnostic behavior can be either kept as
undisturbed or set elements' bits to all 1s. To distinguish the
difference of tail policies, QEMU should be able to simulate the tail
agnostic behavior as "set tail elements' bits to all 1s".

There are multiple possibility for agnostic elements according to
v-spec. The main intent of this patch-set tries to add option that
can distinguish between tail policies. Setting agnostic elements to
all 1s allows QEMU to express this.

This is the first commit regarding the optional tail agnostic
behavior. Follow-up commits will add this optional behavior
for all rvv instructions.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/cpu.h  |   2 +
 target/riscv/cpu_helper.c   |   2 +
 target/riscv/insn_trans/trans_rvv.c.inc |   3 +-
 target/riscv/internals.h|   5 +-
 target/riscv/translate.c|   2 +
 target/riscv/vector_helper.c| 295 +---
 6 files changed, 177 insertions(+), 132 deletions(-)

diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index fe6c9a2c92..61552408b5 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -405,6 +405,7 @@ struct RISCVCPUConfig {
 bool ext_zhinxmin;
 bool ext_zve32f;
 bool ext_zve64f;
+bool rvv_ta_all_1s;
 
 uint32_t mvendorid;
 uint64_t marchid;
@@ -557,6 +558,7 @@ FIELD(TB_FLAGS, XL, 20, 2)
 /* If PointerMasking should be applied */
 FIELD(TB_FLAGS, PM_MASK_ENABLED, 22, 1)
 FIELD(TB_FLAGS, PM_BASE_ENABLED, 23, 1)
+FIELD(TB_FLAGS, VTA, 24, 1)
 
 #ifdef TARGET_RISCV32
 #define riscv_cpu_mxl(env)  ((void)(env), MXL_RV32)
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index e1aa4f2097..c0641b63cc 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -65,6 +65,8 @@ void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong 
*pc,
 flags = FIELD_DP32(flags, TB_FLAGS, LMUL,
 FIELD_EX64(env->vtype, VTYPE, VLMUL));
 flags = FIELD_DP32(flags, TB_FLAGS, VL_EQ_VLMAX, vl_eq_vlmax);
+flags = FIELD_DP32(flags, TB_FLAGS, VTA,
+FIELD_EX64(env->vtype, VTYPE, VTA));
 } else {
 flags = FIELD_DP32(flags, TB_FLAGS, VILL, 1);
 }
diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 4d5dfa794a..efdf5d6d81 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -1227,7 +1227,7 @@ do_opivv_gvec(DisasContext *s, arg_rmrr *a, GVecGen3Fn 
*gvec_fn,
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
 tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over);
 
-if (a->vm && s->vl_eq_vlmax) {
+if (a->vm && s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 gvec_fn(s->sew, vreg_ofs(s, a->rd),
 vreg_ofs(s, a->rs2), vreg_ofs(s, a->rs1),
 MAXSZ(s), MAXSZ(s));
@@ -1236,6 +1236,7 @@ do_opivv_gvec(DisasContext *s, arg_rmrr *a, GVecGen3Fn 
*gvec_fn,
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs1), vreg_ofs(s, a->rs2),
cpu_env, s->cfg_ptr->vlen / 8,
diff --git a/target/riscv/internals.h b/target/riscv/internals.h
index dbb322bfa7..512c6c30cf 100644
--- a/target/riscv/internals.h
+++ b/target/riscv/internals.h
@@ -24,8 +24,9 @@
 /* share data between vector helpers and decode code */
 FIELD(VDATA, VM, 0, 1)
 FIELD(VDATA, LMUL, 1, 3)
-FIELD(VDATA, NF, 4, 4)
-FIELD(VDATA, WD, 4, 1)
+FIELD(VDATA, VTA, 4, 1)
+FIELD(VDATA, NF, 5, 4)
+FIELD(VDATA, WD, 5, 1)
 
 /* float point classify helpers */
 target_ulong fclass_h(uint64_t frs1);
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index 0cd1d9ee94..832353be54 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -94,6 +94,7 @@ typedef struct DisasContext {
  */
 int8_t lmul;
 uint8_t sew;
+uint8_t vta;
 target_ulong vstart;
 bool vl_eq_vlmax;
 uint8_t ntemp;
@@ -1091,6 +1092,7 @@ static void riscv_tr_init_disas_context(DisasContextBase 
*dcbase, CPUState *cs)
 ctx->vill = FIELD_EX32(tb_flags, TB_FLAGS, VILL);
 ctx->sew = FIELD_EX32(tb_flags, TB_FLAGS, SEW);
 ctx->lmul = sextract32(FIELD_EX32(tb_flags, TB_FLAGS, LMUL), 0, 3);
+ctx->vta = FIELD_EX32(tb_flags, TB_FLAGS, VTA) && cpu->cfg.rvv_ta_all_1s;
 ctx->vstart = env->vstart;
 ctx->vl_eq_vlmax = FIELD_EX32(tb_flags, TB_FLAGS, VL_EQ_VLMAX);
 ctx->misa_mxl_max = env->misa_mxl_max;
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 3b79b9cbc2..2248f0cbee 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c

[PATCH qemu v17 02/16] target/riscv: rvv: Prune redundant access_type parameter passed

[~eopxd]

From: eopXD 

No functional change intended in this commit.

Signed-off-by: eop Chen 
---
 target/riscv/vector_helper.c | 35 ---
 1 file changed, 16 insertions(+), 19 deletions(-)

diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 85dd611cd9..60840325c4 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -231,7 +231,7 @@ vext_ldst_stride(void *vd, void *v0, target_ulong base,
  target_ulong stride, CPURISCVState *env,
  uint32_t desc, uint32_t vm,
  vext_ldst_elem_fn *ldst_elem,
- uint32_t esz, uintptr_t ra, MMUAccessType access_type)
+ uint32_t esz, uintptr_t ra)
 {
 uint32_t i, k;
 uint32_t nf = vext_nf(desc);
@@ -259,7 +259,7 @@ void HELPER(NAME)(void *vd, void * v0, target_ulong base,   
\
 {   \
 uint32_t vm = vext_vm(desc);\
 vext_ldst_stride(vd, v0, base, stride, env, desc, vm, LOAD_FN,  \
- ctzl(sizeof(ETYPE)), GETPC(), MMU_DATA_LOAD);  \
+ ctzl(sizeof(ETYPE)), GETPC()); \
 }
 
 GEN_VEXT_LD_STRIDE(vlse8_v,  int8_t,  lde_b)
@@ -274,7 +274,7 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong base,
\
 {   \
 uint32_t vm = vext_vm(desc);\
 vext_ldst_stride(vd, v0, base, stride, env, desc, vm, STORE_FN, \
- ctzl(sizeof(ETYPE)), GETPC(), MMU_DATA_STORE); \
+ ctzl(sizeof(ETYPE)), GETPC()); \
 }
 
 GEN_VEXT_ST_STRIDE(vsse8_v,  int8_t,  ste_b)
@@ -290,7 +290,7 @@ GEN_VEXT_ST_STRIDE(vsse64_v, int64_t, ste_d)
 static void
 vext_ldst_us(void *vd, target_ulong base, CPURISCVState *env, uint32_t desc,
  vext_ldst_elem_fn *ldst_elem, uint32_t esz, uint32_t evl,
- uintptr_t ra, MMUAccessType access_type)
+ uintptr_t ra)
 {
 uint32_t i, k;
 uint32_t nf = vext_nf(desc);
@@ -319,14 +319,14 @@ void HELPER(NAME##_mask)(void *vd, void *v0, target_ulong 
base, \
 {   \
 uint32_t stride = vext_nf(desc) << ctzl(sizeof(ETYPE)); \
 vext_ldst_stride(vd, v0, base, stride, env, desc, false, LOAD_FN,   \
- ctzl(sizeof(ETYPE)), GETPC(), MMU_DATA_LOAD);  \
+ ctzl(sizeof(ETYPE)), GETPC()); \
 }   \
 \
 void HELPER(NAME)(void *vd, void *v0, target_ulong base,\
   CPURISCVState *env, uint32_t desc)\
 {   \
 vext_ldst_us(vd, base, env, desc, LOAD_FN,  \
- ctzl(sizeof(ETYPE)), env->vl, GETPC(), MMU_DATA_LOAD); \
+ ctzl(sizeof(ETYPE)), env->vl, GETPC());\
 }
 
 GEN_VEXT_LD_US(vle8_v,  int8_t,  lde_b)
@@ -340,14 +340,14 @@ void HELPER(NAME##_mask)(void *vd, void *v0, target_ulong 
base,  \
 {\
 uint32_t stride = vext_nf(desc) << ctzl(sizeof(ETYPE));  \
 vext_ldst_stride(vd, v0, base, stride, env, desc, false, STORE_FN,   \
- ctzl(sizeof(ETYPE)), GETPC(), MMU_DATA_STORE);  \
+ ctzl(sizeof(ETYPE)), GETPC());  \
 }\
  \
 void HELPER(NAME)(void *vd, void *v0, target_ulong base, \
   CPURISCVState *env, uint32_t desc) \
 {\
 vext_ldst_us(vd, base, env, desc, STORE_FN,  \
- ctzl(sizeof(ETYPE)), env->vl, GETPC(), MMU_DATA_STORE); \
+ ctzl(sizeof(ETYPE)), env->vl, GETPC()); \
 }
 
 GEN_VEXT_ST_US(vse8_v,  int8_t,  ste_b)
@@ -364,7 +364,7 @@ void HELPER(vlm_v)(void *vd, void *v0, target_ulong base,
 /* evl = ceil(vl/8) */
 uint8_t evl = (env->vl + 7) >> 3;
 vext_ldst_us(vd, base, env, desc, lde_b,
- 0, evl, GETPC(), MMU_DATA_LOAD);
+ 0, evl, GETPC());
 }
 
 void HELPER(vsm_v)(void *vd, void *v0, target_ulong base,
@@ -373,7 +373,7 @@ void HELPER(vsm_v)(void *vd, void *v0, target_ulong base,
 /* evl = ceil(vl/8) */
 uint8_t evl = (env->vl + 7) >> 3;
 vext_ldst_us(vd, base, env, desc, ste_b,
-

[PATCH qemu v17 07/16] target/riscv: rvv: Add tail agnostic for vx, vvm, vxm instructions

[~eopxd]

From: eopXD 

`vmadc` and `vmsbc` produces a mask value, they always operate with
a tail agnostic policy.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  13 +-
 target/riscv/internals.h|   5 +-
 target/riscv/vector_helper.c| 314 +---
 3 files changed, 190 insertions(+), 142 deletions(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 1f3eeff9eb..2a338f815e 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -1294,6 +1294,8 @@ static bool opivx_trans(uint32_t vd, uint32_t rs1, 
uint32_t vs2, uint32_t vm,
 
 data = FIELD_DP32(data, VDATA, VM, vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);
 desc = tcg_constant_i32(simd_desc(s->cfg_ptr->vlen / 8,
   s->cfg_ptr->vlen / 8, data));
 
@@ -1329,7 +1331,7 @@ do_opivx_gvec(DisasContext *s, arg_rmrr *a, GVecGen2sFn 
*gvec_fn,
 return false;
 }
 
-if (a->vm && s->vl_eq_vlmax) {
+if (a->vm && s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 TCGv_i64 src1 = tcg_temp_new_i64();
 
 tcg_gen_ext_tl_i64(src1, get_gpr(s, a->rs1, EXT_SIGN));
@@ -1459,6 +1461,8 @@ static bool opivi_trans(uint32_t vd, uint32_t imm, 
uint32_t vs2, uint32_t vm,
 
 data = FIELD_DP32(data, VDATA, VM, vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);
 desc = tcg_constant_i32(simd_desc(s->cfg_ptr->vlen / 8,
   s->cfg_ptr->vlen / 8, data));
 
@@ -1487,7 +1491,7 @@ do_opivi_gvec(DisasContext *s, arg_rmrr *a, GVecGen2iFn 
*gvec_fn,
 return false;
 }
 
-if (a->vm && s->vl_eq_vlmax) {
+if (a->vm && s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 gvec_fn(s->sew, vreg_ofs(s, a->rd), vreg_ofs(s, a->rs2),
 extract_imm(s, a->rs1, imm_mode), MAXSZ(s), MAXSZ(s));
 mark_vs_dirty(s);
@@ -1541,6 +1545,7 @@ static bool do_opivv_widen(DisasContext *s, arg_rmrr *a,
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs1),
vreg_ofs(s, a->rs2),
@@ -1622,6 +1627,7 @@ static bool do_opiwv_widen(DisasContext *s, arg_rmrr *a,
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs1),
vreg_ofs(s, a->rs2),
@@ -1700,6 +1706,9 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
+data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
+data = \
+FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);\
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
diff --git a/target/riscv/internals.h b/target/riscv/internals.h
index 512c6c30cf..193ce57a6d 100644
--- a/target/riscv/internals.h
+++ b/target/riscv/internals.h
@@ -25,8 +25,9 @@
 FIELD(VDATA, VM, 0, 1)
 FIELD(VDATA, LMUL, 1, 3)
 FIELD(VDATA, VTA, 4, 1)
-FIELD(VDATA, NF, 5, 4)
-FIELD(VDATA, WD, 5, 1)
+FIELD(VDATA, VTA_ALL_1S, 5, 1)
+FIELD(VDATA, NF, 6, 4)
+FIELD(VDATA, WD, 6, 1)
 
 /* float point classify helpers */
 target_ulong fclass_h(uint64_t frs1);
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 4e08fc3991..d4408d13c8 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -127,6 +127,11 @@ static inline uint32_t vext_vta(uint32_t desc)
 return FIELD_EX32(simd_data(desc), VDATA, VTA);
 }
 
+static inline uint32_t vext_vta_all_1s(uint32_t desc)
+{
+return FIELD_EX32(simd_data(desc), VDATA, VTA_ALL_1S);
+}
+
 /*
  * Get the maximum number of elements can be operated.
  *
@@ -866,10 +871,12 @@ RVVCALL(OPIVX2, vrsub_vx_d, OP_SSS_D, H8, H8, DO_RSUB)
 
 static void do_vext_vx(void *vd, void *v0, target_long s1, void *vs2,
CPURISCVState *env, uint32_t desc,
-

[PATCH qemu v17 01/16] target/riscv: rvv: Prune redundant ESZ, DSZ parameter passed

[~eopxd]

From: eopXD 

No functional change intended in this commit.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Reviewed-by: Alistair Francis 
---
 target/riscv/vector_helper.c | 1132 +-
 1 file changed, 565 insertions(+), 567 deletions(-)

diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 576b14e5a3..85dd611cd9 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -710,7 +710,6 @@ RVVCALL(OPIVV2, vsub_vv_d, OP_SSS_D, H8, H8, H8, DO_SUB)
 
 static void do_vext_vv(void *vd, void *v0, void *vs1, void *vs2,
CPURISCVState *env, uint32_t desc,
-   uint32_t esz, uint32_t dsz,
opivv2_fn *fn)
 {
 uint32_t vm = vext_vm(desc);
@@ -727,23 +726,23 @@ static void do_vext_vv(void *vd, void *v0, void *vs1, 
void *vs2,
 }
 
 /* generate the helpers for OPIVV */
-#define GEN_VEXT_VV(NAME, ESZ, DSZ)   \
+#define GEN_VEXT_VV(NAME) \
 void HELPER(NAME)(void *vd, void *v0, void *vs1,  \
   void *vs2, CPURISCVState *env,  \
   uint32_t desc)  \
 { \
-do_vext_vv(vd, v0, vs1, vs2, env, desc, ESZ, DSZ, \
+do_vext_vv(vd, v0, vs1, vs2, env, desc,   \
do_##NAME);\
 }
 
-GEN_VEXT_VV(vadd_vv_b, 1, 1)
-GEN_VEXT_VV(vadd_vv_h, 2, 2)
-GEN_VEXT_VV(vadd_vv_w, 4, 4)
-GEN_VEXT_VV(vadd_vv_d, 8, 8)
-GEN_VEXT_VV(vsub_vv_b, 1, 1)
-GEN_VEXT_VV(vsub_vv_h, 2, 2)
-GEN_VEXT_VV(vsub_vv_w, 4, 4)
-GEN_VEXT_VV(vsub_vv_d, 8, 8)
+GEN_VEXT_VV(vadd_vv_b)
+GEN_VEXT_VV(vadd_vv_h)
+GEN_VEXT_VV(vadd_vv_w)
+GEN_VEXT_VV(vadd_vv_d)
+GEN_VEXT_VV(vsub_vv_b)
+GEN_VEXT_VV(vsub_vv_h)
+GEN_VEXT_VV(vsub_vv_w)
+GEN_VEXT_VV(vsub_vv_d)
 
 typedef void opivx2_fn(void *vd, target_long s1, void *vs2, int i);
 
@@ -773,7 +772,6 @@ RVVCALL(OPIVX2, vrsub_vx_d, OP_SSS_D, H8, H8, DO_RSUB)
 
 static void do_vext_vx(void *vd, void *v0, target_long s1, void *vs2,
CPURISCVState *env, uint32_t desc,
-   uint32_t esz, uint32_t dsz,
opivx2_fn fn)
 {
 uint32_t vm = vext_vm(desc);
@@ -790,27 +788,27 @@ static void do_vext_vx(void *vd, void *v0, target_long 
s1, void *vs2,
 }
 
 /* generate the helpers for OPIVX */
-#define GEN_VEXT_VX(NAME, ESZ, DSZ)   \
+#define GEN_VEXT_VX(NAME) \
 void HELPER(NAME)(void *vd, void *v0, target_ulong s1,\
   void *vs2, CPURISCVState *env,  \
   uint32_t desc)  \
 { \
-do_vext_vx(vd, v0, s1, vs2, env, desc, ESZ, DSZ,  \
+do_vext_vx(vd, v0, s1, vs2, env, desc,\
do_##NAME);\
 }
 
-GEN_VEXT_VX(vadd_vx_b, 1, 1)
-GEN_VEXT_VX(vadd_vx_h, 2, 2)
-GEN_VEXT_VX(vadd_vx_w, 4, 4)
-GEN_VEXT_VX(vadd_vx_d, 8, 8)
-GEN_VEXT_VX(vsub_vx_b, 1, 1)
-GEN_VEXT_VX(vsub_vx_h, 2, 2)
-GEN_VEXT_VX(vsub_vx_w, 4, 4)
-GEN_VEXT_VX(vsub_vx_d, 8, 8)
-GEN_VEXT_VX(vrsub_vx_b, 1, 1)
-GEN_VEXT_VX(vrsub_vx_h, 2, 2)
-GEN_VEXT_VX(vrsub_vx_w, 4, 4)
-GEN_VEXT_VX(vrsub_vx_d, 8, 8)
+GEN_VEXT_VX(vadd_vx_b)
+GEN_VEXT_VX(vadd_vx_h)
+GEN_VEXT_VX(vadd_vx_w)
+GEN_VEXT_VX(vadd_vx_d)
+GEN_VEXT_VX(vsub_vx_b)
+GEN_VEXT_VX(vsub_vx_h)
+GEN_VEXT_VX(vsub_vx_w)
+GEN_VEXT_VX(vsub_vx_d)
+GEN_VEXT_VX(vrsub_vx_b)
+GEN_VEXT_VX(vrsub_vx_h)
+GEN_VEXT_VX(vrsub_vx_w)
+GEN_VEXT_VX(vrsub_vx_d)
 
 void HELPER(vec_rsubs8)(void *d, void *a, uint64_t b, uint32_t desc)
 {
@@ -889,30 +887,30 @@ RVVCALL(OPIVV2, vwadd_wv_w, WOP_WSSS_W, H8, H4, H4, 
DO_ADD)
 RVVCALL(OPIVV2, vwsub_wv_b, WOP_WSSS_B, H2, H1, H1, DO_SUB)
 RVVCALL(OPIVV2, vwsub_wv_h, WOP_WSSS_H, H4, H2, H2, DO_SUB)
 RVVCALL(OPIVV2, vwsub_wv_w, WOP_WSSS_W, H8, H4, H4, DO_SUB)
-GEN_VEXT_VV(vwaddu_vv_b, 1, 2)
-GEN_VEXT_VV(vwaddu_vv_h, 2, 4)
-GEN_VEXT_VV(vwaddu_vv_w, 4, 8)
-GEN_VEXT_VV(vwsubu_vv_b, 1, 2)
-GEN_VEXT_VV(vwsubu_vv_h, 2, 4)
-GEN_VEXT_VV(vwsubu_vv_w, 4, 8)
-GEN_VEXT_VV(vwadd_vv_b, 1, 2)
-GEN_VEXT_VV(vwadd_vv_h, 2, 4)
-GEN_VEXT_VV(vwadd_vv_w, 4, 8)
-GEN_VEXT_VV(vwsub_vv_b, 1, 2)
-GEN_VEXT_VV(vwsub_vv_h, 2, 4)
-GEN_VEXT_VV(vwsub_vv_w, 4, 8)
-GEN_VEXT_VV(vwaddu_wv_b, 1, 2)
-GEN_VEXT_VV(vwaddu_wv_h, 2, 4)
-GEN_VEXT_VV(vwaddu_wv_w, 4, 8)
-GEN_VEXT_VV(vwsubu_wv_b, 1, 2)
-GEN_VEXT_VV(vwsubu_wv_h, 2, 4)
-GEN_VEXT_VV(vwsubu_wv_w, 4, 8)
-GEN_VEXT_VV(vwadd_wv_b, 1, 2)
-GEN_VEXT_VV(vwadd_wv_h, 2, 4)
-GEN_VEXT_VV(vwadd_wv_w, 4, 8)
-GEN_VEXT_VV(vwsub_wv_b, 1, 2)
-GEN_VEXT_VV(vwsub_wv_h, 2, 4)
-GEN_VEXT_VV(vwsub_wv_w, 4, 8)
+GEN_VEXT_VV(vwaddu_vv_b)
+GEN_VEXT_VV(vwaddu_vv_h)
+GEN_VEXT_VV(vwaddu_vv_w)
+GEN_VEXT_VV(vwsubu_vv_b)
+GEN_VEXT_VV(vwsubu_vv_h)
+GEN_VEXT_VV(vwsubu_vv_w)
+GEN_VEXT_VV(vwadd_vv_b)
+GEN_VEXT_VV(vwadd_vv_h)
+GEN_VEXT_VV(vwadd

[PATCH qemu v17 09/16] target/riscv: rvv: Add tail agnostic for vector integer comparison instructions

[~eopxd]

From: eopXD 

Compares write mask registers, and so always operate under a tail-
agnostic policy.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/vector_helper.c | 18 ++
 1 file changed, 18 insertions(+)

diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 39865df095..8f39420dd2 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -1370,6 +1370,8 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1, void 
*vs2,   \
 { \
 uint32_t vm = vext_vm(desc);  \
 uint32_t vl = env->vl;\
+uint32_t total_elems = env_archcpu(env)->cfg.vlen;\
+uint32_t vta_all_1s = vext_vta_all_1s(desc);  \
 uint32_t i;   \
   \
 for (i = env->vstart; i < vl; i++) {  \
@@ -1381,6 +1383,13 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1, void 
*vs2,   \
 vext_set_elem_mask(vd, i, DO_OP(s2, s1)); \
 } \
 env->vstart = 0;  \
+/* mask destination register are always tail-agnostic */  \
+/* set tail elements to 1s */ \
+if (vta_all_1s) { \
+for (; i < total_elems; i++) {\
+vext_set_elem_mask(vd, i, 1); \
+} \
+} \
 }
 
 GEN_VEXT_CMP_VV(vmseq_vv_b, uint8_t,  H1, DO_MSEQ)
@@ -1419,6 +1428,8 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2,   \
 {   \
 uint32_t vm = vext_vm(desc);\
 uint32_t vl = env->vl;  \
+uint32_t total_elems = env_archcpu(env)->cfg.vlen;  \
+uint32_t vta_all_1s = vext_vta_all_1s(desc);\
 uint32_t i; \
 \
 for (i = env->vstart; i < vl; i++) {\
@@ -1430,6 +1441,13 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2,   \
 DO_OP(s2, (ETYPE)(target_long)s1)); \
 }   \
 env->vstart = 0;\
+/* mask destination register are always tail-agnostic */\
+/* set tail elements to 1s */   \
+if (vta_all_1s) {   \
+for (; i < total_elems; i++) {  \
+vext_set_elem_mask(vd, i, 1);   \
+}   \
+}   \
 }
 
 GEN_VEXT_CMP_VX(vmseq_vx_b, uint8_t,  H1, DO_MSEQ)
-- 
2.34.2

[PATCH qemu v17 14/16] target/riscv: rvv: Add tail agnostic for vector mask instructions

[~eopxd]

From: eopXD 

The tail elements in the destination mask register are updated under
a tail-agnostic policy.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  6 +
 target/riscv/vector_helper.c| 30 +
 2 files changed, 36 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 7d2042f3f1..e15dbdb01b 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -3136,6 +3136,8 @@ static bool trans_##NAME(DisasContext *s, arg_r *a)   
 \
 tcg_gen_brcond_tl(TCG_COND_GEU, cpu_vstart, cpu_vl, over); \
\
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
+data = \
+FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);\
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
@@ -3240,6 +3242,8 @@ static bool trans_##NAME(DisasContext *s, arg_rmr *a) 
 \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
+data = \
+FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);\
 tcg_gen_gvec_3_ptr(vreg_ofs(s, a->rd), \
vreg_ofs(s, 0), vreg_ofs(s, a->rs2),\
cpu_env, s->cfg_ptr->vlen / 8,  \
@@ -3277,6 +3281,7 @@ static bool trans_viota_m(DisasContext *s, arg_viota_m *a)
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 static gen_helper_gvec_3_ptr * const fns[4] = {
 gen_helper_viota_m_b, gen_helper_viota_m_h,
 gen_helper_viota_m_w, gen_helper_viota_m_d,
@@ -3306,6 +3311,7 @@ static bool trans_vid_v(DisasContext *s, arg_vid_v *a)
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 static gen_helper_gvec_2_ptr * const fns[4] = {
 gen_helper_vid_v_b, gen_helper_vid_v_h,
 gen_helper_vid_v_w, gen_helper_vid_v_d,
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index bf3bfea2a8..93e7ce3bfe 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -4716,6 +4716,8 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,  
\
   uint32_t desc)  \
 { \
 uint32_t vl = env->vl;\
+uint32_t total_elems = env_archcpu(env)->cfg.vlen;\
+uint32_t vta_all_1s = vext_vta_all_1s(desc);  \
 uint32_t i;   \
 int a, b; \
   \
@@ -4725,6 +4727,15 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1, 
 \
 vext_set_elem_mask(vd, i, OP(b, a));  \
 } \
 env->vstart = 0;  \
+/* mask destination register are always tail- \
+ * agnostic   \
+ */   \
+/* set tail elements to 1s */ \
+if (vta_all_1s) { \
+for (; i < total_elems; i++) {\
+vext_set_elem_mask(vd, i, 1); \
+} \
+} \
 }
 
 #define DO_NAND(N, M)  (!(N & M))
@@ -4792,6 +4803,8 @@ static void vmsetm(void *vd, void *v0, void *vs2, 
CPURISCVState *env,
 {
 uint32_t vm = vext_vm(desc);
 uint32_t vl = env->vl;
+uint32_t total_elems = env_archcpu(env)->cfg.vlen;
+uint32_t vta_all_1s = vext_vta_all_1s(desc);
 int i;
 bool first_mask_bit = false;
 
@@ -4820,6 +4833,13 @@ static void vmsetm(void *vd, void *v0, void *vs2, 
CPURISCVState *env,
 }
 }
 env->vstart = 0;
+/* mask destination register are always tail-agnostic */
+/* set tail elements to 1s */
+if (vta_all_1s) {
+for (; i < total_elems; i++) {
+vext_set_elem_mask(vd, i, 1);
+}
+}
 }

[PATCH qemu v17 16/16] target/riscv: rvv: Add option 'rvv_ta_all_1s' to enable optional tail agnostic behavior

[~eopxd]

From: eopXD 

According to v-spec, tail agnostic behavior can be either kept as
undisturbed or set elements' bits to all 1s. To distinguish the
difference of tail policies, QEMU should be able to simulate the tail
agnostic behavior as "set tail elements' bits to all 1s".

There are multiple possibility for agnostic elements according to
v-spec. The main intent of this patch-set tries to add option that
can distinguish between tail policies. Setting agnostic elements to
all 1s allows QEMU to express this.

This commit adds option 'rvv_ta_all_1s' is added to enable the
behavior, it is default as disabled.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Reviewed-by: Alistair Francis 
---
 target/riscv/cpu.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index ccacdee215..720c8b9e5c 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -879,6 +879,7 @@ static Property riscv_cpu_properties[] = {
 DEFINE_PROP_BOOL("x-aia", RISCVCPU, cfg.aia, false),
 
 DEFINE_PROP_UINT64("resetvec", RISCVCPU, cfg.resetvec, DEFAULT_RSTVEC),
+DEFINE_PROP_BOOL("rvv_ta_all_1s", RISCVCPU, cfg.rvv_ta_all_1s, false),
 DEFINE_PROP_END_OF_LIST(),
 };
 
-- 
2.34.2

[PATCH qemu v17 13/16] target/riscv: rvv: Add tail agnostic for vector reduction instructions

[~eopxd]

From: eopXD 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/vector_helper.c | 20 
 1 file changed, 20 insertions(+)

diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 7dcb51b6ae..bf3bfea2a8 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -4534,6 +4534,9 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,  
\
 { \
 uint32_t vm = vext_vm(desc);  \
 uint32_t vl = env->vl;\
+uint32_t esz = sizeof(TD);\
+uint32_t vlenb = simd_maxsz(desc);\
+uint32_t vta = vext_vta(desc);\
 uint32_t i;   \
 TD s1 =  *((TD *)vs1 + HD(0));\
   \
@@ -4546,6 +4549,8 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,  
\
 } \
 *((TD *)vd + HD(0)) = s1; \
 env->vstart = 0;  \
+/* set tail elements to 1s */ \
+vext_set_elems_1s(vd, vta, esz, vlenb);   \
 }
 
 /* vd[0] = sum(vs1[0], vs2[*]) */
@@ -4615,6 +4620,9 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,  
 \
 {  \
 uint32_t vm = vext_vm(desc);   \
 uint32_t vl = env->vl; \
+uint32_t esz = sizeof(TD); \
+uint32_t vlenb = simd_maxsz(desc); \
+uint32_t vta = vext_vta(desc); \
 uint32_t i;\
 TD s1 =  *((TD *)vs1 + HD(0)); \
\
@@ -4627,6 +4635,8 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,  
 \
 }  \
 *((TD *)vd + HD(0)) = s1;  \
 env->vstart = 0;   \
+/* set tail elements to 1s */  \
+vext_set_elems_1s(vd, vta, esz, vlenb);\
 }
 
 /* Unordered sum */
@@ -4651,6 +4661,9 @@ void HELPER(vfwredsum_vs_h)(void *vd, void *v0, void *vs1,
 {
 uint32_t vm = vext_vm(desc);
 uint32_t vl = env->vl;
+uint32_t esz = sizeof(uint32_t);
+uint32_t vlenb = simd_maxsz(desc);
+uint32_t vta = vext_vta(desc);
 uint32_t i;
 uint32_t s1 =  *((uint32_t *)vs1 + H4(0));
 
@@ -4664,6 +4677,8 @@ void HELPER(vfwredsum_vs_h)(void *vd, void *v0, void *vs1,
 }
 *((uint32_t *)vd + H4(0)) = s1;
 env->vstart = 0;
+/* set tail elements to 1s */
+vext_set_elems_1s(vd, vta, esz, vlenb);
 }
 
 void HELPER(vfwredsum_vs_w)(void *vd, void *v0, void *vs1,
@@ -4671,6 +4686,9 @@ void HELPER(vfwredsum_vs_w)(void *vd, void *v0, void *vs1,
 {
 uint32_t vm = vext_vm(desc);
 uint32_t vl = env->vl;
+uint32_t esz = sizeof(uint64_t);
+uint32_t vlenb = simd_maxsz(desc);
+uint32_t vta = vext_vta(desc);
 uint32_t i;
 uint64_t s1 =  *((uint64_t *)vs1);
 
@@ -4684,6 +4702,8 @@ void HELPER(vfwredsum_vs_w)(void *vd, void *v0, void *vs1,
 }
 *((uint64_t *)vd) = s1;
 env->vstart = 0;
+/* set tail elements to 1s */
+vext_set_elems_1s(vd, vta, esz, vlenb);
 }
 
 /*
-- 
2.34.2

[PATCH qemu v17 15/16] target/riscv: rvv: Add tail agnostic for vector permutation instructions

[~eopxd]

From: eopXD 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  7 +++--
 target/riscv/vector_helper.c| 40 +
 2 files changed, 45 insertions(+), 2 deletions(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index e15dbdb01b..9717cfe657 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -3670,7 +3670,7 @@ static bool trans_vrgather_vx(DisasContext *s, arg_rmrr 
*a)
 return false;
 }
 
-if (a->vm && s->vl_eq_vlmax) {
+if (a->vm && s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 int scale = s->lmul - (s->sew + 3);
 int vlmax = s->cfg_ptr->vlen >> -scale;
 TCGv_i64 dest = tcg_temp_new_i64();
@@ -3702,7 +3702,7 @@ static bool trans_vrgather_vi(DisasContext *s, arg_rmrr 
*a)
 return false;
 }
 
-if (a->vm && s->vl_eq_vlmax) {
+if (a->vm && s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 int scale = s->lmul - (s->sew + 3);
 int vlmax = s->cfg_ptr->vlen >> -scale;
 if (a->rs1 >= vlmax) {
@@ -3754,6 +3754,7 @@ static bool trans_vcompress_vm(DisasContext *s, arg_r *a)
 tcg_gen_brcondi_tl(TCG_COND_EQ, cpu_vl, 0, over);
 
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs1), vreg_ofs(s, a->rs2),
cpu_env, s->cfg_ptr->vlen / 8,
@@ -3854,6 +3855,8 @@ static bool int_ext_op(DisasContext *s, arg_rmr *a, 
uint8_t seq)
 }
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
+data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 
 tcg_gen_gvec_3_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs2), cpu_env,
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 93e7ce3bfe..70353b1116 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -4930,6 +4930,9 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2, \
 { \
 uint32_t vm = vext_vm(desc);  \
 uint32_t vl = env->vl;\
+uint32_t esz = sizeof(ETYPE); \
+uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
+uint32_t vta = vext_vta(desc);\
 target_ulong offset = s1, i_min, i;   \
   \
 i_min = MAX(env->vstart, offset); \
@@ -4939,6 +4942,8 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2, \
 } \
 *((ETYPE *)vd + H(i)) = *((ETYPE *)vs2 + H(i - offset));  \
 } \
+/* set tail elements to 1s */ \
+vext_set_elems_1s(vd, vta, vl * esz, total_elems * esz);  \
 }
 
 /* vslideup.vx vd, vs2, rs1, vm # vd[i+rs1] = vs2[i] */
@@ -4954,6 +4959,9 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2, \
 uint32_t vlmax = vext_max_elems(desc, ctzl(sizeof(ETYPE)));   \
 uint32_t vm = vext_vm(desc);  \
 uint32_t vl = env->vl;\
+uint32_t esz = sizeof(ETYPE); \
+uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
+uint32_t vta = vext_vta(desc);\
 target_ulong i_max, i;\
   \
 i_max = MAX(MIN(s1 < vlmax ? vlmax - s1 : 0, vl), env->vstart);   \
@@ -4970,6 +4978,8 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2, \
 } \
   \
 env->vstart = 0;  \
+/* set tail elements to 1s */ \
+vext_set_elems_1s(vd, vta, vl * esz, total_elems * esz);  \
 }
 
 /* vslidedown.vx vd, vs2, rs1, vm # vd[i] = vs2[i+rs1] */
@@ -4985,6 +4995,9 @@ static void vslide1up_##BITWIDTH(void *vd, void *v0, 
target_ulong s1,   \
 typedef uint#

[PATCH qemu v17 10/16] target/riscv: rvv: Add tail agnostic for vector integer merge and move instructions

[~eopxd]

From: eopXD 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc | 12 
 target/riscv/vector_helper.c| 20 
 2 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 347f7faf28..50f3731bbf 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -2087,12 +2087,13 @@ static bool trans_vmv_v_v(DisasContext *s, arg_vmv_v_v 
*a)
 vext_check_isa_ill(s) &&
 /* vmv.v.v has rs2 = 0 and vm = 1 */
 vext_check_sss(s, a->rd, a->rs1, 0, 1)) {
-if (s->vl_eq_vlmax) {
+if (s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 tcg_gen_gvec_mov(s->sew, vreg_ofs(s, a->rd),
  vreg_ofs(s, a->rs1),
  MAXSZ(s), MAXSZ(s));
 } else {
 uint32_t data = FIELD_DP32(0, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 static gen_helper_gvec_2_ptr * const fns[4] = {
 gen_helper_vmv_v_v_b, gen_helper_vmv_v_v_h,
 gen_helper_vmv_v_v_w, gen_helper_vmv_v_v_d,
@@ -2127,7 +2128,7 @@ static bool trans_vmv_v_x(DisasContext *s, arg_vmv_v_x *a)
 
 s1 = get_gpr(s, a->rs1, EXT_SIGN);
 
-if (s->vl_eq_vlmax) {
+if (s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 tcg_gen_gvec_dup_tl(s->sew, vreg_ofs(s, a->rd),
 MAXSZ(s), MAXSZ(s), s1);
 } else {
@@ -2135,6 +2136,7 @@ static bool trans_vmv_v_x(DisasContext *s, arg_vmv_v_x *a)
 TCGv_i64 s1_i64 = tcg_temp_new_i64();
 TCGv_ptr dest = tcg_temp_new_ptr();
 uint32_t data = FIELD_DP32(0, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 static gen_helper_vmv_vx * const fns[4] = {
 gen_helper_vmv_v_x_b, gen_helper_vmv_v_x_h,
 gen_helper_vmv_v_x_w, gen_helper_vmv_v_x_d,
@@ -2164,7 +2166,7 @@ static bool trans_vmv_v_i(DisasContext *s, arg_vmv_v_i *a)
 /* vmv.v.i has rs2 = 0 and vm = 1 */
 vext_check_ss(s, a->rd, 0, 1)) {
 int64_t simm = sextract64(a->rs1, 0, 5);
-if (s->vl_eq_vlmax) {
+if (s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 tcg_gen_gvec_dup_imm(s->sew, vreg_ofs(s, a->rd),
  MAXSZ(s), MAXSZ(s), simm);
 mark_vs_dirty(s);
@@ -2173,6 +2175,7 @@ static bool trans_vmv_v_i(DisasContext *s, arg_vmv_v_i *a)
 TCGv_i64 s1;
 TCGv_ptr dest;
 uint32_t data = FIELD_DP32(0, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 static gen_helper_vmv_vx * const fns[4] = {
 gen_helper_vmv_v_x_b, gen_helper_vmv_v_x_h,
 gen_helper_vmv_v_x_w, gen_helper_vmv_v_x_d,
@@ -2744,7 +2747,7 @@ static bool trans_vfmv_v_f(DisasContext *s, arg_vfmv_v_f 
*a)
 
 TCGv_i64 t1;
 
-if (s->vl_eq_vlmax) {
+if (s->vl_eq_vlmax && !(s->vta && s->lmul < 0)) {
 t1 = tcg_temp_new_i64();
 /* NaN-box f[rs1] */
 do_nanbox(s, t1, cpu_fpr[a->rs1]);
@@ -2756,6 +2759,7 @@ static bool trans_vfmv_v_f(DisasContext *s, arg_vfmv_v_f 
*a)
 TCGv_ptr dest;
 TCGv_i32 desc;
 uint32_t data = FIELD_DP32(0, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 static gen_helper_vmv_vx * const fns[3] = {
 gen_helper_vmv_v_x_h,
 gen_helper_vmv_v_x_w,
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 8f39420dd2..1e3206eaf8 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -1968,6 +1968,9 @@ void HELPER(NAME)(void *vd, void *vs1, CPURISCVState 
*env,   \
   uint32_t desc) \
 {\
 uint32_t vl = env->vl;   \
+uint32_t esz = sizeof(ETYPE);\
+uint32_t total_elems = vext_get_total_elems(env, desc, esz); \
+uint32_t vta = vext_vta(desc);   \
 uint32_t i;  \
  \
 for (i = env->vstart; i < vl; i++) { \
@@ -1975,6 +1978,8 @@ void HELPER(NAME)(void *vd, void *vs1, CPURISCVState 
*env,   \
 *((ETYPE *)vd + H(i)) = s1;  \
 }\
 env->vstart = 0;  

Re: [PATCH RESEND] qga: add guest-get-diskstats command for Linux guests

[Daniel P . Berrangé]

On Thu, May 12, 2022 at 09:19:30AM +0800, luzhipeng wrote:
> Add a new 'guest-get-diskstats' command for report disk io statistics
> for Linux guests. This can be usefull for getting io flow or handling
> IO fault, no need to enter guests.
> 
> Signed-off-by: luzhipeng 
> ---
>  qga/commands-posix.c | 94 
>  qga/commands-win32.c |  6 +++
>  qga/qapi-schema.json | 86 
>  3 files changed, 186 insertions(+)
> 
> diff --git a/qga/commands-posix.c b/qga/commands-posix.c
> index 69f209af87..2b96c9ae6e 100644
> --- a/qga/commands-posix.c
> +++ b/qga/commands-posix.c
> @@ -2783,6 +2783,93 @@ GuestMemoryBlockInfo 
> *qmp_guest_get_memory_block_info(Error **errp)
>  return info;
>  }
>  
> +#define MAX_NAME_LEN 128
> +static GuestDiskStatsInfoList *guest_get_diskstats(Error **errp)
> +{
> +#ifdef CONFIG_LINUX
> +GuestDiskStatsInfoList *head = NULL, **tail = &head;
> +const char *diskstats = "/proc/diskstats";
> +FILE *fp;
> +size_t n;
> +char *line = NULL;
> +char dev_name[MAX_NAME_LEN];
> +int i;
> +unsigned int ios_pgr, tot_ticks, rq_ticks, wr_ticks, dc_ticks, fl_ticks;
> +unsigned long rd_ios, rd_merges_or_rd_sec, rd_ticks_or_wr_sec, wr_ios;
> +unsigned long wr_merges, rd_sec_or_wr_ios, wr_sec;
> +unsigned long dc_ios, dc_merges, dc_sec, fl_ios;
> +unsigned int major, minor;
> +
> +fp = fopen(diskstats, "r");
> +if (fp  == NULL) {
> +error_setg_errno(errp, errno, "open(\"%s\")", diskstats);
> +return NULL;
> +}
> +while (getline(&line, &n, fp) != -1) {
> +i = sscanf(line, "%u %u %s %lu %lu %lu"
> +   "%lu %lu %lu %lu %u %u %u %u"
> +   "%lu %lu %lu %u %lu %u",
> +  &major, &minor, dev_name,
> +  &rd_ios, &rd_merges_or_rd_sec, &rd_sec_or_wr_ios,
> +  &rd_ticks_or_wr_sec, &wr_ios, &wr_merges, &wr_sec,
> +  &wr_ticks, &ios_pgr, &tot_ticks, &rq_ticks,
> +  &dc_ios, &dc_merges, &dc_sec, &dc_ticks,
> +  &fl_ios, &fl_ticks);

Nothing free's the 'line' buffer after this point.

> +GuestDiskStatsInfo *diskstatinfo = g_malloc0(sizeof *diskstatinfo);

Our preferred style is g_new0 rather than g_malloc0 eg

  g_new0(GuestDiskStatsInfo, 1)

> +GuestDiskStats *diskstat = g_malloc0(sizeof *diskstat);
> +if (i >= 14) {
> +diskstatinfo->name = g_strdup(dev_name);
> +diskstatinfo->major = major;
> +diskstatinfo->minor = minor;
> +diskstat->rd_ios = rd_ios;
> +diskstat->rd_merges = rd_merges_or_rd_sec;
> +diskstat->rd_sectors = rd_sec_or_wr_ios;
> +diskstat->rd_ticks = rd_ticks_or_wr_sec;
> +diskstat->wr_ios = wr_ios;
> +diskstat->wr_merges = wr_merges;
> +diskstat->wr_sectors = wr_sec;
> +diskstat->wr_ticks = wr_ticks;
> +diskstat->ios_pgr = ios_pgr;
> +diskstat->tot_ticks = tot_ticks;
> +diskstat->rq_ticks = rq_ticks;
> +if (i >= 18) {
> +diskstat->dc_ios = dc_ios;
> +diskstat->dc_merges = dc_merges;
> +diskstat->dc_sectors = dc_sec;
> +diskstat->dc_ticks = dc_ticks;
> +}
> +if (i >= 20) {
> +diskstat->fl_ios = fl_ios;
> +diskstat->fl_ticks = fl_ticks;
> +}
> +diskstatinfo->stats = diskstat;
> +QAPI_LIST_APPEND(tail, diskstatinfo);
> +} else if (i == 7) {
> +diskstatinfo->name = g_strdup(dev_name);
> +diskstatinfo->major = major;
> +diskstatinfo->minor = minor;
> +diskstat->rd_ios = rd_ios;
> +diskstat->rd_sectors = rd_merges_or_rd_sec;
> +diskstat->wr_ios = rd_sec_or_wr_ios;
> +diskstat->wr_sectors = rd_ticks_or_wr_sec;

In this branch nothing adds 'diskstat' to 'diskstatinfo', nor
'diskstatinfo' to 'tail'.

> +} else {
> +g_free(diskstat);
> +g_free(diskstatinfo);
> +}

THe whole body structure needs changing IMHO

  GuestDiskStatsInfo *diskstatinfo;
  GuestDiskStats *diskstat;

  i = scanf()
  if  (i < 7)
 continue

  diskstatinfo = g_new0(GuestDiskStatsInfo, 1);
  diskstat = g_new0(GuestDiskStats, 1);

  ...fill in first 7 fields...

  if (i >= 14) {
...next fields...
  }

  if (i >= 18) {
...next fields...
  }

  if (i >= 20) {
...next fields...
  }

  diskstatinfo->stats = diskstat;
  QAPI_LIST_APPEND(tail, diskstatinfo);


> +}
> +fclose(fp);
> +return head;
> +#else
> +g_debug("disk stats reporting available only for Linux");
> +return NULL;
> +#endif
> +}
> +
> +GuestDiskStatsInfoList *qmp_guest_get_diskstats(Error **errp)
> +{
> +return guest_get_diskstats(errp);
> +}
> +
>  #else /* defined(__li

[PATCH qemu v17 12/16] target/riscv: rvv: Add tail agnostic for vector floating-point instructions

[~eopxd]

From: eopXD 

Compares write mask registers, and so always operate under a tail-
agnostic policy.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  17 +
 target/riscv/vector_helper.c| 440 +---
 2 files changed, 261 insertions(+), 196 deletions(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 50f3731bbf..7d2042f3f1 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -2339,6 +2339,9 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
+data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
+data = \
+FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);\
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
@@ -2421,6 +2424,9 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
\
 gen_set_rm(s, RISCV_FRM_DYN); \
 data = FIELD_DP32(data, VDATA, VM, a->vm);\
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);\
+data = FIELD_DP32(data, VDATA, VTA, s->vta);  \
+data = FIELD_DP32(data, VDATA, VTA_ALL_1S,\
+  s->cfg_vta_all_1s); \
 return opfvf_trans(a->rd, a->rs1, a->rs2, data,   \
fns[s->sew - 1], s);   \
 } \
@@ -2459,6 +2465,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
   \
  \
 data = FIELD_DP32(data, VDATA, VM, a->vm);   \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);   \
+data = FIELD_DP32(data, VDATA, VTA, s->vta); \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),   \
vreg_ofs(s, a->rs1),  \
vreg_ofs(s, a->rs2), cpu_env, \
@@ -2498,6 +2505,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
   \
 gen_set_rm(s, RISCV_FRM_DYN);\
 data = FIELD_DP32(data, VDATA, VM, a->vm);   \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);   \
+data = FIELD_DP32(data, VDATA, VTA, s->vta); \
 return opfvf_trans(a->rd, a->rs1, a->rs2, data,  \
fns[s->sew - 1], s);  \
 }\
@@ -2534,6 +2542,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
+data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
@@ -2573,6 +2582,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
   \
 gen_set_rm(s, RISCV_FRM_DYN);\
 data = FIELD_DP32(data, VDATA, VM, a->vm);   \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);   \
+data = FIELD_DP32(data, VDATA, VTA, s->vta); \
 return opfvf_trans(a->rd, a->rs1, a->rs2, data,  \
fns[s->sew - 1], s);  \
 }\
@@ -2656,6 +2666,7 @@ static bool do_opfv(DisasContext *s, arg_rmr *a,
 
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
+data = FIELD_DP32(data, VDATA, VTA, s->vta);
 tcg_gen_gvec_3_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs2), cpu_env,
s->cfg_ptr->vlen / 8,
@@ -2860,6 +2871,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmr *a) 
 \
\
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, 

[PATCH qemu v17 11/16] target/riscv: rvv: Add tail agnostic for vector fix-point arithmetic instructions

[~eopxd]

From: eopXD 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
Acked-by: Alistair Francis 
---
 target/riscv/vector_helper.c | 220 ++-
 1 file changed, 114 insertions(+), 106 deletions(-)

diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 1e3206eaf8..5645f3b932 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -2102,10 +2102,12 @@ static inline void
 vext_vv_rm_2(void *vd, void *v0, void *vs1, void *vs2,
  CPURISCVState *env,
  uint32_t desc,
- opivv2_rm_fn *fn)
+ opivv2_rm_fn *fn, uint32_t esz)
 {
 uint32_t vm = vext_vm(desc);
 uint32_t vl = env->vl;
+uint32_t total_elems = vext_get_total_elems(env, desc, esz);
+uint32_t vta = vext_vta(desc);
 
 switch (env->vxrm) {
 case 0: /* rnu */
@@ -2125,15 +2127,17 @@ vext_vv_rm_2(void *vd, void *v0, void *vs1, void *vs2,
  env, vl, vm, 3, fn);
 break;
 }
+/* set tail elements to 1s */
+vext_set_elems_1s(vd, vta, vl * esz, total_elems * esz);
 }
 
 /* generate helpers for fixed point instructions with OPIVV format */
-#define GEN_VEXT_VV_RM(NAME)\
+#define GEN_VEXT_VV_RM(NAME, ESZ)   \
 void HELPER(NAME)(void *vd, void *v0, void *vs1, void *vs2, \
   CPURISCVState *env, uint32_t desc)\
 {   \
 vext_vv_rm_2(vd, v0, vs1, vs2, env, desc,   \
- do_##NAME);\
+ do_##NAME, ESZ);   \
 }
 
 static inline uint8_t saddu8(CPURISCVState *env, int vxrm, uint8_t a, uint8_t 
b)
@@ -2183,10 +2187,10 @@ RVVCALL(OPIVV2_RM, vsaddu_vv_b, OP_UUU_B, H1, H1, H1, 
saddu8)
 RVVCALL(OPIVV2_RM, vsaddu_vv_h, OP_UUU_H, H2, H2, H2, saddu16)
 RVVCALL(OPIVV2_RM, vsaddu_vv_w, OP_UUU_W, H4, H4, H4, saddu32)
 RVVCALL(OPIVV2_RM, vsaddu_vv_d, OP_UUU_D, H8, H8, H8, saddu64)
-GEN_VEXT_VV_RM(vsaddu_vv_b)
-GEN_VEXT_VV_RM(vsaddu_vv_h)
-GEN_VEXT_VV_RM(vsaddu_vv_w)
-GEN_VEXT_VV_RM(vsaddu_vv_d)
+GEN_VEXT_VV_RM(vsaddu_vv_b, 1)
+GEN_VEXT_VV_RM(vsaddu_vv_h, 2)
+GEN_VEXT_VV_RM(vsaddu_vv_w, 4)
+GEN_VEXT_VV_RM(vsaddu_vv_d, 8)
 
 typedef void opivx2_rm_fn(void *vd, target_long s1, void *vs2, int i,
   CPURISCVState *env, int vxrm);
@@ -2219,10 +2223,12 @@ static inline void
 vext_vx_rm_2(void *vd, void *v0, target_long s1, void *vs2,
  CPURISCVState *env,
  uint32_t desc,
- opivx2_rm_fn *fn)
+ opivx2_rm_fn *fn, uint32_t esz)
 {
 uint32_t vm = vext_vm(desc);
 uint32_t vl = env->vl;
+uint32_t total_elems = vext_get_total_elems(env, desc, esz);
+uint32_t vta = vext_vta(desc);
 
 switch (env->vxrm) {
 case 0: /* rnu */
@@ -2242,25 +2248,27 @@ vext_vx_rm_2(void *vd, void *v0, target_long s1, void 
*vs2,
  env, vl, vm, 3, fn);
 break;
 }
+/* set tail elements to 1s */
+vext_set_elems_1s(vd, vta, vl * esz, total_elems * esz);
 }
 
 /* generate helpers for fixed point instructions with OPIVX format */
-#define GEN_VEXT_VX_RM(NAME)  \
+#define GEN_VEXT_VX_RM(NAME, ESZ) \
 void HELPER(NAME)(void *vd, void *v0, target_ulong s1,\
 void *vs2, CPURISCVState *env, uint32_t desc) \
 { \
 vext_vx_rm_2(vd, v0, s1, vs2, env, desc,  \
- do_##NAME);  \
+ do_##NAME, ESZ); \
 }
 
 RVVCALL(OPIVX2_RM, vsaddu_vx_b, OP_UUU_B, H1, H1, saddu8)
 RVVCALL(OPIVX2_RM, vsaddu_vx_h, OP_UUU_H, H2, H2, saddu16)
 RVVCALL(OPIVX2_RM, vsaddu_vx_w, OP_UUU_W, H4, H4, saddu32)
 RVVCALL(OPIVX2_RM, vsaddu_vx_d, OP_UUU_D, H8, H8, saddu64)
-GEN_VEXT_VX_RM(vsaddu_vx_b)
-GEN_VEXT_VX_RM(vsaddu_vx_h)
-GEN_VEXT_VX_RM(vsaddu_vx_w)
-GEN_VEXT_VX_RM(vsaddu_vx_d)
+GEN_VEXT_VX_RM(vsaddu_vx_b, 1)
+GEN_VEXT_VX_RM(vsaddu_vx_h, 2)
+GEN_VEXT_VX_RM(vsaddu_vx_w, 4)
+GEN_VEXT_VX_RM(vsaddu_vx_d, 8)
 
 static inline int8_t sadd8(CPURISCVState *env, int vxrm, int8_t a, int8_t b)
 {
@@ -2306,19 +2314,19 @@ RVVCALL(OPIVV2_RM, vsadd_vv_b, OP_SSS_B, H1, H1, H1, 
sadd8)
 RVVCALL(OPIVV2_RM, vsadd_vv_h, OP_SSS_H, H2, H2, H2, sadd16)
 RVVCALL(OPIVV2_RM, vsadd_vv_w, OP_SSS_W, H4, H4, H4, sadd32)
 RVVCALL(OPIVV2_RM, vsadd_vv_d, OP_SSS_D, H8, H8, H8, sadd64)
-GEN_VEXT_VV_RM(vsadd_vv_b)
-GEN_VEXT_VV_RM(vsadd_vv_h)
-GEN_VEXT_VV_RM(vsadd_vv_w)
-GEN_VEXT_VV_RM(vsadd_vv_d)
+GEN_VEXT_VV_RM(vsadd_vv_b, 1)
+GEN_VEXT_VV_RM(vsadd_vv_h, 2)
+GEN_VEXT_VV_RM(vsadd_vv_w, 4)
+GEN_VEXT_VV_RM(vsadd_vv_d, 8)
 
 RVVCALL(OPIVX2_RM, vsadd_vx_b, OP_SSS_B, H1, H1, sadd8)
 RVVCALL(OPIVX2_RM, vsadd_vx_h, OP_SSS_H, H2, H2, sadd16)
 RVVCALL(OPIVX2_RM, vsadd_vx_w, OP_SSS_W, H4, H4,

Re: [RFC PATCH v2 4/8] net: stream: Don't ignore EINVAL on netdev socket connection

[Daniel P . Berrangé]

On Thu, May 12, 2022 at 10:09:28AM +0200, Laurent Vivier wrote:
> From: Stefano Brivio 
> 
> Other errors are treated as failure by net_stream_client_init(),
> but if connect() returns EINVAL, we'll fail silently. Remove the
> related exception.
> 
> Signed-off-by: Stefano Brivio 
> [lvivier: applied to net/stream.c]
> Signed-off-by: Laurent Vivier 
> ---
>  net/stream.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)

Reviewed-by: Daniel P. Berrangé 


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

[PATCH qemu v3 01/10] target/riscv: rvv: Add mask agnostic for vv instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

According to v-spec, mask agnostic behavior can be either kept as
undisturbed or set elements' bits to all 1s. To distinguish the
difference of mask policies, QEMU should be able to simulate the mask
agnostic behavior as "set mask elements' bits to all 1s".

There are multiple possibility for agnostic elements according to
v-spec. The main intent of this patch-set tries to add option that
can distinguish between mask policies. Setting agnostic elements to
all 1s allows QEMU to express this.

This is the first commit regarding the optional mask agnostic
behavior. Follow-up commits will add this optional behavior
for all rvv instructions.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/cpu.h  | 2 ++
 target/riscv/cpu_helper.c   | 2 ++
 target/riscv/insn_trans/trans_rvv.c.inc | 3 +++
 target/riscv/internals.h| 5 +++--
 target/riscv/translate.c| 2 ++
 target/riscv/vector_helper.c| 8 
 6 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index 61552408b5..4bce3798fc 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -406,6 +406,7 @@ struct RISCVCPUConfig {
 bool ext_zve32f;
 bool ext_zve64f;
 bool rvv_ta_all_1s;
+bool rvv_ma_all_1s;
 
 uint32_t mvendorid;
 uint64_t marchid;
@@ -559,6 +560,7 @@ FIELD(TB_FLAGS, XL, 20, 2)
 FIELD(TB_FLAGS, PM_MASK_ENABLED, 22, 1)
 FIELD(TB_FLAGS, PM_BASE_ENABLED, 23, 1)
 FIELD(TB_FLAGS, VTA, 24, 1)
+FIELD(TB_FLAGS, VMA, 25, 1)
 
 #ifdef TARGET_RISCV32
 #define riscv_cpu_mxl(env)  ((void)(env), MXL_RV32)
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index c0641b63cc..ba66b70bd1 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -67,6 +67,8 @@ void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong 
*pc,
 flags = FIELD_DP32(flags, TB_FLAGS, VL_EQ_VLMAX, vl_eq_vlmax);
 flags = FIELD_DP32(flags, TB_FLAGS, VTA,
 FIELD_EX64(env->vtype, VTYPE, VTA));
+flags = FIELD_DP32(flags, TB_FLAGS, VMA,
+FIELD_EX64(env->vtype, VTYPE, VMA));
 } else {
 flags = FIELD_DP32(flags, TB_FLAGS, VILL, 1);
 }
diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 9717cfe657..94a558bf1a 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -1248,6 +1248,7 @@ do_opivv_gvec(DisasContext *s, arg_rmrr *a, GVecGen3Fn 
*gvec_fn,
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs1), vreg_ofs(s, a->rs2),
cpu_env, s->cfg_ptr->vlen / 8,
@@ -1546,6 +1547,7 @@ static bool do_opivv_widen(DisasContext *s, arg_rmrr *a,
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs1),
vreg_ofs(s, a->rs2),
@@ -1628,6 +1630,7 @@ static bool do_opiwv_widen(DisasContext *s, arg_rmrr *a,
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs1),
vreg_ofs(s, a->rs2),
diff --git a/target/riscv/internals.h b/target/riscv/internals.h
index 193ce57a6d..5620fbffb6 100644
--- a/target/riscv/internals.h
+++ b/target/riscv/internals.h
@@ -26,8 +26,9 @@ FIELD(VDATA, VM, 0, 1)
 FIELD(VDATA, LMUL, 1, 3)
 FIELD(VDATA, VTA, 4, 1)
 FIELD(VDATA, VTA_ALL_1S, 5, 1)
-FIELD(VDATA, NF, 6, 4)
-FIELD(VDATA, WD, 6, 1)
+FIELD(VDATA, VMA, 6, 1)
+FIELD(VDATA, NF, 7, 4)
+FIELD(VDATA, WD, 7, 1)
 
 /* float point classify helpers */
 target_ulong fclass_h(uint64_t frs1);
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index 384ffcc0fa..c7e841da1c 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -95,6 +95,7 @@ typedef struct DisasContext {
 int8_t lmul;
 uint8_t sew;
 uint8_t vta;
+uint8_t vma;
 bool cfg_vta_all_1s;
 target_ulong vstart;
 bool vl_eq_vlmax;
@@ -1094,6 +1095,7 @@ static void riscv_tr_init_disas_context(DisasContextBase 
*dcbase, CPUState *cs)
 ctx->sew = FIELD_EX32(tb_flags, TB_FLAGS, SEW);
 ctx->lmul = sextract32(FIELD_EX32(tb_flags, TB_FLA

Re: [PATCH v2] docs/about: Update the support statement for Windows

[Daniel P . Berrangé]

On Thu, May 12, 2022 at 09:39:29AM +0200, Thomas Huth wrote:
> Our support statement for Windows currently talks about "Vista / Server
> 2008" - which is related to the API of Windows, and this is not easy
> to understand for the non-technical users. Additionally, glib sets the
> _WIN32_WINNT macro to 0x0601 already, which indicates the Windows 7 API,
> so QEMU effectively depends on the Windows 7 API, too.
> 
> Thus let's bump the _WIN32_WINNT setting in QEMU to the same level as
> glib uses and adjust our support statement in the documentation to
> something similar that we're using for Linux and the *BSD systems
> (i.e. only the two most recent versions), which should hopefully be
> easier to understand for the users now.
> 
> And since we're nowadays also compile-testing QEMU with MSYS2 on Windows
> itself, I think we could mention this build environment here, too.
> 
> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/880
> Signed-off-by: Thomas Huth 
> ---
>  v2: Rephrase and update the _WIN32_WINNT macro, too
> 
>  docs/about/build-platforms.rst | 14 +-
>  include/qemu/osdep.h   |  2 +-
>  2 files changed, 10 insertions(+), 6 deletions(-)
> 
> diff --git a/docs/about/build-platforms.rst b/docs/about/build-platforms.rst
> index e9163ba556..1958edb430 100644
> --- a/docs/about/build-platforms.rst
> +++ b/docs/about/build-platforms.rst
> @@ -86,11 +86,15 @@ similar versions.
>  Windows
>  ---
>  
> -The project supports building with current versions of the MinGW toolchain,
> -hosted on Linux (Debian/Fedora).
> -
> -The version of the Windows API that's currently targeted is Vista / Server
> -2008.
> +The project aims to support the two most recent versions of Windows that are
> +still supported by the vendor. The minimum Windows API that is currently
> +targeted is "Windows 7", so theoretically the QEMU binaries can still be run
> +on older versions of Windows, too. However, such old versions of Windows are
> +not tested anymore, so it is recommended to use one of the latest versions of
> +Windows instead.
> +
> +The project supports building QEMU with current versions of the MinGW
> +toolchain, either hosted on Linux (Debian/Fedora) or via MSYS2 on Windows.
>  
>  .. _Homebrew: https://brew.sh/
>  .. _MacPorts: https://www.macports.org/
> diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
> index 1c1e7eca98..e2f88597b6 100644
> --- a/include/qemu/osdep.h
> +++ b/include/qemu/osdep.h
> @@ -75,7 +75,7 @@ QEMU_EXTERN_C int daemon(int, int);
>  #ifdef _WIN32
>  /* as defined in sdkddkver.h */
>  #ifndef _WIN32_WINNT
> -#define _WIN32_WINNT 0x0600 /* Vista */
> +#define _WIN32_WINNT 0x0601 /* Windows 7 API */
>  #endif
>  /* reduces the number of implicitly included headers */
>  #ifndef WIN32_LEAN_AND_MEAN

Reviewed-by: Daniel P. Berrangé 

but how about also adding a comment before 'glib_req_ver' in
configure reminding us to bump _WIN32_WINNT, and adding a
comment here reminding us to set this to match the _WIN32_WINNT
in our min glib ?


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

[PATCH qemu v3 03/10] target/riscv: rvv: Add mask agnostic for vx instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/insn_trans/trans_rvv.c.inc | 2 ++
 target/riscv/vector_helper.c| 3 +++
 2 files changed, 5 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 325c5120d4..9558c6edbf 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -1306,6 +1306,7 @@ static bool opivx_trans(uint32_t vd, uint32_t rs1, 
uint32_t vs2, uint32_t vm,
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
 data = FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 desc = tcg_constant_i32(simd_desc(s->cfg_ptr->vlen / 8,
   s->cfg_ptr->vlen / 8, data));
 
@@ -1473,6 +1474,7 @@ static bool opivi_trans(uint32_t vd, uint32_t imm, 
uint32_t vs2, uint32_t vm,
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
 data = FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 desc = tcg_constant_i32(simd_desc(s->cfg_ptr->vlen / 8,
   s->cfg_ptr->vlen / 8, data));
 
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index a92d7dbd3c..d3da1acc0d 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -898,10 +898,13 @@ static void do_vext_vx(void *vd, void *v0, target_long 
s1, void *vs2,
 uint32_t vl = env->vl;
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);
 uint32_t vta = vext_vta(desc);
+uint32_t vma = vext_vma(desc);
 uint32_t i;
 
 for (i = env->vstart; i < vl; i++) {
 if (!vm && !vext_elem_mask(v0, i)) {
+/* set masked-off elements to 1s */
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);
 continue;
 }
 fn(vd, s1, vs2, i);
-- 
2.34.2

[PATCH qemu v3 06/10] target/riscv: rvv: Add mask agnostic for vector fix-point arithmetic instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/vector_helper.c | 26 --
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 429cf2cddb..3825935c70 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -2128,10 +2128,12 @@ static inline void
 vext_vv_rm_1(void *vd, void *v0, void *vs1, void *vs2,
  CPURISCVState *env,
  uint32_t vl, uint32_t vm, int vxrm,
- opivv2_rm_fn *fn)
+ opivv2_rm_fn *fn, uint32_t vma, uint32_t esz)
 {
 for (uint32_t i = env->vstart; i < vl; i++) {
 if (!vm && !vext_elem_mask(v0, i)) {
+/* set masked-off elements to 1s */
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);
 continue;
 }
 fn(vd, vs1, vs2, i, env, vxrm);
@@ -2149,23 +2151,24 @@ vext_vv_rm_2(void *vd, void *v0, void *vs1, void *vs2,
 uint32_t vl = env->vl;
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);
 uint32_t vta = vext_vta(desc);
+uint32_t vma = vext_vma(desc);
 
 switch (env->vxrm) {
 case 0: /* rnu */
 vext_vv_rm_1(vd, v0, vs1, vs2,
- env, vl, vm, 0, fn);
+ env, vl, vm, 0, fn, vma, esz);
 break;
 case 1: /* rne */
 vext_vv_rm_1(vd, v0, vs1, vs2,
- env, vl, vm, 1, fn);
+ env, vl, vm, 1, fn, vma, esz);
 break;
 case 2: /* rdn */
 vext_vv_rm_1(vd, v0, vs1, vs2,
- env, vl, vm, 2, fn);
+ env, vl, vm, 2, fn, vma, esz);
 break;
 default: /* rod */
 vext_vv_rm_1(vd, v0, vs1, vs2,
- env, vl, vm, 3, fn);
+ env, vl, vm, 3, fn, vma, esz);
 break;
 }
 /* set tail elements to 1s */
@@ -2249,10 +2252,12 @@ static inline void
 vext_vx_rm_1(void *vd, void *v0, target_long s1, void *vs2,
  CPURISCVState *env,
  uint32_t vl, uint32_t vm, int vxrm,
- opivx2_rm_fn *fn)
+ opivx2_rm_fn *fn, uint32_t vma, uint32_t esz)
 {
 for (uint32_t i = env->vstart; i < vl; i++) {
 if (!vm && !vext_elem_mask(v0, i)) {
+/* set masked-off elements to 1s */
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);
 continue;
 }
 fn(vd, s1, vs2, i, env, vxrm);
@@ -2270,23 +2275,24 @@ vext_vx_rm_2(void *vd, void *v0, target_long s1, void 
*vs2,
 uint32_t vl = env->vl;
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);
 uint32_t vta = vext_vta(desc);
+uint32_t vma = vext_vma(desc);
 
 switch (env->vxrm) {
 case 0: /* rnu */
 vext_vx_rm_1(vd, v0, s1, vs2,
- env, vl, vm, 0, fn);
+ env, vl, vm, 0, fn, vma, esz);
 break;
 case 1: /* rne */
 vext_vx_rm_1(vd, v0, s1, vs2,
- env, vl, vm, 1, fn);
+ env, vl, vm, 1, fn, vma, esz);
 break;
 case 2: /* rdn */
 vext_vx_rm_1(vd, v0, s1, vs2,
- env, vl, vm, 2, fn);
+ env, vl, vm, 2, fn, vma, esz);
 break;
 default: /* rod */
 vext_vx_rm_1(vd, v0, s1, vs2,
- env, vl, vm, 3, fn);
+ env, vl, vm, 3, fn, vma, esz);
 break;
 }
 /* set tail elements to 1s */
-- 
2.34.2

Re: [PATCH 0/2] s390x: kvm: Honor storage keys during emulation

[Thomas Huth]

On 10/05/2022 15.43, Cornelia Huck wrote:

On Tue, May 10 2022, Janis Schoetterl-Glausch  wrote:


On 5/9/22 10:06, Cornelia Huck wrote:

On Fri, May 06 2022, Janis Schoetterl-Glausch  wrote:


Make use of the storage key support of the MEMOP ioctl, if available,
in order to support storage key checking during emulation.

I did not update all the headers, since that broke the build,
not sure what the best way of dealing with that is.


Yeah, the vfio change is expected to break the build; the fix should be
easy (simple rename), and the code affected is deprecated anyway (there
hasn't been any upstream implementation that actually exposed the
interfaces). I think we should do that in a single commit to preserve
bisectability; I have not seen any patches posted yet to actually use
the new vfio migration interface, so a simple compile fixup should be
all that is needed.


So basically this patch (pasted below)
https://lore.kernel.org/qemu-devel/20220404181726.60291-3-mjros...@linux.ibm.com/
squashed with the updated headers.


Yes. We should probably queue that seperately, just to disarm that trap
for everyone; unless there's already a vfio update in flight? (Sorry, I've
lost track a bit.)


Unless somebody else has queued this already, I can try to come up with a 
separate pull request for the header update today or tomorrow.


 Thomas

[PATCH qemu v3 00/10] Add mask agnostic behavior for rvv instructions

[~eopxd]

According to v-spec, mask agnostic behavior can be either kept as
undisturbed or set elements' bits to all 1s. To distinguish the
difference of mask policies, QEMU should be able to simulate the mask
agnostic behavior as "set mask elements' bits to all 1s".

There are multiple possibility for agnostic elements according to
v-spec. The main intent of this patch-set tries to add option that
can distinguish between mask policies. Setting agnostic elements to
all 1s allows QEMU to express this.

The following instructions that are always unmasked and not affected:

- Vector add-with-carry and subtract-with-borrow instructions
- Vector merge and move instructions
- Vector reduction instructions
- Vector mask-register logical instructions
- `vcompress`

This patch set is based on v17 of patch set "Add tail agnostic behavior
for
rvv instructions".
Based on: <165234397852.32492.120314973852405009...@git.sr.ht>

v2 updates:
- Rebase upon changes of the tail agnostic patch-set
- Minor change for vector load/store instructions

v3 updates:
- Rebase upon changes of the tail agnostic patch-set
- Fix coding style, add missing space
- Trigger `vma` when encountering vector load instructions and not in
  vector stores

Yueh-Ting (eop) Chen (9):
  target/riscv: rvv: Add mask agnostic for vv instructions
  target/riscv: rvv: Add mask agnostic for vector load / store
instructions
  target/riscv: rvv: Add mask agnostic for vx instructions
  target/riscv: rvv: Add mask agnostic for vector integer shift
instructions
  target/riscv: rvv: Add mask agnostic for vector integer comparison
instructions
  target/riscv: rvv: Add mask agnostic for vector fix-point arithmetic
instructions
  target/riscv: rvv: Add mask agnostic for vector floating-point
instructions
  target/riscv: rvv: Add mask agnostic for vector mask instructions
  target/riscv: rvv: Add mask agnostic for vector permutation
instructions

eopXD (1):
  target/riscv: rvv: Add option 'rvv_ma_all_1s' to enable optional mask
agnostic behavior

 target/riscv/cpu.c  |   1 +
 target/riscv/cpu.h  |   2 +
 target/riscv/cpu_helper.c   |   2 +
 target/riscv/insn_trans/trans_rvv.c.inc |  32 +
 target/riscv/internals.h|   5 +-
 target/riscv/translate.c|   2 +
 target/riscv/vector_helper.c| 152 
 7 files changed, 171 insertions(+), 25 deletions(-)

-- 
2.34.2

[PATCH qemu v3 10/10] target/riscv: rvv: Add option 'rvv_ma_all_1s' to enable optional mask agnostic behavior

[~eopxd]

From: eopXD 

According to v-spec, mask agnostic behavior can be either kept as
undisturbed or set elements' bits to all 1s. To distinguish the
difference of mask policies, QEMU should be able to simulate the mask
agnostic behavior as "set mask elements' bits to all 1s".

There are multiple possibility for agnostic elements according to
v-spec. The main intent of this patch-set tries to add option that
can distinguish between mask policies. Setting agnostic elements to
all 1s allows QEMU to express this.

This commit adds option 'rvv_ma_all_1s' is added to enable the
behavior, it is default as disabled.

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/cpu.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 720c8b9e5c..0245844b99 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -880,6 +880,7 @@ static Property riscv_cpu_properties[] = {
 
 DEFINE_PROP_UINT64("resetvec", RISCVCPU, cfg.resetvec, DEFAULT_RSTVEC),
 DEFINE_PROP_BOOL("rvv_ta_all_1s", RISCVCPU, cfg.rvv_ta_all_1s, false),
+DEFINE_PROP_BOOL("rvv_ma_all_1s", RISCVCPU, cfg.rvv_ma_all_1s, false),
 DEFINE_PROP_END_OF_LIST(),
 };
 
-- 
2.34.2

[PATCH qemu v3 02/10] target/riscv: rvv: Add mask agnostic for vector load / store instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  9 +++
 target/riscv/vector_helper.c| 35 +
 2 files changed, 33 insertions(+), 11 deletions(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 94a558bf1a..325c5120d4 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -712,6 +712,7 @@ static bool ld_us_op(DisasContext *s, arg_r2nfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, false);
 }
 
@@ -750,6 +751,7 @@ static bool st_us_op(DisasContext *s, arg_r2nfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, true);
 }
 
@@ -778,6 +780,7 @@ static bool ld_us_mask_op(DisasContext *s, arg_vlm_v *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, NF, 1);
 /* Mask destination register are always tail-agnostic */
 data = FIELD_DP32(data, VDATA, VTA, s->cfg_vta_all_1s);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, false);
 }
 
@@ -797,6 +800,7 @@ static bool st_us_mask_op(DisasContext *s, arg_vsm_v *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, NF, 1);
 /* Mask destination register are always tail-agnostic */
 data = FIELD_DP32(data, VDATA, VTA, s->cfg_vta_all_1s);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldst_us_trans(a->rd, a->rs1, data, fn, s, true);
 }
 
@@ -869,6 +873,7 @@ static bool ld_stride_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldst_stride_trans(a->rd, a->rs1, a->rs2, data, fn, s, false);
 }
 
@@ -899,6 +904,7 @@ static bool st_stride_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 fn = fns[eew];
 if (fn == NULL) {
 return false;
@@ -1000,6 +1006,7 @@ static bool ld_index_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldst_index_trans(a->rd, a->rs1, a->rs2, data, fn, s, false);
 }
 
@@ -1053,6 +1060,7 @@ static bool st_index_op(DisasContext *s, arg_rnfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldst_index_trans(a->rd, a->rs1, a->rs2, data, fn, s, true);
 }
 
@@ -1119,6 +1127,7 @@ static bool ldff_op(DisasContext *s, arg_r2nfvm *a, 
uint8_t eew)
 data = FIELD_DP32(data, VDATA, LMUL, emul);
 data = FIELD_DP32(data, VDATA, NF, a->nf);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 return ldff_trans(a->rd, a->rs1, data, fn, s);
 }
 
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index a82ca2fe5a..a92d7dbd3c 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -282,14 +282,18 @@ vext_ldst_stride(void *vd, void *v0, target_ulong base,
 uint32_t esz = 1 << log2_esz;
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);
 uint32_t vta = vext_vta(desc) & is_load;
+uint32_t vma = vext_vma(desc) & is_load;
 
 for (i = env->vstart; i < env->vl; i++, env->vstart++) {
-if (!vm && !vext_elem_mask(v0, i)) {
-continue;
-}
-
 k = 0;
 while (k < nf) {
+if (!vm && !vext_elem_mask(v0, i)) {
+/* set masked-off elements to 1s */
+vext_set_elems_1s(vd, vma, (i + k * max_elems) * esz,
+  (i + k * max_elems + 1) * esz);
+k++;
+continue;
+}
 target_ulong addr = base + stride * i + (k << log2_esz);
 ldst_elem(env, adjust_addr(env, addr), i + k * max_elems, vd, ra);
 k++;
@@ -481,15 +485,19 @@ vext_ldst_index(void *vd, void *v0, target_ulong base,
 uint32_t esz = 1 << log2_esz;
 uint32_t total_elems = vext_get_total_elem

[PATCH qemu v3 09/10] target/riscv: rvv: Add mask agnostic for vector permutation instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  1 +
 target/riscv/vector_helper.c| 26 +++--
 2 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index e25d5bb8d8..26b2df009c 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -3888,6 +3888,7 @@ static bool int_ext_op(DisasContext *s, arg_rmr *a, 
uint8_t seq)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 
 tcg_gen_gvec_3_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs2), cpu_env,
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 09a32c7432..f95967df99 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -5017,11 +5017,14 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2, \
 uint32_t esz = sizeof(ETYPE); \
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
 uint32_t vta = vext_vta(desc);\
+uint32_t vma = vext_vma(desc);\
 target_ulong offset = s1, i_min, i;   \
   \
 i_min = MAX(env->vstart, offset); \
 for (i = i_min; i < vl; i++) {\
 if (!vm && !vext_elem_mask(v0, i)) {  \
+/* set masked-off elements to 1s */   \
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);   \
 continue; \
 } \
 *((ETYPE *)vd + H(i)) = *((ETYPE *)vs2 + H(i - offset));  \
@@ -5046,13 +5049,17 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2, \
 uint32_t esz = sizeof(ETYPE); \
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
 uint32_t vta = vext_vta(desc);\
+uint32_t vma = vext_vma(desc);\
 target_ulong i_max, i;\
   \
 i_max = MAX(MIN(s1 < vlmax ? vlmax - s1 : 0, vl), env->vstart);   \
 for (i = env->vstart; i < i_max; ++i) {   \
-if (vm || vext_elem_mask(v0, i)) {\
-*((ETYPE *)vd + H(i)) = *((ETYPE *)vs2 + H(i + s1));  \
+if (!vm && !vext_elem_mask(v0, i)) {  \
+/* set masked-off elements to 1s */   \
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);   \
+continue; \
 } \
+*((ETYPE *)vd + H(i)) = *((ETYPE *)vs2 + H(i + s1));  \
 } \
   \
 for (i = i_max; i < vl; ++i) {\
@@ -5082,10 +5089,13 @@ static void vslide1up_##BITWIDTH(void *vd, void *v0, 
target_ulong s1,   \
 uint32_t esz = sizeof(ETYPE);   \
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);\
 uint32_t vta = vext_vta(desc);  \
+uint32_t vma = vext_vma(desc);  \
 uint32_t i; \
 \
 for (i = env->vstart; i < vl; i++) {\
 if (!vm && !vext_elem_mask(v0, i)) {\
+/* set masked-off elements to 1s */ \
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz); \
 continue;   \
 }   \
 if (i == 0) {   \
@@ -5127,10 +5137,13 @@ static void vsl

Re: [PATCH] Remove Ubuntu 18.04 support from the repository

[Philippe Mathieu-Daudé via]

On Wed, May 11, 2022 at 1:15 PM Thomas Huth  wrote:
> On 11/05/2022 13.13, Philippe Mathieu-Daudé wrote:
> > On Wed, May 11, 2022 at 1:03 PM Thomas Huth  wrote:
> >> On 11/05/2022 12.46, Philippe Mathieu-Daudé wrote:
> >>>On Wed, May 11, 2022 at 11:30 AM Daniel P. Berrangé
> >>>  wrote:
>  On Tue, May 10, 2022 at 09:56:12PM +0200, Thomas Huth wrote:
> > According to our "Supported build platforms" policy, we now do not 
> > support
> > Ubuntu 18.04 anymore. Remove the related files and entries from our CI.
> >
> > Signed-off-by: Thomas Huth 
> > ---
> >Seems like nobody touched the 18.04-based tests/vm/ubuntu* files in a
> >very long time, so I assume these are not used anymore and can 
> > completely
> >be removed now.
> 
>  Or it could mean that they are working fine and so haven't needed
>  changes...
> >>>
> >>> Yes :)
> >>
> >> At least for me "make vm-build-ubuntu.aarch64" is only failing with ssh
> >> timeouts (on my x86 laptop) ... is this really supposed to work with TCG, 
> >> or
> >> is this KVM (on arm hosts) only?
> >
> > Yes this timeout code is not working. I suppose it is tied to the TCG host 
> > perf.
> > I suggested a pair of patches to increase it but back then Fam didn't 
> > accepted
> > them because IIRC these VMs were used by patchew (previous to Gitlab).
> > Today we have better framework for testing, so I wouldn't use this script on
> > CI, but it is still valuable for manual testing.
> >
> > Robert's email doesn't work anymore. Since I don't have x86 workstation
> > anymore, I'll probably use these tests/vm for testing. So let me add a
> > "upgrade tests/vm/ubuntu to 22.04" to my TODO list. If I fail and nobody
> > miss them, then I won't object to remove them.

So, 18.04 is the latest LTS release for 32-bit x86 (i386).

IIRC we used this 32-bit VM to reproduce bugs only triggered on 32-bit hosts
(while it seems obvious, what is not obvious is that very few developers run
on 32-bit hosts, so I'm not sure how long we are interested in avoiding bugs
there). See i.e.:
https://lore.kernel.org/qemu-devel/07a865e0-d535-9a19-cf29-f90984bcd...@amsat.org/

> All right, I'll respin my patch with the VMs excluded (and containers moved
> to a separate patch).
>
>   Thomas
>
>

[PATCH qemu v3 07/10] target/riscv: rvv: Add mask agnostic for vector floating-point instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/insn_trans/trans_rvv.c.inc | 12 
 target/riscv/vector_helper.c| 26 +
 2 files changed, 38 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index ae498f6db0..3286b822c3 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -2358,6 +2358,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
 data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
 data = \
 FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);\
+data = FIELD_DP32(data, VDATA, VMA, s->vma);   \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
@@ -2443,6 +2444,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
\
 data = FIELD_DP32(data, VDATA, VTA, s->vta);  \
 data = FIELD_DP32(data, VDATA, VTA_ALL_1S,\
   s->cfg_vta_all_1s); \
+data = FIELD_DP32(data, VDATA, VMA, s->vma);  \
 return opfvf_trans(a->rd, a->rs1, a->rs2, data,   \
fns[s->sew - 1], s);   \
 } \
@@ -2482,6 +2484,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
   \
 data = FIELD_DP32(data, VDATA, VM, a->vm);   \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);   \
 data = FIELD_DP32(data, VDATA, VTA, s->vta); \
+data = FIELD_DP32(data, VDATA, VMA, s->vma); \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),   \
vreg_ofs(s, a->rs1),  \
vreg_ofs(s, a->rs2), cpu_env, \
@@ -2522,6 +2525,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
   \
 data = FIELD_DP32(data, VDATA, VM, a->vm);   \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);   \
 data = FIELD_DP32(data, VDATA, VTA, s->vta); \
+data = FIELD_DP32(data, VDATA, VMA, s->vma); \
 return opfvf_trans(a->rd, a->rs1, a->rs2, data,  \
fns[s->sew - 1], s);  \
 }\
@@ -2559,6 +2563,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
 data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
+data = FIELD_DP32(data, VDATA, VMA, s->vma);   \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
@@ -2599,6 +2604,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
   \
 data = FIELD_DP32(data, VDATA, VM, a->vm);   \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);   \
 data = FIELD_DP32(data, VDATA, VTA, s->vta); \
+data = FIELD_DP32(data, VDATA, VMA, s->vma); \
 return opfvf_trans(a->rd, a->rs1, a->rs2, data,  \
fns[s->sew - 1], s);  \
 }\
@@ -2683,6 +2689,7 @@ static bool do_opfv(DisasContext *s, arg_rmr *a,
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 tcg_gen_gvec_3_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0),
vreg_ofs(s, a->rs2), cpu_env,
s->cfg_ptr->vlen / 8,
@@ -2787,6 +2794,7 @@ static bool trans_vfmv_v_f(DisasContext *s, arg_vfmv_v_f 
*a)
 TCGv_i32 desc;
 uint32_t data = FIELD_DP32(0, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 static gen_helper_vmv_vx * const fns[3] = {
 gen_helper_vmv_v_x_h,
 gen_helper_vmv_v_x_w,
@@ -2888,6 +2896,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmr *a) 
 \
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data 

[PATCH qemu v3 04/10] target/riscv: rvv: Add mask agnostic for vector integer shift instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/insn_trans/trans_rvv.c.inc | 1 +
 target/riscv/vector_helper.c| 7 +++
 2 files changed, 8 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 9558c6edbf..e41e85f4f0 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -1906,6 +1906,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
 data = FIELD_DP32(data, VDATA, VM, a->vm); \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
 data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
+data = FIELD_DP32(data, VDATA, VMA, s->vma);   \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index d3da1acc0d..2d3fcaefc9 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -1297,10 +1297,13 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1,
  \
 uint32_t esz = sizeof(TS1);   \
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
 uint32_t vta = vext_vta(desc);\
+uint32_t vma = vext_vma(desc);\
 uint32_t i;   \
   \
 for (i = env->vstart; i < vl; i++) {  \
 if (!vm && !vext_elem_mask(v0, i)) {  \
+/* set masked-off elements to 1s */   \
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);   \
 continue; \
 } \
 TS1 s1 = *((TS1 *)vs1 + HS1(i));  \
@@ -1338,10 +1341,14 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1,  
\
 uint32_t total_elems =  \
 vext_get_total_elems(env, desc, esz);   \
 uint32_t vta = vext_vta(desc);  \
+uint32_t vma = vext_vma(desc);  \
 uint32_t i; \
 \
 for (i = env->vstart; i < vl; i++) {\
 if (!vm && !vext_elem_mask(v0, i)) {\
+/* set masked-off elements to 1s */ \
+vext_set_elems_1s(vd, vma, i * esz, \
+  (i + 1) * esz);   \
 continue;   \
 }   \
 TS2 s2 = *((TS2 *)vs2 + HS2(i));\
-- 
2.34.2

[PATCH qemu v3 05/10] target/riscv: rvv: Add mask agnostic for vector integer comparison instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  1 +
 target/riscv/vector_helper.c| 10 ++
 2 files changed, 11 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index e41e85f4f0..ae498f6db0 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -1723,6 +1723,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmrr *a)
 \
 data = FIELD_DP32(data, VDATA, VTA, s->vta);   \
 data = \
 FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);\
+data = FIELD_DP32(data, VDATA, VMA, s->vma);   \
 tcg_gen_gvec_4_ptr(vreg_ofs(s, a->rd), vreg_ofs(s, 0), \
vreg_ofs(s, a->rs1),\
vreg_ofs(s, a->rs2), cpu_env,   \
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index 2d3fcaefc9..429cf2cddb 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -1403,12 +1403,17 @@ void HELPER(NAME)(void *vd, void *v0, void *vs1, void 
*vs2,   \
 uint32_t vl = env->vl;\
 uint32_t total_elems = env_archcpu(env)->cfg.vlen;\
 uint32_t vta_all_1s = vext_vta_all_1s(desc);  \
+uint32_t vma = vext_vma(desc);\
 uint32_t i;   \
   \
 for (i = env->vstart; i < vl; i++) {  \
 ETYPE s1 = *((ETYPE *)vs1 + H(i));\
 ETYPE s2 = *((ETYPE *)vs2 + H(i));\
 if (!vm && !vext_elem_mask(v0, i)) {  \
+/* set masked-off elements to 1s */   \
+if (vma) {\
+vext_set_elem_mask(vd, i, 1); \
+} \
 continue; \
 } \
 vext_set_elem_mask(vd, i, DO_OP(s2, s1)); \
@@ -1461,11 +1466,16 @@ void HELPER(NAME)(void *vd, void *v0, target_ulong s1, 
void *vs2,   \
 uint32_t vl = env->vl;  \
 uint32_t total_elems = env_archcpu(env)->cfg.vlen;  \
 uint32_t vta_all_1s = vext_vta_all_1s(desc);\
+uint32_t vma = vext_vma(desc);  \
 uint32_t i; \
 \
 for (i = env->vstart; i < vl; i++) {\
 ETYPE s2 = *((ETYPE *)vs2 + H(i));  \
 if (!vm && !vext_elem_mask(v0, i)) {\
+/* set masked-off elements to 1s */ \
+if (vma) {  \
+vext_set_elem_mask(vd, i, 1);   \
+}   \
 continue;   \
 }   \
 vext_set_elem_mask(vd, i,   \
-- 
2.34.2

Re: [PATCH] Remove Ubuntu 18.04 support from the repository

[Daniel P . Berrangé]

On Thu, May 12, 2022 at 11:14:45AM +0200, Philippe Mathieu-Daudé wrote:
> On Wed, May 11, 2022 at 1:15 PM Thomas Huth  wrote:
> > On 11/05/2022 13.13, Philippe Mathieu-Daudé wrote:
> > > On Wed, May 11, 2022 at 1:03 PM Thomas Huth  wrote:
> > >> On 11/05/2022 12.46, Philippe Mathieu-Daudé wrote:
> > >>>On Wed, May 11, 2022 at 11:30 AM Daniel P. Berrangé
> > >>>  wrote:
> >  On Tue, May 10, 2022 at 09:56:12PM +0200, Thomas Huth wrote:
> > > According to our "Supported build platforms" policy, we now do not 
> > > support
> > > Ubuntu 18.04 anymore. Remove the related files and entries from our 
> > > CI.
> > >
> > > Signed-off-by: Thomas Huth 
> > > ---
> > >Seems like nobody touched the 18.04-based tests/vm/ubuntu* files 
> > > in a
> > >very long time, so I assume these are not used anymore and can 
> > > completely
> > >be removed now.
> > 
> >  Or it could mean that they are working fine and so haven't needed
> >  changes...
> > >>>
> > >>> Yes :)
> > >>
> > >> At least for me "make vm-build-ubuntu.aarch64" is only failing with ssh
> > >> timeouts (on my x86 laptop) ... is this really supposed to work with 
> > >> TCG, or
> > >> is this KVM (on arm hosts) only?
> > >
> > > Yes this timeout code is not working. I suppose it is tied to the TCG 
> > > host perf.
> > > I suggested a pair of patches to increase it but back then Fam didn't 
> > > accepted
> > > them because IIRC these VMs were used by patchew (previous to Gitlab).
> > > Today we have better framework for testing, so I wouldn't use this script 
> > > on
> > > CI, but it is still valuable for manual testing.
> > >
> > > Robert's email doesn't work anymore. Since I don't have x86 workstation
> > > anymore, I'll probably use these tests/vm for testing. So let me add a
> > > "upgrade tests/vm/ubuntu to 22.04" to my TODO list. If I fail and nobody
> > > miss them, then I won't object to remove them.
> 
> So, 18.04 is the latest LTS release for 32-bit x86 (i386).
> 
> IIRC we used this 32-bit VM to reproduce bugs only triggered on 32-bit hosts
> (while it seems obvious, what is not obvious is that very few developers run
> on 32-bit hosts, so I'm not sure how long we are interested in avoiding bugs
> there). See i.e.:
> https://lore.kernel.org/qemu-devel/07a865e0-d535-9a19-cf29-f90984bcd...@amsat.org/

At some point we'll need to just admit 32-bit host is dead, and that
point is getting ever closer. For now though, if we need a VM for
32-bit testing, the easiest answer is probably to tweak the VM config to
be Debian based, as that's functionally closest to what Ubuntu provides
and so likely not too much work.

With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH 0/5] gicv3: Use right number of prio bits for the CPU

[Peter Maydell]

On Sat, 7 May 2022 at 12:35, Richard Henderson
 wrote:
>
> On 5/6/22 11:21, Peter Maydell wrote:
> > This patchset fills in an odd inconsistency in our GICv3 emulation
> > that I noticed while I was doing the GICv4 work. At the moment we
> > allow the CPU to specify the number of bits of virtual priority
> > (via the ARMCPU::gic_vpribits field), but we always use 8 bits of
> > physical priority, even though to my knowledge no real Arm CPU
> > hardware has that many.
> >
> > This series makes the GICv3 emulation use a runtime-configurable
> > number of physical priority bits, and sets it to match the number
> > used by the various CPUs we implement (which is 5 for all the
> > Cortex-Axx CPUs we emulate). Because changing the number of
> > priority bits is a migration compatibility break, we use a compat
> > property to keep the number of priority bits at 8 for older
> > versions of the virt board.
> >
> > There is one TODO left in this series, which is that I don't know
> > the right value to use for the A64FX, so I've guessed that it
> > is 5, like all the Arm implementations.
> >
> > Patch 1 is an independent bugfix; patch 5 is cleanup.
> >
> > thanks
> > -- PMM
> >
> > Peter Maydell (5):
> >hw/intc/arm_gicv3: report correct PRIbits field in ICV_CTLR_EL1
> >hw/intc/arm_gicv3_kvm.c: Stop using GIC_MIN_BPR constant
> >hw/intc/arm_gicv3: Support configurable number of physical priority
> >  bits
> >hw/intc/arm_gicv3: Use correct number of priority bits for the CPU
> >hw/intc/arm_gicv3: Provide ich_num_aprs()
> >
>
> Reviewed-by: Richard Henderson 

Thanks; I've applied this to target-arm.next, with the 'TODO' note
for the A64FX removed, with the "retain local variable" tweak in
the last patch made, and with "cpu->gic_pribits = 5" statements added
for the new cortex-a76 and neoverse-n1 CPU types (confirmed correct
via their TRMs).

-- PMM

[PATCH qemu v3 08/10] target/riscv: rvv: Add mask agnostic for vector mask instructions

[~eopxd]

From: Yueh-Ting (eop) Chen 

Signed-off-by: eop Chen 
Reviewed-by: Frank Chang 
Reviewed-by: Weiwei Li 
---
 target/riscv/insn_trans/trans_rvv.c.inc |  3 +++
 target/riscv/vector_helper.c| 11 +++
 2 files changed, 14 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvv.c.inc 
b/target/riscv/insn_trans/trans_rvv.c.inc
index 3286b822c3..e25d5bb8d8 100644
--- a/target/riscv/insn_trans/trans_rvv.c.inc
+++ b/target/riscv/insn_trans/trans_rvv.c.inc
@@ -3272,6 +3272,7 @@ static bool trans_##NAME(DisasContext *s, arg_rmr *a) 
 \
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul); \
 data = \
 FIELD_DP32(data, VDATA, VTA_ALL_1S, s->cfg_vta_all_1s);\
+data = FIELD_DP32(data, VDATA, VMA, s->vma);   \
 tcg_gen_gvec_3_ptr(vreg_ofs(s, a->rd), \
vreg_ofs(s, 0), vreg_ofs(s, a->rs2),\
cpu_env, s->cfg_ptr->vlen / 8,  \
@@ -3310,6 +3311,7 @@ static bool trans_viota_m(DisasContext *s, arg_viota_m *a)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 static gen_helper_gvec_3_ptr * const fns[4] = {
 gen_helper_viota_m_b, gen_helper_viota_m_h,
 gen_helper_viota_m_w, gen_helper_viota_m_d,
@@ -3340,6 +3342,7 @@ static bool trans_vid_v(DisasContext *s, arg_vid_v *a)
 data = FIELD_DP32(data, VDATA, VM, a->vm);
 data = FIELD_DP32(data, VDATA, LMUL, s->lmul);
 data = FIELD_DP32(data, VDATA, VTA, s->vta);
+data = FIELD_DP32(data, VDATA, VMA, s->vma);
 static gen_helper_gvec_2_ptr * const fns[4] = {
 gen_helper_vid_v_b, gen_helper_vid_v_h,
 gen_helper_vid_v_w, gen_helper_vid_v_d,
diff --git a/target/riscv/vector_helper.c b/target/riscv/vector_helper.c
index f0f3241174..09a32c7432 100644
--- a/target/riscv/vector_helper.c
+++ b/target/riscv/vector_helper.c
@@ -4878,11 +4878,16 @@ static void vmsetm(void *vd, void *v0, void *vs2, 
CPURISCVState *env,
 uint32_t vl = env->vl;
 uint32_t total_elems = env_archcpu(env)->cfg.vlen;
 uint32_t vta_all_1s = vext_vta_all_1s(desc);
+uint32_t vma = vext_vma(desc);
 int i;
 bool first_mask_bit = false;
 
 for (i = env->vstart; i < vl; i++) {
 if (!vm && !vext_elem_mask(v0, i)) {
+/* set masked-off elements to 1s */
+if (vma) {
+vext_set_elem_mask(vd, i, 1);
+}
 continue;
 }
 /* write a zero to all following active elements */
@@ -4943,11 +4948,14 @@ void HELPER(NAME)(void *vd, void *v0, void *vs2, 
CPURISCVState *env,  \
 uint32_t esz = sizeof(ETYPE); \
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
 uint32_t vta = vext_vta(desc);\
+uint32_t vma = vext_vma(desc);\
 uint32_t sum = 0; \
 int i;\
   \
 for (i = env->vstart; i < vl; i++) {  \
 if (!vm && !vext_elem_mask(v0, i)) {  \
+/* set masked-off elements to 1s */   \
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);   \
 continue; \
 } \
 *((ETYPE *)vd + H(i)) = sum;  \
@@ -4974,10 +4982,13 @@ void HELPER(NAME)(void *vd, void *v0, CPURISCVState 
*env, uint32_t desc)  \
 uint32_t esz = sizeof(ETYPE); \
 uint32_t total_elems = vext_get_total_elems(env, desc, esz);  \
 uint32_t vta = vext_vta(desc);\
+uint32_t vma = vext_vma(desc);\
 int i;\
   \
 for (i = env->vstart; i < vl; i++) {  \
 if (!vm && !vext_elem_mask(v0, i)) {  \
+/* set masked-off elements to 1s */   \
+vext_set_elems_1s(vd, vma, i * esz, (i + 1) * esz);   \
 continue; \
 } \
   

Re: [PATCH] qapi: make machine type deprecation a warning

[Markus Armbruster]

Paolo Bonzini  writes:

> On 5/11/22 20:44, Markus Armbruster wrote:
>> Paolo Bonzini  writes:
>> 
>>> Signed-off-by: Paolo Bonzini 
>>> ---
>>>   softmmu/vl.c | 2 +-
>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/softmmu/vl.c b/softmmu/vl.c
>>> index c2919579fd..fbef0f5c5f 100644
>>> --- a/softmmu/vl.c
>>> +++ b/softmmu/vl.c
>>> @@ -3723,7 +3723,7 @@ void qemu_init(int argc, char **argv, char **envp)
>>> machine_class = MACHINE_GET_CLASS(current_machine);
>>>   if (!qtest_enabled() && machine_class->deprecation_reason) {
>>> -error_report("Machine type '%s' is deprecated: %s",
>>> +warn_report("Machine type '%s' is deprecated: %s",
>>>machine_class->name, 
>>> machine_class->deprecation_reason);
>>>   }
>>
>> Anti-pattern: error_report() not followed by "fail function".
>
> Good point, thanks for writing it down... That's what I couldn't put
> my fingers on (hence the scant commit message).  I'll augment the
> commit message with the following:
>
> error_report should generally be followed by a failure; if we can
> proceed anyway, that is just a warning and should be communicated
> properly to the user with warn_report.

Good!

[...]

Re: [RFC 00/18] vfio: Adopt iommufd

[zhangfei....@foxmail.com]

Hi, Yi

On 2022/5/11 下午10:17, zhangfei@foxmail.com wrote:



On 2022/5/10 下午10:08, Yi Liu wrote:

On 2022/5/10 20:45, Jason Gunthorpe wrote:

On Tue, May 10, 2022 at 08:35:00PM +0800, Zhangfei Gao wrote:

Thanks Yi and Eric,
Then will wait for the updated iommufd kernel for the PCI MMIO region.

Another question,
How to get the iommu_domain in the ioctl.


The ID of the iommu_domain (called the hwpt) it should be returned by
the vfio attach ioctl.


yes, hwpt_id is returned by the vfio attach ioctl and recorded in
qemu. You can query page table related capabilities with this id.

https://lore.kernel.org/kvm/20220414104710.28534-16-yi.l@intel.com/


Thanks Yi,

Do we use iommufd_hw_pagetable_from_id in kernel?

The qemu send hwpt_id via ioctl.
Currently VFIOIOMMUFDContainer has hwpt_list,
Which member is good to save hwpt_id, IOMMUTLBEntry?


Can VFIOIOMMUFDContainer  have multi hwpt?
Since VFIOIOMMUFDContainer has hwpt_list now.
If so, how to get specific hwpt from map/unmap_notify in hw/vfio/as.c, 
where no vbasedev can be used for compare.


I am testing with a workaround, adding VFIOIOASHwpt *hwpt in 
VFIOIOMMUFDContainer.

And save hwpt when vfio_device_attach_container.




In kernel ioctl: iommufd_vfio_ioctl
@dev: Device to get an iommu_domain for
iommufd_hw_pagetable_from_id(struct iommufd_ctx *ictx, u32 pt_id, 
struct device *dev)

But iommufd_vfio_ioctl seems no para dev?


We can set dev=Null since IOMMUFD_OBJ_HW_PAGETABLE does not need dev.
iommufd_hw_pagetable_from_id(ictx, hwpt_id, NULL)

Thanks

Re: [PATCH v2 0/5] hw/nvme: fix namespace identifiers

[Klaus Jensen]

On Apr 29 10:33, Klaus Jensen wrote:
> From: Klaus Jensen 
> 
> The namespace identifiers reported by the controller is kind of a mess.
> See [1,2].
> 
> This series should fix this for both the `-device nvme,drive=...` and
> `-device nvme-ns,...` cases.
> 
>   [1]: https://lore.kernel.org/linux-nvme/20220224192845.1097602-1-...@lst.de/
>   [2]: https://lore.kernel.org/linux-nvme/20220413044905.376785-1-...@lst.de/
> 
> Changes since v1:
>  - Revert auto-generation of eui64 (Christoph)
>User should set it explicitly.
> 
> Klaus Jensen (5):
>   hw/nvme: enforce common serial per subsystem
>   hw/nvme: do not auto-generate eui64
>   hw/nvme: do not auto-generate uuid
>   hw/nvme: do not report null uuid
>   hw/nvme: bump firmware revision
> 
>  docs/about/deprecated.rst |  7 +++
>  hw/core/machine.c |  4 +++-
>  hw/nvme/ctrl.c| 19 ---
>  hw/nvme/ns.c  |  4 ++--
>  hw/nvme/nvme.h|  1 +
>  hw/nvme/subsys.c  |  7 +++
>  6 files changed, 28 insertions(+), 14 deletions(-)
> 
> -- 
> 2.35.1
> 

Thanks for the reviews! Applied to nvme-next.


signature.asc
Description: PGP signature

Re: [PATCH 2/2] coroutine: Revert to constant batch size

[Kevin Wolf]

Am 12.05.2022 um 08:56 hat 成川 弘樹 geschrieben:
> Thank you for your fix.
> 
> I confirmed that after applying this patch, my intended performance
> improvement by 4c41c69e is still kept in our environment.

This is good news. Thank you for testing the patch!

Kevin

[PATCH] hw/nvme: clear aen mask on reset

[Klaus Jensen]

From: Klaus Jensen 

The internally maintained AEN mask is not cleared on reset. Fix this.

Signed-off-by: Klaus Jensen 
---
 hw/nvme/ctrl.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
index 1e6e0fcad918..4c8200dfb859 100644
--- a/hw/nvme/ctrl.c
+++ b/hw/nvme/ctrl.c
@@ -5889,6 +5889,7 @@ static void nvme_ctrl_reset(NvmeCtrl *n)
 }
 
 n->aer_queued = 0;
+n->aer_mask = 0;
 n->outstanding_aers = 0;
 n->qs_created = false;
 }
-- 
2.36.0

Re: [PATCH v5 7/9] test/crypto: Add test suite for crypto akcipher

[Daniel P . Berrangé]

On Thu, Apr 28, 2022 at 09:59:41PM +0800, zhenwei pi wrote:
> From: Lei He 
> 
> Add unit test and benchmark test for crypto akcipher.
> 
> Signed-off-by: lei he 
> Signed-off-by: zhenwei pi 
> Reviewed-by: Daniel P. Berrangé 
> ---
>  tests/bench/benchmark-crypto-akcipher.c | 157 ++
>  tests/bench/meson.build |   4 +
>  tests/bench/test_akcipher_keys.inc  | 537 ++
>  tests/unit/meson.build  |   1 +
>  tests/unit/test-crypto-akcipher.c   | 711 
>  5 files changed, 1410 insertions(+)
>  create mode 100644 tests/bench/benchmark-crypto-akcipher.c
>  create mode 100644 tests/bench/test_akcipher_keys.inc
>  create mode 100644 tests/unit/test-crypto-akcipher.c


> diff --git a/tests/bench/meson.build b/tests/bench/meson.build
> index 00b3c209dc..f793d972b6 100644
> --- a/tests/bench/meson.build
> +++ b/tests/bench/meson.build
> @@ -23,6 +23,10 @@ if have_block
>}
>  endif
>  
> +benchs += {
> +'benchmark-crypto-akcipher': [crypto],
> +}

This needs to moved above a bit to be include the 'if have_block'
section above, otherwise it breaks the build when using --disable-system


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH v5 4/9] crypto: add ASN.1 DER decoder

[Daniel P . Berrangé]

On Thu, Apr 28, 2022 at 09:59:38PM +0800, zhenwei pi wrote:
> From: Lei He 
> 
> Add an ANS.1 DER decoder which is used to parse asymmetric
> cipher keys
> 
> Signed-off-by: zhenwei pi 
> Signed-off-by: lei he 
> ---
>  crypto/der.c | 190 +++
>  crypto/der.h |  82 ++
>  crypto/meson.build   |   1 +
>  tests/unit/meson.build   |   1 +
>  tests/unit/test-crypto-der.c | 290 +++
>  5 files changed, 564 insertions(+)
>  create mode 100644 crypto/der.c
>  create mode 100644 crypto/der.h
>  create mode 100644 tests/unit/test-crypto-der.c
> 
> diff --git a/crypto/der.c b/crypto/der.c
> new file mode 100644
> index 00..7907bcfd51
> --- /dev/null
> +++ b/crypto/der.c
> @@ -0,0 +1,190 @@
> +/*
> + * QEMU Crypto ASN.1 DER decoder
> + *
> + * Copyright (c) 2022 Bytedance
> + * Author: lei he 
> + *
> + * This library is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU Lesser General Public
> + * License as published by the Free Software Foundation; either
> + * version 2.1 of the License, or (at your option) any later version.
> + *
> + * This library is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with this library; if not, see 
> .
> + *
> + */
> +
> +#include 
> +#include 

These should both be replaced by

  #include "qemu/osdep.h"

otherwise this fails to build for Mingw targets


> +static int qcrypto_der_invoke_callback(DERDecodeCb cb, void *ctx,
> +   const uint8_t *value, size_t vlen,
> +   Error **errp)
> +{
> +if (!cb) {
> +return 0;
> +}
> +
> +return cb(ctx, value, vlen, errp);
> +}
> +
> +static int qcrypto_der_extract_definite_data(const uint8_t **data, size_t 
> *dlen,
> + DERDecodeCb cb, void *ctx,
> + Error **errp)
> +{
> +const uint8_t *value;
> +size_t vlen = 0;
> +uint8_t byte_count = qcrypto_der_cut_byte(data, dlen);
> +
> +/* short format of definite-length */
> +if (!(byte_count & QCRYPTO_DER_SHORT_LEN_MASK)) {
> +if (byte_count > *dlen) {
> +error_setg(errp, "Invalid content length: %u", byte_count);
> +return -1;
> +}
> +
> +value = *data;
> +vlen = byte_count;
> +qcrypto_der_cut_nbytes(data, dlen, vlen);
> +
> +if (qcrypto_der_invoke_callback(cb, ctx, value, vlen, errp) != 0) {
> +return -1;
> +}
> +return vlen;
> +}
> +
> +/* Ignore highest bit */
> +byte_count &= ~QCRYPTO_DER_SHORT_LEN_MASK;
> +
> +/*
> + * size_t is enough to store the value of length, although the DER
> + * encoding standard supports larger length.
> + */
> +if (byte_count > sizeof(size_t)) {
> +error_setg(errp, "Invalid byte count of content length: %u",
> +   byte_count);
> +return -1;
> +}

> +
> +if (*dlen < byte_count) {

Can you flip this to   'byte_count > *dlen' so that the ordering
is consistent with the rest of the checks in this method.


> +error_setg(errp, "Invalid content length: %u", byte_count);
> +return -1;
> +}
> +while (byte_count--) {
> +vlen <<= 8;
> +vlen += qcrypto_der_cut_byte(data, dlen);
> +}
> +
> +if (vlen > *dlen) {
> +error_setg(errp, "Invalid content length: %lu", vlen);
> +return -1;
> +}
> +
> +value = *data;
> +qcrypto_der_cut_nbytes(data, dlen, vlen);
> +
> +if (qcrypto_der_invoke_callback(cb, ctx, value, vlen, errp) != 0) {
> +return -1;
> +}
> +return vlen;
> +}



> diff --git a/crypto/der.h b/crypto/der.h
> new file mode 100644
> index 00..aaa0e01969
> --- /dev/null
> +++ b/crypto/der.h
> @@ -0,0 +1,82 @@

> +#ifndef QCRYPTO_ASN1_DECODER_H
> +#define QCRYPTO_ASN1_DECODER_H
> +
> +#include "qemu/osdep.h"

osdep.h should always be in the .c file

> +#include "qapi/error.h"
> +
> +/* Simple decoder used to parse DER encoded rsa keys. */
> +
> +/**
> + *  @opaque: user context.
> + *  @value: the starting address of |value| part of 'Tag-Length-Value' 
> pattern.
> + *  @vlen: length of the |value|.
> + *  Returns: 0 for success, any other value is considered an error.
> + */
> +typedef int (*DERDecodeCb) (void *opaque, const uint8_t *value,
> +size_t vlen, Error **errp);

Could you call this one   'QCryptoDERDecodeCb)'

> +
> +/**
> + * der_decode_int:

Needs updating for the new func name

> + * @data: pointer to address of

Re: [PATCH v5 3/9] crypto: Introduce akcipher crypto class

[Daniel P . Berrangé]

On Thu, Apr 28, 2022 at 09:59:37PM +0800, zhenwei pi wrote:
> Introduce new akcipher crypto class 'QCryptoAkCIpher', which supports
> basic asymmetric operations: encrypt, decrypt, sign and verify.
> 
> Suggested by Daniel P. Berrangé, also add autoptr cleanup for the new
> class. Thanks to Daniel!
> 
> Co-developed-by: lei he 
> Signed-off-by: lei he 
> Signed-off-by: zhenwei pi 
> ---
>  crypto/akcipher.c | 102 
>  crypto/akcipherpriv.h |  55 +
>  crypto/meson.build|   1 +
>  include/crypto/akcipher.h | 158 ++
>  4 files changed, 316 insertions(+)
>  create mode 100644 crypto/akcipher.c
>  create mode 100644 crypto/akcipherpriv.h
>  create mode 100644 include/crypto/akcipher.h

Reviewed-by: Daniel P. Berrangé 


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

[PATCH] Fix aarch64 debug register names.

[Chris Howard]

From 5de17d5aacb9cf21de4c9736b227b0498c607709 Mon Sep 17 00:00:00 2001
From: CHRIS HOWARD 
Date: Thu, 12 May 2022 11:35:17 +0200
Subject: [PATCH] Fix aarch64 debug register names.

Signed-off-by: CHRIS HOWARD 
---
 target/arm/helper.c | 16 
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 432bd81919..0dd97cb905 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -6543,14 +6543,16 @@ static void define_debug_regs(ARMCPU *cpu)
 }
 
 for (i = 0; i < brps; i++) {
+char *dbgbvr_el1_name = g_strdup_printf("DBGBVR%d_EL1", i);
+char *dbgbcr_el1_name = g_strdup_printf("DBGBCR%d_EL1", i);
 ARMCPRegInfo dbgregs[] = {
-{ .name = "DBGBVR", .state = ARM_CP_STATE_BOTH,
+{ .name = dbgbvr_el1_name, .state = ARM_CP_STATE_BOTH,
   .cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 4,
   .access = PL1_RW, .accessfn = access_tda,
   .fieldoffset = offsetof(CPUARMState, cp15.dbgbvr[i]),
   .writefn = dbgbvr_write, .raw_writefn = raw_write
 },
-{ .name = "DBGBCR", .state = ARM_CP_STATE_BOTH,
+{ .name = dbgbcr_el1_name, .state = ARM_CP_STATE_BOTH,
   .cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 5,
   .access = PL1_RW, .accessfn = access_tda,
   .fieldoffset = offsetof(CPUARMState, cp15.dbgbcr[i]),
@@ -6558,17 +6560,21 @@ static void define_debug_regs(ARMCPU *cpu)
 },
 };
 define_arm_cp_regs(cpu, dbgregs);
+g_free(dbgbvr_el1_name);
+g_free(dbgbcr_el1_name);
 }
 
 for (i = 0; i < wrps; i++) {
+char *dbgwvr_el1_name = g_strdup_printf("DBGWVR%d_EL1", i);
+char *dbgwcr_el1_name = g_strdup_printf("DBGWCR%d_EL1", i);
 ARMCPRegInfo dbgregs[] = {
-{ .name = "DBGWVR", .state = ARM_CP_STATE_BOTH,
+{ .name = dbgwvr_el1_name, .state = ARM_CP_STATE_BOTH,
   .cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 6,
   .access = PL1_RW, .accessfn = access_tda,
   .fieldoffset = offsetof(CPUARMState, cp15.dbgwvr[i]),
   .writefn = dbgwvr_write, .raw_writefn = raw_write
 },
-{ .name = "DBGWCR", .state = ARM_CP_STATE_BOTH,
+{ .name = dbgwcr_el1_name, .state = ARM_CP_STATE_BOTH,
   .cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 7,
   .access = PL1_RW, .accessfn = access_tda,
   .fieldoffset = offsetof(CPUARMState, cp15.dbgwcr[i]),
@@ -6576,6 +6582,8 @@ static void define_debug_regs(ARMCPU *cpu)
 },
 };
 define_arm_cp_regs(cpu, dbgregs);
+g_free(dbgwvr_el1_name);
+g_free(dbgwcr_el1_name);
 }
 }
 
-- 
2.20.1 (Apple Git-117)

Re: [PATCH v5 1/9] virtio-crypto: header update

[Daniel P . Berrangé]

On Thu, Apr 28, 2022 at 09:59:35PM +0800, zhenwei pi wrote:
> Update header from linux, support akcipher service.
> 
> Reviewed-by: Gonglei 
> Signed-off-by: lei he 
> Signed-off-by: zhenwei pi 
> ---
>  .../standard-headers/linux/virtio_crypto.h| 82 ++-
>  1 file changed, 81 insertions(+), 1 deletion(-)

I see these changes were now merged in linux.git with

  commit 24e19590628b58578748eeaec8140bf9c9dc00d9
  Author: zhenwei pi 
  AuthorDate: Wed Mar 2 11:39:15 2022 +0800
  Commit: Michael S. Tsirkin 
  CommitDate: Mon Mar 28 16:52:58 2022 -0400

virtio-crypto: introduce akcipher service

Introduce asymmetric service definition, asymmetric operations and
several well known algorithms.

Co-developed-by: lei he 
Signed-off-by: lei he 
Signed-off-by: zhenwei pi 
Link: 
https://lore.kernel.org/r/20220302033917.1295334-3-pizhen...@bytedance.com
Signed-off-by: Michael S. Tsirkin 
Reviewed-by: Gonglei 


And the changes proposed here match that, so

  Reviewed-by: Daniel P. Berrangé 


With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH] Remove Ubuntu 18.04 support from the repository

[Philippe Mathieu-Daudé via]

On Thu, May 12, 2022 at 11:21 AM Daniel P. Berrangé  wrote:
> On Thu, May 12, 2022 at 11:14:45AM +0200, Philippe Mathieu-Daudé wrote:
> > On Wed, May 11, 2022 at 1:15 PM Thomas Huth  wrote:
> > > On 11/05/2022 13.13, Philippe Mathieu-Daudé wrote:
> > > > On Wed, May 11, 2022 at 1:03 PM Thomas Huth  wrote:
> > > >> On 11/05/2022 12.46, Philippe Mathieu-Daudé wrote:
> > > >>>On Wed, May 11, 2022 at 11:30 AM Daniel P. Berrangé
> > > >>>  wrote:
> > >  On Tue, May 10, 2022 at 09:56:12PM +0200, Thomas Huth wrote:
> > > > According to our "Supported build platforms" policy, we now do not 
> > > > support
> > > > Ubuntu 18.04 anymore. Remove the related files and entries from our 
> > > > CI.
> > > >
> > > > Signed-off-by: Thomas Huth 
> > > > ---
> > > >Seems like nobody touched the 18.04-based tests/vm/ubuntu* files 
> > > > in a
> > > >very long time, so I assume these are not used anymore and can 
> > > > completely
> > > >be removed now.
> > > 
> > >  Or it could mean that they are working fine and so haven't needed
> > >  changes...
> > > >>>
> > > >>> Yes :)
> > > >>
> > > >> At least for me "make vm-build-ubuntu.aarch64" is only failing with ssh
> > > >> timeouts (on my x86 laptop) ... is this really supposed to work with 
> > > >> TCG, or
> > > >> is this KVM (on arm hosts) only?
> > > >
> > > > Yes this timeout code is not working. I suppose it is tied to the TCG 
> > > > host perf.
> > > > I suggested a pair of patches to increase it but back then Fam didn't 
> > > > accepted
> > > > them because IIRC these VMs were used by patchew (previous to Gitlab).
> > > > Today we have better framework for testing, so I wouldn't use this 
> > > > script on
> > > > CI, but it is still valuable for manual testing.
> > > >
> > > > Robert's email doesn't work anymore. Since I don't have x86 workstation
> > > > anymore, I'll probably use these tests/vm for testing. So let me add a
> > > > "upgrade tests/vm/ubuntu to 22.04" to my TODO list. If I fail and nobody
> > > > miss them, then I won't object to remove them.
> >
> > So, 18.04 is the latest LTS release for 32-bit x86 (i386).
> >
> > IIRC we used this 32-bit VM to reproduce bugs only triggered on 32-bit hosts
> > (while it seems obvious, what is not obvious is that very few developers run
> > on 32-bit hosts, so I'm not sure how long we are interested in avoiding bugs
> > there). See i.e.:
> > https://lore.kernel.org/qemu-devel/07a865e0-d535-9a19-cf29-f90984bcd...@amsat.org/
>
> At some point we'll need to just admit 32-bit host is dead, and that
> point is getting ever closer. For now though, if we need a VM for
> 32-bit testing, the easiest answer is probably to tweak the VM config to
> be Debian based, as that's functionally closest to what Ubuntu provides
> and so likely not too much work.

Thanks for the tip, great idea!

[PULL 0/2] Update linux-headers to v5.18-rc6

[Thomas Huth]

 Hi!

The following changes since commit ec11dc41eec5142b4776db1296972c6323ba5847:

  Merge tag 'pull-misc-2022-05-11' of git://repo.or.cz/qemu/armbru into staging 
(2022-05-11 09:00:26 -0700)

are available in the Git repository at:

  https://gitlab.com/thuth/qemu.git tags/pull-request-2022-05-12

for you to fetch changes up to 98cdec27e4396a2982c85ed148f70770bb6600b4:

  vfio: tolerate migration protocol v1 uapi renames (2022-05-12 11:00:05 +0200)


* Update the linux headers to v5.18-rc6 (required for multiple patch
  series that are currently in flight)
* Fix the vfio code to compile again after the header update

I'm sending this as a separate pull request, so that the the patch
series that are currently in flight do not have to deal each time
with the ugly vfio macro rename anymore.


Matthew Rosato (1):
  vfio: tolerate migration protocol v1 uapi renames

Thomas Huth (1):
  linux-headers: Update headers to v5.18-rc6

 include/standard-headers/linux/input-event-codes.h |  25 +-
 include/standard-headers/linux/virtio_config.h |   6 +
 include/standard-headers/linux/virtio_crypto.h |  82 -
 linux-headers/asm-arm64/kvm.h  |  16 +
 linux-headers/asm-generic/mman-common.h|   2 +
 linux-headers/asm-mips/mman.h  |   2 +
 linux-headers/linux/kvm.h  |  27 +-
 linux-headers/linux/psci.h |   4 +
 linux-headers/linux/userfaultfd.h  |   8 +-
 linux-headers/linux/vfio.h | 406 ++---
 linux-headers/linux/vhost.h|   7 +
 hw/vfio/common.c   |   2 +-
 hw/vfio/migration.c|  19 +-
 13 files changed, 377 insertions(+), 229 deletions(-)

[PULL 2/2] vfio: tolerate migration protocol v1 uapi renames

[Thomas Huth]

From: Matthew Rosato 

The v1 uapi is deprecated and will be replaced by v2 at some point;
this patch just tolerates the renaming of uapi fields to reflect
v1 / deprecated status.

Signed-off-by: Matthew Rosato 
Message-Id: <20220404181726.60291-3-mjros...@linux.ibm.com>
Signed-off-by: Thomas Huth 
---
 hw/vfio/common.c|  2 +-
 hw/vfio/migration.c | 19 +++
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 159f910421..8e73d3714a 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -381,7 +381,7 @@ static bool 
vfio_devices_all_running_and_saving(VFIOContainer *container)
 return false;
 }
 
-if ((migration->device_state & VFIO_DEVICE_STATE_SAVING) &&
+if ((migration->device_state & VFIO_DEVICE_STATE_V1_SAVING) &&
 (migration->device_state & VFIO_DEVICE_STATE_RUNNING)) {
 continue;
 } else {
diff --git a/hw/vfio/migration.c b/hw/vfio/migration.c
index ff6b45de6b..e109cee551 100644
--- a/hw/vfio/migration.c
+++ b/hw/vfio/migration.c
@@ -432,7 +432,7 @@ static int vfio_save_setup(QEMUFile *f, void *opaque)
 }
 
 ret = vfio_migration_set_state(vbasedev, VFIO_DEVICE_STATE_MASK,
-   VFIO_DEVICE_STATE_SAVING);
+   VFIO_DEVICE_STATE_V1_SAVING);
 if (ret) {
 error_report("%s: Failed to set state SAVING", vbasedev->name);
 return ret;
@@ -532,7 +532,7 @@ static int vfio_save_complete_precopy(QEMUFile *f, void 
*opaque)
 int ret;
 
 ret = vfio_migration_set_state(vbasedev, ~VFIO_DEVICE_STATE_RUNNING,
-   VFIO_DEVICE_STATE_SAVING);
+   VFIO_DEVICE_STATE_V1_SAVING);
 if (ret) {
 error_report("%s: Failed to set state STOP and SAVING",
  vbasedev->name);
@@ -569,7 +569,7 @@ static int vfio_save_complete_precopy(QEMUFile *f, void 
*opaque)
 return ret;
 }
 
-ret = vfio_migration_set_state(vbasedev, ~VFIO_DEVICE_STATE_SAVING, 0);
+ret = vfio_migration_set_state(vbasedev, ~VFIO_DEVICE_STATE_V1_SAVING, 0);
 if (ret) {
 error_report("%s: Failed to set state STOPPED", vbasedev->name);
 return ret;
@@ -730,7 +730,7 @@ static void vfio_vmstate_change(void *opaque, bool running, 
RunState state)
  * start saving data.
  */
 if (state == RUN_STATE_SAVE_VM) {
-value = VFIO_DEVICE_STATE_SAVING;
+value = VFIO_DEVICE_STATE_V1_SAVING;
 } else {
 value = 0;
 }
@@ -768,8 +768,9 @@ static void vfio_migration_state_notifier(Notifier 
*notifier, void *data)
 case MIGRATION_STATUS_FAILED:
 bytes_transferred = 0;
 ret = vfio_migration_set_state(vbasedev,
-  ~(VFIO_DEVICE_STATE_SAVING | VFIO_DEVICE_STATE_RESUMING),
-  VFIO_DEVICE_STATE_RUNNING);
+   ~(VFIO_DEVICE_STATE_V1_SAVING |
+ VFIO_DEVICE_STATE_RESUMING),
+   VFIO_DEVICE_STATE_RUNNING);
 if (ret) {
 error_report("%s: Failed to set state RUNNING", vbasedev->name);
 }
@@ -864,8 +865,10 @@ int vfio_migration_probe(VFIODevice *vbasedev, Error 
**errp)
 goto add_blocker;
 }
 
-ret = vfio_get_dev_region_info(vbasedev, VFIO_REGION_TYPE_MIGRATION,
-   VFIO_REGION_SUBTYPE_MIGRATION, &info);
+ret = vfio_get_dev_region_info(vbasedev,
+   VFIO_REGION_TYPE_MIGRATION_DEPRECATED,
+   VFIO_REGION_SUBTYPE_MIGRATION_DEPRECATED,
+   &info);
 if (ret) {
 goto add_blocker;
 }
-- 
2.27.0

Re: [PATCH] iotests/testrunner: Flush after run_test()

[Kevin Wolf]

Am 06.05.2022 um 15:42 hat Hanna Reitz geschrieben:
> When stdout is not a terminal, the buffer may not be flushed at each end
> of line, so we should flush after each test is done.  This is especially
> apparent when run by check-block, in two ways:
> 
> First, when running make check-block -jX with X > 1, progress indication
> was missing, even though testrunner.py does theoretically print each
> test's status once it has been run, even in multi-processing mode.
> Flushing after each test restores this progress indication.
> 
> Second, sometimes make check-block failed altogether, with an error
> message that "too few tests [were] run".  I presume that's because one
> worker process in the job pool did not get to flush its stdout before
> the main process exited, and so meson did not get to see that worker's
> test results.  In any case, by flushing at the end of run_test(), the
> problem has disappeared for me.
> 
> Signed-off-by: Hanna Reitz 

Thanks, applied to the block branch.

Kevin

[PATCH v2] block/gluster: correctly set max_pdiscard

[Fabian Ebner]

On 64-bit platforms, SIZE_MAX is too large for max_pdiscard, which is
int64_t, and the following assertion would be triggered:
qemu-system-x86_64: ../block/io.c:3166: bdrv_co_pdiscard: Assertion
`max_pdiscard >= bs->bl.request_alignment' failed.

Fixes: 0c8022876f ("block: use int64_t instead of int in driver discard 
handlers")
Cc: qemu-sta...@nongnu.org
Signed-off-by: Fabian Ebner 
---
 block/gluster.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/block/gluster.c b/block/gluster.c
index 398976bc66..f711bf0bd6 100644
--- a/block/gluster.c
+++ b/block/gluster.c
@@ -891,7 +891,7 @@ out:
 static void qemu_gluster_refresh_limits(BlockDriverState *bs, Error **errp)
 {
 bs->bl.max_transfer = GLUSTER_MAX_TRANSFER;
-bs->bl.max_pdiscard = SIZE_MAX;
+bs->bl.max_pdiscard = MIN(SIZE_MAX, INT64_MAX);
 }
 
 static int qemu_gluster_reopen_prepare(BDRVReopenState *state,
@@ -1304,7 +1304,7 @@ static coroutine_fn int 
qemu_gluster_co_pdiscard(BlockDriverState *bs,
 GlusterAIOCB acb;
 BDRVGlusterState *s = bs->opaque;
 
-assert(bytes <= SIZE_MAX); /* rely on max_pdiscard */
+assert(bytes <= MIN(SIZE_MAX, INT64_MAX)); /* rely on max_pdiscard */
 
 acb.size = 0;
 acb.ret = 0;
-- 
2.30.2

Re: [PATCH 0/2] ci: improve debuggability of I/O tests

[Kevin Wolf]

Am 09.05.2022 um 14:41 hat Daniel P. Berrangé geschrieben:
> Currently with the TAP harness we see essentially no useful information
> about the I/O tests execution. To pick a random job:
> 
>   https://gitlab.com/qemu-project/qemu/-/jobs/2429330423
> 
> All that we get is this:
> 
>   184/204 qemu:block / qemu-iotests qcow2  OK  309.10s   116 subtests passed
> 
> The full details are in a testlog.txt file that isn't accessible. This
> series publishes that as an artifact. It further tweaks the TAP runner
> to print out when it is about to run a test, so we get a record of what
> was running, if the test harness gets terminated abnormally/prematurely

Thanks, applied to the block branch.

Kevin

[PATCH v2 0/3] thread-pool: fix performance regression

[Paolo Bonzini]

Together, these two patches fix the performance regression induced by
QemuSemaphore; individually they don't though.

The third patch is a small cleanup on top, that was enabled by the
recent introduction of min_threads/max_threads knobs for the
thread pool.

6.2:
   iops: min=58051, max=62260, avg=60282.57, stdev=1081.18, samples=30
clat percentiles (usec):   1.00th=[  490],   99.99th=[  775]
   iops: min=59401, max=61290, avg=60651.27, stdev=468.24, samples=30
clat percentiles (usec):   1.00th=[  490],   99.99th=[  717]
   iops: min=59583, max=60816, avg=60353.43, stdev=282.69, samples=30
clat percentiles (usec):   1.00th=[  490],   99.99th=[  701]
   iops: min=58099, max=60713, avg=59739.53, stdev=755.49, samples=30
clat percentiles (usec):   1.00th=[  494],   99.99th=[  717]

patched:
   iops: min=60616, max=62522, avg=61654.37, stdev=555.67, samples=30
clat percentiles (usec):   1.00th=[  474],   99.99th=[ 1303]
   iops: min=61841, max=63600, avg=62878.47, stdev=442.40, samples=30
clat percentiles (usec):   1.00th=[  465],   99.99th=[  685]
   iops: min=62976, max=63910, avg=63531.60, stdev=261.05, samples=30
clat percentiles (usec):   1.00th=[  461],   99.99th=[  693]
   iops: min=60803, max=63623, avg=62653.37, stdev=808.76, samples=30
clat percentiles (usec):   1.00th=[  465],   99.99th=[  685]

Paolo

v1->v2: support min_threads/max_threads

Paolo Bonzini (3):
  thread-pool: optimize scheduling of completion bottom half
  thread-pool: replace semaphore with condition variable
  thread-pool: remove stopping variable

 util/thread-pool.c | 70 +-
 1 file changed, 26 insertions(+), 44 deletions(-)

-- 
2.36.0

[PULL 1/2] linux-headers: Update headers to v5.18-rc6

[Thomas Huth]

Several other upcoming patch series will need this update.

Signed-off-by: Thomas Huth 
---
 .../linux/input-event-codes.h |  25 +-
 .../standard-headers/linux/virtio_config.h|   6 +
 .../standard-headers/linux/virtio_crypto.h|  82 +++-
 linux-headers/asm-arm64/kvm.h |  16 +
 linux-headers/asm-generic/mman-common.h   |   2 +
 linux-headers/asm-mips/mman.h |   2 +
 linux-headers/linux/kvm.h |  27 +-
 linux-headers/linux/psci.h|   4 +
 linux-headers/linux/userfaultfd.h |   8 +-
 linux-headers/linux/vfio.h| 406 +-
 linux-headers/linux/vhost.h   |   7 +
 11 files changed, 365 insertions(+), 220 deletions(-)

diff --git a/include/standard-headers/linux/input-event-codes.h 
b/include/standard-headers/linux/input-event-codes.h
index b5e86b40ab..50790aee5a 100644
--- a/include/standard-headers/linux/input-event-codes.h
+++ b/include/standard-headers/linux/input-event-codes.h
@@ -278,7 +278,8 @@
 #define KEY_PAUSECD201
 #define KEY_PROG3  202
 #define KEY_PROG4  203
-#define KEY_DASHBOARD  204 /* AL Dashboard */
+#define KEY_ALL_APPLICATIONS   204 /* AC Desktop Show All Applications */
+#define KEY_DASHBOARD  KEY_ALL_APPLICATIONS
 #define KEY_SUSPEND205
 #define KEY_CLOSE  206 /* AC Close */
 #define KEY_PLAY   207
@@ -612,6 +613,7 @@
 #define KEY_ASSISTANT  0x247   /* AL Context-aware desktop assistant */
 #define KEY_KBD_LAYOUT_NEXT0x248   /* AC Next Keyboard Layout Select */
 #define KEY_EMOJI_PICKER   0x249   /* Show/hide emoji picker (HUTRR101) */
+#define KEY_DICTATE0x24a   /* Start or Stop Voice Dictation 
Session (HUTRR99) */
 
 #define KEY_BRIGHTNESS_MIN 0x250   /* Set Brightness to Minimum */
 #define KEY_BRIGHTNESS_MAX 0x251   /* Set Brightness to Maximum */
@@ -660,6 +662,27 @@
 /* Select an area of screen to be copied */
 #define KEY_SELECTIVE_SCREENSHOT   0x27a
 
+/* Move the focus to the next or previous user controllable element within a 
UI container */
+#define KEY_NEXT_ELEMENT   0x27b
+#define KEY_PREVIOUS_ELEMENT   0x27c
+
+/* Toggle Autopilot engagement */
+#define KEY_AUTOPILOT_ENGAGE_TOGGLE0x27d
+
+/* Shortcut Keys */
+#define KEY_MARK_WAYPOINT  0x27e
+#define KEY_SOS0x27f
+#define KEY_NAV_CHART  0x280
+#define KEY_FISHING_CHART  0x281
+#define KEY_SINGLE_RANGE_RADAR 0x282
+#define KEY_DUAL_RANGE_RADAR   0x283
+#define KEY_RADAR_OVERLAY  0x284
+#define KEY_TRADITIONAL_SONAR  0x285
+#define KEY_CLEARVU_SONAR  0x286
+#define KEY_SIDEVU_SONAR   0x287
+#define KEY_NAV_INFO   0x288
+#define KEY_BRIGHTNESS_MENU0x289
+
 /*
  * Some keyboards have keys which do not have a defined meaning, these keys
  * are intended to be programmed / bound to macros by the user. For most
diff --git a/include/standard-headers/linux/virtio_config.h 
b/include/standard-headers/linux/virtio_config.h
index 22e3a85f67..7acd8d4abc 100644
--- a/include/standard-headers/linux/virtio_config.h
+++ b/include/standard-headers/linux/virtio_config.h
@@ -80,6 +80,12 @@
 /* This feature indicates support for the packed virtqueue layout. */
 #define VIRTIO_F_RING_PACKED   34
 
+/*
+ * Inorder feature indicates that all buffers are used by the device
+ * in the same order in which they have been made available.
+ */
+#define VIRTIO_F_IN_ORDER  35
+
 /*
  * This feature indicates that memory accesses by the driver and the
  * device are ordered in a way described by the platform.
diff --git a/include/standard-headers/linux/virtio_crypto.h 
b/include/standard-headers/linux/virtio_crypto.h
index 5ff0b4ee59..68066dafb6 100644
--- a/include/standard-headers/linux/virtio_crypto.h
+++ b/include/standard-headers/linux/virtio_crypto.h
@@ -37,6 +37,7 @@
 #define VIRTIO_CRYPTO_SERVICE_HASH   1
 #define VIRTIO_CRYPTO_SERVICE_MAC2
 #define VIRTIO_CRYPTO_SERVICE_AEAD   3
+#define VIRTIO_CRYPTO_SERVICE_AKCIPHER 4
 
 #define VIRTIO_CRYPTO_OPCODE(service, op)   (((service) << 8) | (op))
 
@@ -57,6 +58,10 @@ struct virtio_crypto_ctrl_header {
   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02)
 #define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \
   VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03)
+#define VIRTIO_CRYPTO_AKCIPHER_CREATE_SESSION \
+  VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x04)
+#define VIRTIO_CRYPTO_AKCIPHER_DESTROY_SESSION \
+  VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AKCIPHER, 0x05)
uint32_t opcode;
uint32_t algo;
uint32_t flag;
@@ -180,6 +185,58 @@ struct virtio_crypto_aead_create_session_req {
uint8_t padding[32];
 };
 
+struct virt

[PATCH v2 1/3] thread-pool: optimize scheduling of completion bottom half

[Paolo Bonzini]

The completion bottom half was scheduled within the pool->lock
critical section.  That actually results in worse performance,
because the worker thread can run its own small critical section
and go to sleep before the bottom half starts running.

Note that this simple change does not produce an improvement without
changing the thread pool QemuSemaphore to a condition variable.

Signed-off-by: Paolo Bonzini 
Signed-off-by: Paolo Bonzini 
---
 util/thread-pool.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/util/thread-pool.c b/util/thread-pool.c
index 196835b4d3..4979f30ca3 100644
--- a/util/thread-pool.c
+++ b/util/thread-pool.c
@@ -127,9 +127,8 @@ static void *worker_thread(void *opaque)
 smp_wmb();
 req->state = THREAD_DONE;
 
-qemu_mutex_lock(&pool->lock);
-
 qemu_bh_schedule(pool->completion_bh);
+qemu_mutex_lock(&pool->lock);
 }
 
 pool->cur_threads--;
-- 
2.36.0

Re: [PATCH] qapi: make machine type deprecation a warning

[Markus Armbruster]

Commit message nitpick: not sure this is "qapi:".  The commit that
introduced "Machine type ... is deprecated" (08fe68244eb) used
"hw/i386:".  We commonly use "vl:", "softmmu:", and "softmmu/vl:" for
this file.

[PATCH v2 3/3] thread-pool: remove stopping variable

[Paolo Bonzini]

Just setting the max threads to 0 is enough to stop all workers.

Signed-off-by: Paolo Bonzini 
---
 util/thread-pool.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/util/thread-pool.c b/util/thread-pool.c
index da189d9338..392c7d7843 100644
--- a/util/thread-pool.c
+++ b/util/thread-pool.c
@@ -69,7 +69,6 @@ struct ThreadPool {
 int idle_threads;
 int new_threads; /* backlog of threads we need to create */
 int pending_threads; /* threads created but not running yet */
-bool stopping;
 int min_threads;
 int max_threads;
 };
@@ -82,7 +81,7 @@ static void *worker_thread(void *opaque)
 pool->pending_threads--;
 do_spawn_thread(pool);
 
-while (!pool->stopping && pool->cur_threads <= pool->max_threads) {
+while (pool->cur_threads <= pool->max_threads) {
 ThreadPoolElement *req;
 int ret;
 
@@ -366,7 +365,7 @@ void thread_pool_free(ThreadPool *pool)
 pool->new_threads = 0;
 
 /* Wait for worker threads to terminate */
-pool->stopping = true;
+pool->max_threads = 0;
 qemu_cond_broadcast(&pool->request_cond);
 while (pool->cur_threads > 0) {
 qemu_cond_wait(&pool->worker_stopped, &pool->lock);
-- 
2.36.0

[PATCH v2 0/3] thread-pool: fix performance regression

[Paolo Bonzini]

Together, these two patches fix the performance regression induced by
QemuSemaphore; individually they don't though.

The third patch is a small cleanup on top, that was enabled by the
recent introduction of min_threads/max_threads knobs for the
thread pool.

6.2:
   iops: min=58051, max=62260, avg=60282.57, stdev=1081.18, samples=30
clat percentiles (usec):   1.00th=[  490],   99.99th=[  775]
   iops: min=59401, max=61290, avg=60651.27, stdev=468.24, samples=30
clat percentiles (usec):   1.00th=[  490],   99.99th=[  717]
   iops: min=59583, max=60816, avg=60353.43, stdev=282.69, samples=30
clat percentiles (usec):   1.00th=[  490],   99.99th=[  701]
   iops: min=58099, max=60713, avg=59739.53, stdev=755.49, samples=30
clat percentiles (usec):   1.00th=[  494],   99.99th=[  717]

patched:
   iops: min=60616, max=62522, avg=61654.37, stdev=555.67, samples=30
clat percentiles (usec):   1.00th=[  474],   99.99th=[ 1303]
   iops: min=61841, max=63600, avg=62878.47, stdev=442.40, samples=30
clat percentiles (usec):   1.00th=[  465],   99.99th=[  685]
   iops: min=62976, max=63910, avg=63531.60, stdev=261.05, samples=30
clat percentiles (usec):   1.00th=[  461],   99.99th=[  693]
   iops: min=60803, max=63623, avg=62653.37, stdev=808.76, samples=30
clat percentiles (usec):   1.00th=[  465],   99.99th=[  685]

Paolo

v1->v2: support min_threads/max_threads

Paolo Bonzini (3):
  thread-pool: optimize scheduling of completion bottom half
  thread-pool: replace semaphore with condition variable
  thread-pool: remove stopping variable

 util/thread-pool.c | 70 +-
 1 file changed, 26 insertions(+), 44 deletions(-)

-- 
2.36.0

Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507

[Kevin Wolf]

Am 03.05.2022 um 18:21 hat Jon Maloy geschrieben:
> 
> 
> On 5/3/22 05:59, Kevin Wolf wrote:
> > Am 23.03.2022 um 03:25 hat John Snow geschrieben:
> > > On Fri, Mar 18, 2022 at 2:50 PM Thomas Huth  wrote:
> > > > On 10/03/2022 18.53, Jon Maloy wrote:
> > > > > On 3/10/22 12:14, Thomas Huth wrote:
> > > > > > On 06/02/2022 20.19, Jon Maloy wrote:
> > > > > > > Trying again with correct email address.
> > > > > > > ///jon
> > > > > > > 
> > > > > > > On 2/6/22 14:15, Jon Maloy wrote:
> > > > > > > > 
> > > > > > > > On 1/27/22 15:14, Jon Maloy wrote:
> > > > > > > > > On 11/18/21 06:57, Philippe Mathieu-Daudé wrote:
> > > > > > > > > > Trivial fix for CVE-2021-3507.
> > > > > > > > > > 
> > > > > > > > > > Philippe Mathieu-Daudé (2):
> > > > > > > > > > hw/block/fdc: Prevent end-of-track overrun 
> > > > > > > > > > (CVE-2021-3507)
> > > > > > > > > > tests/qtest/fdc-test: Add a regression test for 
> > > > > > > > > > CVE-2021-3507
> > > > > > > > > > 
> > > > > > > > > >hw/block/fdc.c |  8 
> > > > > > > > > >tests/qtest/fdc-test.c | 20 
> > > > > > > > > >2 files changed, 28 insertions(+)
> > > > > > > > > > 
> > > > > > > > > Series
> > > > > > > > > Acked-by: Jon Maloy 
> > > > > > > > Philippe,
> > > > > > > > I hear from other sources that you earlier have qualified this 
> > > > > > > > one as
> > > > > > > > "incomplete".
> > > > > > > > I am of course aware that this one, just like my own patch, is 
> > > > > > > > just a
> > > > > > > > mitigation and not a complete correction of the erroneous 
> > > > > > > > calculation.
> > > > > > > > Or did you have anything else in mind?
> > > > > > Any news on this one? It would be nice to get the CVE fixed for 7.0 
> > > > > > ?
> > > > > > 
> > > > > >   Thomas
> > > > > > 
> > > > > The ball is currently with John Snow, as I understand it.
> > > > > The concern is that this fix may not take the driver back to a 
> > > > > consistent
> > > > > state, so that we may have other problems later.
> > > > > Maybe Philippe can chip in with a comment here?
> > > > John, Philippe, any ideas how to move this forward?
> > > > 
> > > >Thomas
> > > > 
> > > The ball is indeed in my court. I need to audit this properly and get
> > > the patch re-applied, and get tests passing.
> > > 
> > > As a personal favor: Could you please ping me on IRC tomorrow about
> > > this? (Well, later today, for you.)
> > Going through old patches... Is this one still open?
> > 
> > Kevin
> > 
> Yes, it is.

I was hoping that John would get back to it after my ping, but doesn't
look like it.

So this may not be the perfect fix and the perfect test, but it's
certainly better than having nothing for multiple releases. I fixed up
the test with the snapshot=on that Alexander suggested (this also fixes
the file locking problem Hanna had and that I saw, too) and applied it
to my block branch.

Kevin

[PATCH v2 2/3] thread-pool: replace semaphore with condition variable

[Paolo Bonzini]

Since commit f9fc8932b1 ("thread-posix: remove the posix semaphore
support", 2022-04-06) QemuSemaphore has its own mutex and condition
variable; this adds unnecessary overhead on I/O with small block sizes.

Check the QTAILQ directly instead of adding the indirection of a
semaphore's count.  Using a semaphore has not been necessary since
qemu_cond_timedwait was introduced; the new code has to be careful about
spurious wakeups but it is simpler, for example thread_pool_cancel does
not have to worry about synchronizing the semaphore count with the number
of elements of pool->request_list.

Note that the return value of qemu_cond_timedwait (0 for timeout, 1 for
signal or spurious wakeup) is different from that of qemu_sem_timedwait
(-1 for timeout, 0 for success).

Reported-by: Lukáš Doktor 
Suggested-by: Stefan Hajnoczi 
Signed-off-by: Paolo Bonzini 
---
 util/thread-pool.c | 64 +-
 1 file changed, 24 insertions(+), 40 deletions(-)

diff --git a/util/thread-pool.c b/util/thread-pool.c
index 4979f30ca3..da189d9338 100644
--- a/util/thread-pool.c
+++ b/util/thread-pool.c
@@ -57,7 +57,7 @@ struct ThreadPool {
 QEMUBH *completion_bh;
 QemuMutex lock;
 QemuCond worker_stopped;
-QemuSemaphore sem;
+QemuCond request_cond;
 QEMUBH *new_thread_bh;
 
 /* The following variables are only accessed from one AioContext. */
@@ -74,23 +74,6 @@ struct ThreadPool {
 int max_threads;
 };
 
-static inline bool back_to_sleep(ThreadPool *pool, int ret)
-{
-/*
- * The semaphore timed out, we should exit the loop except when:
- *  - There is work to do, we raced with the signal.
- *  - The max threads threshold just changed, we raced with the signal.
- *  - The thread pool forces a minimum number of readily available threads.
- */
-if (ret == -1 && (!QTAILQ_EMPTY(&pool->request_list) ||
-pool->cur_threads > pool->max_threads ||
-pool->cur_threads <= pool->min_threads)) {
-return true;
-}
-
-return false;
-}
-
 static void *worker_thread(void *opaque)
 {
 ThreadPool *pool = opaque;
@@ -99,20 +82,27 @@ static void *worker_thread(void *opaque)
 pool->pending_threads--;
 do_spawn_thread(pool);
 
-while (!pool->stopping) {
+while (!pool->stopping && pool->cur_threads <= pool->max_threads) {
 ThreadPoolElement *req;
 int ret;
 
-do {
+if (QTAILQ_EMPTY(&pool->request_list)) {
 pool->idle_threads++;
-qemu_mutex_unlock(&pool->lock);
-ret = qemu_sem_timedwait(&pool->sem, 1);
-qemu_mutex_lock(&pool->lock);
+ret = qemu_cond_timedwait(&pool->request_cond, &pool->lock, 1);
 pool->idle_threads--;
-} while (back_to_sleep(pool, ret));
-if (ret == -1 || pool->stopping ||
-pool->cur_threads > pool->max_threads) {
-break;
+if (ret == 0) {
+if (QTAILQ_EMPTY(&pool->request_list) &&
+pool->cur_threads > pool->min_threads) {
+/* Timed out + no work to do + no need for warm threads = 
exit.  */
+break;
+} else {
+/*
+ * Even if there is some work to do, check if there aren't
+ * too many worker threads before picking it up.
+ */
+continue;
+}
+}
 }
 
 req = QTAILQ_FIRST(&pool->request_list);
@@ -229,13 +219,7 @@ static void thread_pool_cancel(BlockAIOCB *acb)
 trace_thread_pool_cancel(elem, elem->common.opaque);
 
 QEMU_LOCK_GUARD(&pool->lock);
-if (elem->state == THREAD_QUEUED &&
-/* No thread has yet started working on elem. we can try to "steal"
- * the item from the worker if we can get a signal from the
- * semaphore.  Because this is non-blocking, we can do it with
- * the lock taken and ensure that elem will remain THREAD_QUEUED.
- */
-qemu_sem_timedwait(&pool->sem, 0) == 0) {
+if (elem->state == THREAD_QUEUED) {
 QTAILQ_REMOVE(&pool->request_list, elem, reqs);
 qemu_bh_schedule(pool->completion_bh);
 
@@ -280,7 +264,7 @@ BlockAIOCB *thread_pool_submit_aio(ThreadPool *pool,
 }
 QTAILQ_INSERT_TAIL(&pool->request_list, req, reqs);
 qemu_mutex_unlock(&pool->lock);
-qemu_sem_post(&pool->sem);
+qemu_cond_signal(&pool->request_cond);
 return &req->common;
 }
 
@@ -323,7 +307,7 @@ void thread_pool_update_params(ThreadPool *pool, AioContext 
*ctx)
  * We either have to:
  *  - Increase the number available of threads until over the min_threads
  *threshold.
- *  - Decrease the number of available threads until under the max_threads
+ *  - Bump the worker threads so that they exit, until under the 
max_threads
  *threshold.
  *  - Do nothing. The current number of

Re: [PATCH 1/1] Add Zihintpause support

[Heiko Stübner]

Am Dienstag, 10. Mai 2022, 08:42:31 CEST schrieb Dao Lu:
> Added support for RISC-V PAUSE instruction from Zihintpause extension, enabeld
> by default.
> 
> Signed-off-by: Dao Lu 

This patch with your fixup applied to it and of course
a matching kernel:

Tested-by: Heiko Stuebner 


> ---
>  target/riscv/cpu.c  |  2 ++
>  target/riscv/cpu.h  |  1 +
>  target/riscv/insn32.decode  |  7 ++-
>  target/riscv/insn_trans/trans_rvi.c.inc | 18 ++
>  4 files changed, 27 insertions(+), 1 deletion(-)
> 
> diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> index ccacdee215..183fb37fdf 100644
> --- a/target/riscv/cpu.c
> +++ b/target/riscv/cpu.c
> @@ -825,6 +825,7 @@ static Property riscv_cpu_properties[] = {
>  DEFINE_PROP_BOOL("Counters", RISCVCPU, cfg.ext_counters, true),
>  DEFINE_PROP_BOOL("Zifencei", RISCVCPU, cfg.ext_ifencei, true),
>  DEFINE_PROP_BOOL("Zicsr", RISCVCPU, cfg.ext_icsr, true),
> +DEFINE_PROP_BOOL("Zihintpause", RISCVCPU, cfg.ext_zihintpause, true),
>  DEFINE_PROP_BOOL("Zfh", RISCVCPU, cfg.ext_zfh, false),
>  DEFINE_PROP_BOOL("Zfhmin", RISCVCPU, cfg.ext_zfhmin, false),
>  DEFINE_PROP_BOOL("Zve32f", RISCVCPU, cfg.ext_zve32f, false),
> @@ -996,6 +997,7 @@ static void riscv_isa_string_ext(RISCVCPU *cpu, char 
> **isa_str, int max_str_len)
>   *extensions by an underscore.
>   */
>  struct isa_ext_data isa_edata_arr[] = {
> +ISA_EDATA_ENTRY(zihintpause, ext_zihintpause),
>  ISA_EDATA_ENTRY(zfh, ext_zfh),
>  ISA_EDATA_ENTRY(zfhmin, ext_zfhmin),
>  ISA_EDATA_ENTRY(zfinx, ext_zfinx),
> diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
> index fe6c9a2c92..e466a04a59 100644
> --- a/target/riscv/cpu.h
> +++ b/target/riscv/cpu.h
> @@ -394,6 +394,7 @@ struct RISCVCPUConfig {
>  bool ext_counters;
>  bool ext_ifencei;
>  bool ext_icsr;
> +bool ext_zihintpause;
>  bool ext_svinval;
>  bool ext_svnapot;
>  bool ext_svpbmt;
> diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode
> index 4033565393..595fdcdad8 100644
> --- a/target/riscv/insn32.decode
> +++ b/target/riscv/insn32.decode
> @@ -149,7 +149,12 @@ srl  000 .. 101 . 0110011 @r
>  sra  010 .. 101 . 0110011 @r
>  or   000 .. 110 . 0110011 @r
>  and  000 .. 111 . 0110011 @r
> -fence pred:4 succ:4 - 000 - 000
> +
> +{
> +  pause   0001      0 000 0 000
> +  fence   pred:4 succ:4 - 000 - 000
> +}
> +
>  fence_i         - 001 - 000
>  csrrw . 001 . 1110011 @csr
>  csrrs . 010 . 1110011 @csr
> diff --git a/target/riscv/insn_trans/trans_rvi.c.inc 
> b/target/riscv/insn_trans/trans_rvi.c.inc
> index f1342f30f8..528c30c9a2 100644
> --- a/target/riscv/insn_trans/trans_rvi.c.inc
> +++ b/target/riscv/insn_trans/trans_rvi.c.inc
> @@ -18,6 +18,12 @@
>   * this program.  If not, see .
>   */
>  
> +#define REQUIRE_ZIHINTPAUSE(ctx) do { \
> +if (!ctx->cfg_ptr->ext_zihintpause) {  \
> +return false; \
> +} \
> +} while (0)
> +
>  static bool trans_illegal(DisasContext *ctx, arg_empty *a)
>  {
>  gen_exception_illegal(ctx);
> @@ -796,6 +802,18 @@ static bool trans_srad(DisasContext *ctx, arg_srad *a)
>  return gen_shift(ctx, a, EXT_SIGN, tcg_gen_sar_tl, NULL);
>  }
>  
> +static bool trans_pause(DisasContext *ctx, arg_pause *a)
> +{
> +REQUIRE_ZIHINTPAUSE(ctx);
> +
> +/*
> + * PAUSE is a no-op in QEMU,
> + * however we need to clear the reservation
> + */
> +tcg_gen_movi_tl(load_res, -1);
> +
> +return true;
> +}
>  
>  static bool trans_fence(DisasContext *ctx, arg_fence *a)
>  {
> 

Re: [PATCH v4 0/2] nbd: MULTI_CONN for shared writable exports

[Kevin Wolf]

Am 12.05.2022 um 02:49 hat Eric Blake geschrieben:
> v3 was here:
> https://lists.gnu.org/archive/html/qemu-devel/2022-03/msg03701.html
> with additional review here:
> https://lists.gnu.org/archive/html/qemu-devel/2022-05/msg00166.html

Thanks, applied to the block branch.

Kevin

Re: [PATCH v2 8/8] qapi: Stop using whitespace for alignment in comments

[Markus Armbruster]

Eric Blake  writes:

> On Tue, May 03, 2022 at 09:37:37AM +0200, Andrea Bolognani wrote:
>> Perfectly aligned things look pretty, but keeping them that
>> way as the schema evolves requires churn, and in some cases
>> newly-added lines are not aligned properly.
>> 
>> Overall, trying to align things is just not worth the trouble.
>
> I'm in favor of commiting 7+8 squashed as a single patch.  7 alone is
> indeed a churn magnet, so I'm either for stopping the series at 6, or
> going all the way to 8 via a single additional step.

Understood.

Diffstat for 7+8:

 qapi/block-core.json | 53 ++--
 qapi/block.json  |  6 +++---
 qapi/char.json   |  6 +++---
 qapi/control.json| 10 +-
 qapi/crypto.json | 42 -
 qapi/migration.json  |  8 
 qapi/sockets.json|  4 ++--
 qapi/ui.json | 17 -
 8 files changed, 72 insertions(+), 74 deletions(-)

Considering we have >16k comment lines in qapi/*json, the churn feels
quite tolerable.

> Reviewed-by: Eric Blake 

Last call for objections: Kevin, Hanna, Gerd?

Re: [PATCH 0/6] hppa: Artist graphics driver fixes for HP-UX

[Helge Deller]

Please review below patch as well. I'd like to include it
in the series when I send a v2 version of the series.

Thanks,
Helge


From: Helge Deller 
Date: Thu, 12 May 2022 13:40:39 +0200
Subject: [PATCH] artist: Fix X cursor position calculation in X11

The X cursor postion can be calculated based on the backporch and
interleave values.  In the emulation we ignore the HP-UX settings for
backporch and use instead twice the size of the emulated cursor.  With
those changes the X-position of the graphics cursor is now finally
working correctly on HP-UX 10 and HP-UX 11.

Based on coding in Xorg X11R6.6

Signed-off-by: Helge Deller 

diff --git a/hw/display/artist.c b/hw/display/artist.c
index 49dad2b824..8bf3bed79a 100644
--- a/hw/display/artist.c
+++ b/hw/display/artist.c
@@ -1,7 +1,8 @@
 /*
  * QEMU HP Artist Emulation
  *
- * Copyright (c) 2019 Sven Schnelle 
+ * Copyright (c) 2019-2022 Sven Schnelle 
+ * Copyright (c) 2022 Helge Deller 
  *
  * This work is licensed under the terms of the GNU GPL, version 2 or later.
  */
@@ -313,19 +314,15 @@ static void artist_rop8(ARTISTState *s, struct 
vram_buffer *buf,
 static void artist_get_cursor_pos(ARTISTState *s, int *x, int *y)
 {
 /*
- * Don't know whether these magic offset values are configurable via
- * some register. They seem to be the same for all resolutions.
- * The cursor values provided in the registers are:
- * X-value: -295 (for HP-UX 11) and 338 (for HP-UX 10.20) up to 2265
- * Y-value: 1146 down to 0
  * The emulated Artist graphic is like a CRX graphic, and as such
  * it's usually fixed at 1280x1024 pixels.
- * Because of the maximum Y-value of 1146 you can not choose a higher
- * vertical resolution on HP-UX (unless you disable the mouse).
+ * Other resolutions may work, but no guarantee.
  */

-static int offset = 338;
-int lx;
+unsigned int hbp_times_vi, horizBackPorch;
+int16_t xHi, xLo;
+const int videoInterleave = 4;
+const int pipelineDelay = 4;

 /* ignore if uninitialized */
 if (s->cursor_pos == 0) {
@@ -333,16 +330,22 @@ static void artist_get_cursor_pos(ARTISTState *s, int *x, 
int *y)
 return;
 }

-lx = artist_get_x(s->cursor_pos);
-if (lx < offset) {
-offset = lx;
-}
-*x = (lx - offset) / 2;
+/* Calculate X position based on backporch and interleave values.
+   Based on code from Xorg X11R6.6
+ */
+horizBackPorch = ((s->horiz_backporch & 0xff) >> 16) +
+ ((s->horiz_backporch & 0xff00) >> 8) + 2;
+hbp_times_vi = horizBackPorch * videoInterleave;
+xHi = s->cursor_pos >> 19;
+*x = ((xHi + pipelineDelay) * videoInterleave) - hbp_times_vi;
+
+xLo = (s->cursor_pos >> 16) & 0x07;
+*x += ((xLo - hbp_times_vi) & (videoInterleave - 1)) + 8 - 1;

 /* subtract cursor offset from cursor control register */
 *x -= (s->cursor_cntrl & 0xf0) >> 4;

-/* height minus nOffscreenScanlines is stored in cursor control register */
+/* Calculate Y position */
 *y = s->height - artist_get_y(s->cursor_pos);
 *y -= (s->cursor_cntrl & 0x0f);

@@ -1056,6 +1059,8 @@ static void artist_reg_write(void *opaque, hwaddr addr, 
uint64_t val,
 break;

 case HORIZ_BACKPORCH:
+/* overwrite HP-UX settings to fix X cursor position. */
+val = (NGLE_MAX_SPRITE_SIZE << 16) + (NGLE_MAX_SPRITE_SIZE << 8);
 combine_write_reg(addr, val, size, &s->horiz_backporch);
 break;

Re: [PATCH 2/3] ui: Switch "-display sdl" to use the QAPI parser

[Markus Armbruster]

Thomas Huth  writes:

> The "-display sdl" option still uses a hand-crafted parser for its
> parameters since some of them used underscores which is forbidden
> in QAPI.

Kind of.  QAPI indeed requires lower-case-with-hyphens for such names,
but there is an exception mechanism for names with upper case and
underscore: pragma member-name-exceptions.  Used for old names that
predate naming rule enforcement, and for newer names we've elected to
make consistent with their old siblings.

The series that QAPIfied -display partially explained why it left
-display sdl,... and -display vnc,... unQAPIfied in commit 7a61f43859
"ui: document non-qapi parser cases.":

diff --git a/vl.c b/vl.c
index 5f1734d851..3b39bbd7a8 100644
--- a/vl.c
+++ b/vl.c
@@ -2114,6 +2114,16 @@ static void parse_display(const char *p)
 const char *opts;

 if (strstart(p, "sdl", &opts)) {
+/*
+ * sdl DisplayType needs hand-crafted parser instead of
+ * parse_display_qapi() due to some options not in
+ * DisplayOptions, specifically:
+ *   - frame
+ * Already deprecated.
+ *   - ctrl_grab + alt_grab
+ * Not clear yet what happens to them long-term.  Should
+ * replaced by something better or deprecated and dropped.

This sounds like it was mostly reluctance to drag undesirables into the
QAPI schema.

Commit f6b560bbc1 "softmmu/vl: Remove obsolete comment about the "frame"
parameter" dropped item "frame".

Commit 8e8e844be4 "softmmu/vl: Add a "grab-mod" parameter to the
-display sdl option" decided the future of ctrl_grab + alt_grab.  It
replaced the second item's text:

+ * They can't be moved into the QAPI since they use 
underscores,
+ * thus they will get replaced by "grab-mod" in the long term

I figure they could've been moved to the QAPI schema back then.
Instead, we're getting rid of them without a detour through the schema.
Good!

+ */
 dpy.type = DISPLAY_TYPE_SDL;
 while (*opts) {
 const char *nextopt;
@@ -2179,6 +2189,10 @@ static void parse_display(const char *p)
 opts = nextopt;
 }
 } else if (strstart(p, "vnc", &opts)) {
+/*
+ * vnc isn't a (local) DisplayType but a protocol for remote
+ * display access.
+ */
 if (*opts == '=') {
 vnc_parse(opts + 1, &error_fatal);
 } else {

This remains, and that's fine.  One step at time.

>  Now that the problematic parameters have been removed, we can
> switch to use the QAPI parser instead.

Here's my attempt at a more accurate commit message.

  The "-display sdl" option still uses a hand-crafted parser for its
  parameters since we didn't want to drag an interface we considered
  somewhat flawed into the QAPI schema.  Since the flaws are gone now,
  it's time to QAPIfy.

> This introduces the new "DisplaySDL" QAPI struct that is used to hold
> the parameters that are unique to the SDL display. The only specific
> parameter is currently "grab-mod" which is modeled as a string, so that
> it could be extended for other arbitrary modifiers later more easily.

Are the values of @grab-mod parsed in any way, or do we recognize a set
of fixed strings?

The former would be problematic.  We try hard to represent complex data
as JSON instead of inventing little ad hoc languages.

If it's the latter, use an enum.  Makes introspection more useful, and
adding enumeration values is no harder than adding string literals.

> Signed-off-by: Thomas Huth 

Re: [PATCH] qapi: make machine type deprecation a warning

[Paolo Bonzini]

On 5/12/22 12:46, Markus Armbruster wrote:

Commit message nitpick: not sure this is "qapi:".  The commit that
introduced "Machine type ... is deprecated" (08fe68244eb) used
"hw/i386:".  We commonly use "vl:", "softmmu:", and "softmmu/vl:" for
this file.


Will do.

I wonder if I should already propose renaming vl.c to climain.c, even if 
there's no qmpmain.c yet.  Emotional/historical attachment is probably 
not good enough of a reason to keep that name.


I suppose this is already a proposal.

Paolo

Re: [PATCH] target/openrisc: Do not reset delay slot flag on early tb exit

[Stafford Horne]

On Wed, May 11, 2022 at 07:11:20PM -0700, Richard Henderson wrote:
> On 5/11/22 15:34, Stafford Horne wrote:
> > In this case I don't see how the tb->flag would be updated, ooh, I guess it
> > would have been set earlier when the TB was generated.  Maybe that is what 
> > I am
> > missing.
> 
> Correct, it should be unchanged (and correct) from generation.

OK, its very clear now thanks.

With that said, I am still not convinced we need something like:

--- a/target/openrisc/cpu.c
+++ b/target/openrisc/cpu.c
@@ -37,6 +37,7 @@ static void openrisc_cpu_synchronize_from_tb(CPUState *cs,
 OpenRISCCPU *cpu = OPENRISC_CPU(cs);
 
 cpu->env.pc = tb->pc;
+cpu->env.dflag = (tb->flags & TB_FLAGS_DFLAG) ? 1 : 0;
 }


I will leave it out for now as I feel comfortable that the env.dflag will be
correct.  But if you think of something let me know.

-Stafford

Re: [RFC PATCH qemu] spapr/docs: Add a few words about x-vof

[Cédric Le Goater]

On 5/12/22 05:10, Alexey Kardashevskiy wrote:



On 5/12/22 06:42, Daniel Henrique Barboza wrote:



On 5/6/22 02:51, Alexey Kardashevskiy wrote:

The alternative small firmware needs a few words of what it can and
absolutely cannot do; this adds those words.

Signed-off-by: Alexey Kardashevskiy 
---
  docs/system/ppc/pseries.rst | 28 
  1 file changed, 28 insertions(+)

diff --git a/docs/system/ppc/pseries.rst b/docs/system/ppc/pseries.rst
index d9b65ad4e850..4c98a94f9add 100644
--- a/docs/system/ppc/pseries.rst
+++ b/docs/system/ppc/pseries.rst
@@ -32,14 +32,42 @@ Missing devices
  Firmware
  
+The pSeries platform in QEMU comes with 2 firmwares:
+
  `SLOF `_ (Slimline Open Firmware) is an
  implementation of the `IEEE 1275-1994, Standard for Boot (Initialization
  Configuration) Firmware: Core Requirements and Practices
  `_.
+SLOF performs bus scanning, PCI resource allocation, provides the client
+interface to boot from block devices and network.
+
  QEMU includes a prebuilt image of SLOF which is updated when a more recent
  version is required.
+VOF (Virtual Open Firmware) is a minimalistic firmware to work with
+``-machine pseries,x-vof=on``. When enabled, the firmware acts as a slim
+shim and QEMU implements parts of the IEEE 1275 Open Firmware interface.
+
+VOF does not have device drivers, does not do PCI resource allocation and
+relies on ``-kernel`` used with Linux kernels recent enough (v5.4+)
+to PCI resource assignment. It is ideal to use with petitboot.
+
+Booting via ``-kernel`` supports the following:
++---+---+--+
+| kernel    | pseries,x-vof=off | pseries,x-vof=on |
++===+===+==+
+| vmlinux BE    | ✓ | ✓    |
++---+---+--+
+| vmlinux LE    | ✓ | ✓    |
++---+---+--+
+| zImage.pseries BE | x | ✓¹   |
++---+---+--+
+| zImage.pseries LE | ✓ | ✓    |
++---+---+--+


You need an empty line at the start and at the end of the table. Otherwise it'll
be rendered as regular text.


How do you build htmls from these btw?



Install python3-sphinx python3-sphinx-rtd-theme
run configure with --enable-docs
check the result in build/docs/manual/system/arm/

C.

Re: [PATCH 2/2] coroutine: Revert to constant batch size

[Philippe Mathieu-Daudé via]

Hi Hiroki,

On Thu, May 12, 2022 at 8:57 AM 成川 弘樹  wrote:
>
> Thank you for your fix.
>
> I confirmed that after applying this patch, my intended performance
> improvement by 4c41c69e is still kept in our environment.

Is that equivalent to a formal
Tested-by: Hiroki Narukawa 
tag?

> On 2022/05/11 0:10, Kevin Wolf wrote:
> > Commit 4c41c69e changed the way the coroutine pool is sized because for
> > virtio-blk devices with a large queue size and heavy I/O, it was just
> > too small and caused coroutines to be deleted and reallocated soon
> > afterwards. The change made the size dynamic based on the number of
> > queues and the queue size of virtio-blk devices.
> >
> > There are two important numbers here: Slightly simplified, when a
> > coroutine terminates, it is generally stored in the global release pool
> > up to a certain pool size, and if the pool is full, it is freed.
> > Conversely, when allocating a new coroutine, the coroutines in the
> > release pool are reused if the pool already has reached a certain
> > minimum size (the batch size), otherwise we allocate new coroutines.
> >
> > The problem after commit 4c41c69e is that it not only increases the
> > maximum pool size (which is the intended effect), but also the batch
> > size for reusing coroutines (which is a bug). It means that in cases
> > with many devices and/or a large queue size (which defaults to the
> > number of vcpus for virtio-blk-pci), many thousand coroutines could be
> > sitting in the release pool without being reused.
> >
> > This is not only a waste of memory and allocations, but it actually
> > makes the QEMU process likely to hit the vm.max_map_count limit on Linux
> > because each coroutine requires two mappings (its stack and the guard
> > page for the stack), causing it to abort() in qemu_alloc_stack() because
> > when the limit is hit, mprotect() starts to fail with ENOMEM.
> >
> > In order to fix the problem, change the batch size back to 64 to avoid
> > uselessly accumulating coroutines in the release pool, but keep the
> > dynamic maximum pool size so that coroutines aren't freed too early
> > in heavy I/O scenarios.
> >
> > Note that this fix doesn't strictly make it impossible to hit the limit,
> > but this would only happen if most of the coroutines are actually in use
> > at the same time, not just sitting in a pool. This is the same behaviour
> > as we already had before commit 4c41c69e. Fully preventing this would
> > require allowing qemu_coroutine_create() to return an error, but it
> > doesn't seem to be a scenario that people hit in practice.
> >
> > Cc: qemu-sta...@nongnu.org
> > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2079938
> > Fixes: 4c41c69e05fe28c0f95f8abd2ebf407e95a4f04b
> > Signed-off-by: Kevin Wolf 
> > ---

Re: [PATCH] qapi: make machine type deprecation a warning

[Daniel P . Berrangé]

On Thu, May 12, 2022 at 02:24:35PM +0200, Paolo Bonzini wrote:
> On 5/12/22 12:46, Markus Armbruster wrote:
> > Commit message nitpick: not sure this is "qapi:".  The commit that
> > introduced "Machine type ... is deprecated" (08fe68244eb) used
> > "hw/i386:".  We commonly use "vl:", "softmmu:", and "softmmu/vl:" for
> > this file.
> 
> Will do.
> 
> I wonder if I should already propose renaming vl.c to climain.c, even if
> there's no qmpmain.c yet.  Emotional/historical attachment is probably not
> good enough of a reason to keep that name.
> 
> I suppose this is already a proposal.

For all the othe tools we just use the filename $TOOL.c,  eg qemu-img.c,
etc. So what about qemu-system.c

With regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [PATCH v5 10/10] test: tpm-tis: Add Sysbus TPM-TIS device test

[Peter Maydell]

On Thu, 5 Mar 2020 at 16:52, Eric Auger  wrote:
>
> The tests themselves are the same as the ISA device ones.
> Only the main() changes as the "tpm-tis-device" device gets
> instantiated. Also the base address of the device is not
> 0xFED4 anymore but matches the base address of the
> ARM virt platform bus.
>
> Signed-off-by: Eric Auger 
> Reviewed-by: Stefan Berger 

Hi Eric; the commit adding this test is from back in 2020, but I've
just noticed something a bit odd about it:

> +args = g_strdup_printf(
> +"-machine virt,gic-version=max -accel tcg "
> +"-chardev socket,id=chr,path=%s "
> +"-tpmdev emulator,id=dev,chardev=chr "
> +"-device tpm-tis-device,tpmdev=dev",
> +test.addr->u.q_unix.path);

This 'virt' command line doesn't specify a CPU type, so it
will end up running with a Cortex-A15 (32-bit). Was
that intended? Also, it will get a GICv3, which is a
definitely odd combination with an A15, which was a GICv2 CPU...

I noticed this because I have some recent GICv3 patches which
end up asserting if the GICv3 and a non-GICv3 CPU are used together,
and this test case triggers them. Since the user can also cause
an assert with that kind of command line I'm going to rework them
(either to make the virt board fail cleanly or else to make the
GICv3 code do something plausible even if the real hardware CPU
nominally didn't have a GICv3). But maybe we should make this
test case not use a non-standard combination anyway? (The meson
conversion seems to have resulted in this test being run under
qemu-system-arm as well, incidentally, so I guess we would want
it to specify either 'a 64 bit CPU and GICv3' or 'a 32 bit
CPU and GICv2' accordingly. Or limit the test to aarch64...)

thanks
-- PMM

[PATCH RFC 0/2] arm: enable MTE for QEMU + kvm

[Cornelia Huck]

This series enables MTE for kvm guests, if the kernel supports it.
Lightly tested while running under the simulator (the arm64/mte/
kselftests pass... if you wait patiently :)

A new cpu property "mte" (defaulting to on if possible) is introduced;
for tcg, you still need to enable mte at the machine as well.

I've hacked up some very basic qtests; not entirely sure if I'm going
about it the right way.

Some things to look out for:
- Migration is not (yet) supported. I added a migration blocker if we
  enable mte in the kvm case. AFAIK, there isn't any hardware available
  yet that allows mte + kvm to be used (I think the latest Gravitons
  implement mte, but no bare metal instances seem to be available), so
  that should not have any impact on real world usage.
- I'm not at all sure about the interaction between the virt machine 'mte'
  prop and the cpu 'mte' prop. To keep things working with tcg as before,
  a not-specified mte for the cpu should simply give us a guest without
  mte if it wasn't specified for the machine. However, mte on the cpu
  without mte on the machine should probably generate an error, but I'm not
  sure how to detect that without breaking the silent downgrade to preserve
  existing behaviour.
- As I'm still new to arm, please don't assume that I know what I'm doing :)


Cornelia Huck (2):
  arm/kvm: enable MTE if available
  qtests/arm: add some mte tests

 target/arm/cpu.c   | 18 +++-
 target/arm/cpu.h   |  4 ++
 target/arm/cpu64.c | 78 ++
 target/arm/kvm64.c |  5 +++
 target/arm/kvm_arm.h   | 12 ++
 target/arm/monitor.c   |  1 +
 tests/qtest/arm-cpu-features.c | 31 ++
 7 files changed, 137 insertions(+), 12 deletions(-)

-- 
2.34.3

[PATCH RFC 1/2] arm/kvm: enable MTE if available

[Cornelia Huck]

We need to disable migration, as we do not yet have a way to migrate
the tags as well.

Signed-off-by: Cornelia Huck 
---
 target/arm/cpu.c | 18 --
 target/arm/cpu.h |  4 +++
 target/arm/cpu64.c   | 78 
 target/arm/kvm64.c   |  5 +++
 target/arm/kvm_arm.h | 12 +++
 target/arm/monitor.c |  1 +
 6 files changed, 106 insertions(+), 12 deletions(-)

diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 029f644768b1..f0505815b1e7 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -1435,6 +1435,11 @@ void arm_cpu_finalize_features(ARMCPU *cpu, Error **errp)
 error_propagate(errp, local_err);
 return;
 }
+arm_cpu_mte_finalize(cpu, &local_err);
+if (local_err != NULL) {
+error_propagate(errp, local_err);
+return;
+}
 }
 
 if (kvm_enabled()) {
@@ -1504,7 +1509,7 @@ static void arm_cpu_realizefn(DeviceState *dev, Error 
**errp)
 }
 if (cpu->tag_memory) {
 error_setg(errp,
-   "Cannot enable KVM when guest CPUs has MTE enabled");
+   "Cannot enable KVM when guest CPUs has tag memory 
enabled");
 return;
 }
 }
@@ -1882,17 +1887,6 @@ static void arm_cpu_realizefn(DeviceState *dev, Error 
**errp)
ID_PFR1, VIRTUALIZATION, 0);
 }
 
-#ifndef CONFIG_USER_ONLY
-if (cpu->tag_memory == NULL && cpu_isar_feature(aa64_mte, cpu)) {
-/*
- * Disable the MTE feature bits if we do not have tag-memory
- * provided by the machine.
- */
-cpu->isar.id_aa64pfr1 =
-FIELD_DP64(cpu->isar.id_aa64pfr1, ID_AA64PFR1, MTE, 0);
-}
-#endif
-
 /* MPU can be configured out of a PMSA CPU either by setting has-mpu
  * to false or by setting pmsav7-dregion to 0.
  */
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 18ca61e8e25b..183506713e96 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -208,11 +208,13 @@ typedef struct {
 void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp);
 void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
 void arm_cpu_lpa2_finalize(ARMCPU *cpu, Error **errp);
+void arm_cpu_mte_finalize(ARMCPU *cpu, Error **errp);
 #else
 # define ARM_MAX_VQ1
 static inline void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp) { }
 static inline void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) { }
 static inline void arm_cpu_lpa2_finalize(ARMCPU *cpu, Error **errp) { }
+static inline void arm_cpu_mte_finalize(ARMCPU *cpu, Error **errp) { }
 #endif
 
 typedef struct ARMVectorReg {
@@ -993,6 +995,7 @@ struct ArchCPU {
 bool prop_pauth;
 bool prop_pauth_impdef;
 bool prop_lpa2;
+bool prop_mte;
 
 /* DCZ blocksize, in log_2(words), ie low 4 bits of DCZID_EL0 */
 uint32_t dcz_blocksize;
@@ -1091,6 +1094,7 @@ void aarch64_sve_change_el(CPUARMState *env, int old_el,
int new_el, bool el0_a64);
 void aarch64_add_sve_properties(Object *obj);
 void aarch64_add_pauth_properties(Object *obj);
+void aarch64_add_mte_properties(Object *obj);
 
 /*
  * SVE registers are encoded in KVM's memory in an endianness-invariant format.
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index 04427e073f17..eea9ad195470 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -35,7 +35,11 @@
 #include "qapi/visitor.h"
 #include "hw/qdev-properties.h"
 #include "internals.h"
+#include "migration/blocker.h"
 
+#ifdef CONFIG_KVM
+static Error *mte_migration_blocker;
+#endif
 
 static void aarch64_a57_initfn(Object *obj)
 {
@@ -785,6 +789,78 @@ void arm_cpu_lpa2_finalize(ARMCPU *cpu, Error **errp)
 cpu->isar.id_aa64mmfr0 = t;
 }
 
+static Property arm_cpu_mte_property =
+DEFINE_PROP_BOOL("mte", ARMCPU, prop_mte, true);
+
+void aarch64_add_mte_properties(Object *obj)
+{
+ARMCPU *cpu = ARM_CPU(obj);
+
+/*
+ * For tcg, the machine type may provide tag memory for MTE emulation.
+ * We do not know whether that is the case at this point in time, so
+ * default MTE to on and check later.
+ * This preserves pre-existing behaviour, but is really a bit awkward.
+ */
+qdev_property_add_static(DEVICE(obj), &arm_cpu_mte_property);
+if (kvm_enabled()) {
+/*
+ * Default MTE to off, as long as migration support is not
+ * yet implemented.
+ * TODO: implement migration support for kvm
+ */
+cpu->prop_mte = false;
+}
+}
+
+void arm_cpu_mte_finalize(ARMCPU *cpu, Error **errp)
+{
+if (!cpu->prop_mte) {
+/* Disable MTE feature bits. */
+cpu->isar.id_aa64pfr1 =
+FIELD_DP64(cpu->isar.id_aa64pfr1, ID_AA64PFR1, MTE, 0);
+return;
+}
+#ifndef CONFIG_USER_ONLY
+if (!kvm_enabled()) {
+if (cpu_isar_feature(aa64_mte, cpu) && !cpu->tag_memory) {
+/*
+ * Disable the MTE feature bits, unless we h

[PATCH RFC 2/2] qtests/arm: add some mte tests

[Cornelia Huck]

Signed-off-by: Cornelia Huck 
---
 tests/qtest/arm-cpu-features.c | 31 +++
 1 file changed, 31 insertions(+)

diff --git a/tests/qtest/arm-cpu-features.c b/tests/qtest/arm-cpu-features.c
index 5a145273860c..c0be645b1fb0 100644
--- a/tests/qtest/arm-cpu-features.c
+++ b/tests/qtest/arm-cpu-features.c
@@ -22,6 +22,7 @@
 
 #define MACHINE "-machine virt,gic-version=max -accel tcg "
 #define MACHINE_KVM "-machine virt,gic-version=max -accel kvm -accel tcg "
+#define MACHINE_MTE "-machine virt,gic-version=max,mte=on -accel tcg "
 #define QUERY_HEAD  "{ 'execute': 'query-cpu-model-expansion', " \
 "  'arguments': { 'type': 'full', "
 #define QUERY_TAIL  "}}"
@@ -412,6 +413,17 @@ static void sve_tests_sve_off_kvm(const void *data)
 qtest_quit(qts);
 }
 
+static void mte_tests_tag_memory_on(const void *data)
+{
+QTestState *qts;
+
+qts = qtest_init(MACHINE_MTE "-cpu max");
+
+assert_has_feature(qts, "max", "mte");
+
+qtest_quit(qts);
+}
+
 static void pauth_tests_default(QTestState *qts, const char *cpu_type)
 {
 assert_has_feature_enabled(qts, cpu_type, "pauth");
@@ -424,6 +436,14 @@ static void pauth_tests_default(QTestState *qts, const 
char *cpu_type)
  "{ 'pauth': false, 'pauth-impdef': true }");
 }
 
+static void mte_tests_default(QTestState *qts, const char *cpu_type)
+{
+assert_has_feature(qts, cpu_type, "mte");
+
+/* without tag memory, mte will be off under tcg */
+assert_has_feature_disabled(qts, cpu_type, "mte");
+}
+
 static void test_query_cpu_model_expansion(const void *data)
 {
 QTestState *qts;
@@ -473,6 +493,7 @@ static void test_query_cpu_model_expansion(const void *data)
 
 sve_tests_default(qts, "max");
 pauth_tests_default(qts, "max");
+mte_tests_default(qts, "max");
 
 /* Test that features that depend on KVM generate errors without. */
 assert_error(qts, "max",
@@ -499,6 +520,7 @@ static void test_query_cpu_model_expansion_kvm(const void 
*data)
 if (g_str_equal(qtest_get_arch(), "aarch64")) {
 bool kvm_supports_steal_time;
 bool kvm_supports_sve;
+bool kvm_supports_mte;
 char max_name[8], name[8];
 uint32_t max_vq, vq;
 uint64_t vls;
@@ -523,10 +545,12 @@ static void test_query_cpu_model_expansion_kvm(const void 
*data)
  */
 assert_has_feature(qts, "host", "kvm-steal-time");
 assert_has_feature(qts, "host", "sve");
+assert_has_feature(qts, "host", "mte");
 
 resp = do_query_no_props(qts, "host");
 kvm_supports_steal_time = resp_get_feature(resp, "kvm-steal-time");
 kvm_supports_sve = resp_get_feature(resp, "sve");
+kvm_supports_mte = resp_get_feature(resp, "mte");
 vls = resp_get_sve_vls(resp);
 qobject_unref(resp);
 
@@ -592,6 +616,11 @@ static void test_query_cpu_model_expansion_kvm(const void 
*data)
 } else {
 g_assert(vls == 0);
 }
+if (kvm_supports_mte) {
+/* If we have mte then we should be able to toggle it. */
+assert_set_feature(qts, "host", "mte", false);
+assert_set_feature(qts, "host", "mte", true);
+}
 } else {
 assert_has_not_feature(qts, "host", "aarch64");
 assert_has_not_feature(qts, "host", "pmu");
@@ -630,6 +659,8 @@ int main(int argc, char **argv)
 NULL, sve_tests_sve_off);
 qtest_add_data_func("/arm/kvm/query-cpu-model-expansion/sve-off",
 NULL, sve_tests_sve_off_kvm);
+qtest_add_data_func("/arm/max/query-cpu-model-expansion/tag-memory",
+NULL, mte_tests_tag_memory_on);
 }
 
 return g_test_run();
-- 
2.34.3

Re: [RFC PATCH qemu] spapr/docs: Add a few words about x-vof

[Daniel Henrique Barboza]

On 5/12/22 00:10, Alexey Kardashevskiy wrote:



On 5/12/22 06:42, Daniel Henrique Barboza wrote:



On 5/6/22 02:51, Alexey Kardashevskiy wrote:

The alternative small firmware needs a few words of what it can and
absolutely cannot do; this adds those words.

Signed-off-by: Alexey Kardashevskiy 
---
  docs/system/ppc/pseries.rst | 28 
  1 file changed, 28 insertions(+)

diff --git a/docs/system/ppc/pseries.rst b/docs/system/ppc/pseries.rst
index d9b65ad4e850..4c98a94f9add 100644
--- a/docs/system/ppc/pseries.rst
+++ b/docs/system/ppc/pseries.rst
@@ -32,14 +32,42 @@ Missing devices
  Firmware
  
+The pSeries platform in QEMU comes with 2 firmwares:
+
  `SLOF `_ (Slimline Open Firmware) is an
  implementation of the `IEEE 1275-1994, Standard for Boot (Initialization
  Configuration) Firmware: Core Requirements and Practices
  `_.
+SLOF performs bus scanning, PCI resource allocation, provides the client
+interface to boot from block devices and network.
+
  QEMU includes a prebuilt image of SLOF which is updated when a more recent
  version is required.
+VOF (Virtual Open Firmware) is a minimalistic firmware to work with
+``-machine pseries,x-vof=on``. When enabled, the firmware acts as a slim
+shim and QEMU implements parts of the IEEE 1275 Open Firmware interface.
+
+VOF does not have device drivers, does not do PCI resource allocation and
+relies on ``-kernel`` used with Linux kernels recent enough (v5.4+)
+to PCI resource assignment. It is ideal to use with petitboot.
+
+Booting via ``-kernel`` supports the following:
++---+---+--+
+| kernel    | pseries,x-vof=off | pseries,x-vof=on |
++===+===+==+
+| vmlinux BE    | ✓ | ✓    |
++---+---+--+
+| vmlinux LE    | ✓ | ✓    |
++---+---+--+
+| zImage.pseries BE | x | ✓¹   |
++---+---+--+
+| zImage.pseries LE | ✓ | ✓    |
++---+---+--+


You need an empty line at the start and at the end of the table. Otherwise it'll
be rendered as regular text.


How do you build htmls from these btw?


Had to do this yesterday because I changed machines recently. In a Fedora 35
system I did this:


sudo dnf install python3-sphinx
sudo dnf install python-sphinx_rtd_theme-doc
pip install sphinx_rtd_theme

(not sure if all steps are needed)

Then the generated docs will be under build/docs/manual .







+Notes:


I also don't believe you need the "Notes:" addendum here. It's clear that you're
making an observation about the zImage.pseries BE and x-vof=on case.


But only this combination needs kernel-addr=0, other images do not need that 
with SLOF or VOF.



I mentioned about the "Notes:" string. We can remove it and leave just the

+¹ must set kernel-addr=0


Since it's clear that you're making a note about that item in the table.








Everything else LGTM. If no one else has any comment, and you're ok with these
changes I mentioned, I can amend it myself with my R-b.


I'll probably repost after the other patch with kernel-addr is merged into your 
tree. Thanks,


I already picked it (just waiting some tests to finish). But feel free to
send a v2 if you want to play around generating the docs to see how
your patch looks like in the finished HTML.


Thanks,


Daniel








Thanks,


Daniel



+¹ must set kernel-addr=0
+
  Build directions
  

Re: [PATCH v6 00/13] Migration: Transmit and detect zero pages in the multifd threads

[Dr. David Alan Gilbert]

* Juan Quintela (quint...@redhat.com) wrote:
> In this version:
> - document what protects each field in MultiFDRecv/SendParams
> - calcule page_size once when we start the migration, and store it in
>   a field
> - Same for page_count.
> - rebase to latest
> - minor improvements here and there
> - test on huge memory machines
> 
> Command line for all the tests:
> 
> gdb -q --ex "run" --args $QEMU \
>   -name guest=$NAME,debug-threads=on \
>   -m 16G \
>   -smp 6 \
>   -machine q35,accel=kvm,usb=off,dump-guest-core=off \
>   -boot strict=on \
>   -cpu host \
>   -no-hpet \
>   -rtc base=utc,driftfix=slew \
>   -global kvm-pit.lost_tick_policy=delay \
>   -global ICH9-LPC.disable_s3=1 \
>   -global ICH9-LPC.disable_s4=1 \
>   -device pcie-root-port,id=root.1,chassis=1,addr=0x2.0,multifunction=on \
>   -device pcie-root-port,id=root.2,chassis=2,addr=0x2.1 \
>   -device pcie-root-port,id=root.3,chassis=3,addr=0x2.2 \
>   -device pcie-root-port,id=root.4,chassis=4,addr=0x2.3 \
>   -device pcie-root-port,id=root.5,chassis=5,addr=0x2.4 \
>   -device pcie-root-port,id=root.6,chassis=6,addr=0x2.5 \
>   -device pcie-root-port,id=root.7,chassis=7,addr=0x2.6 \
>   -device pcie-root-port,id=root.8,chassis=8,addr=0x2.7 \
>   -blockdev 
> driver=file,node-name=storage0,filename=$FILE,auto-read-only=true,discard=unmap
>  \
>   -blockdev driver=qcow2,node-name=format0,read-only=false,file=storage0 \
>   -device 
> virtio-blk-pci,id=virtio-disk0,drive=format0,bootindex=1,bus=root.1 \
>   -netdev 
> tap,id=hostnet0,vhost=on,script=/etc/kvm-ifup,downscript=/etc/kvm-ifdown \
>   -device virtio-net-pci,id=net0,netdev=hostnet0,mac=$MAC,bus=root.2 \
>   -device virtio-serial-pci,id=virtio-serial0,bus=root.3 \
>   -device virtio-balloon-pci,id=balloon0,bus=root.4 \
>   $GRAPHICS \
>   $CONSOLE \
>   -device virtconsole,id=console0,chardev=charconsole0 \
>   -uuid 9d3be7da-e1ff-41a0-ac39-8b2e04de2c19 \
>   -nodefaults \
>   -msg timestamp=on \
>   -no-user-config \
>   $MONITOR \
>   $TRACE \
>   -global migration.x-multifd=on \
>   -global migration.multifd-channels=16 \
>   -global migration.x-max-bandwidth=$BANDWIDTH
> 
> Tests have been done in a single machine over localhost.  I didn't have 2 
> machines with 4TB of RAM for testing.
> 
> Tests done on a 12TB RAM machine.  Guests where running with 16GB, 1TB and 
> 4TB RAM
> 
> tests run with:
> - upstream multifd
> - multifd + zero page
> - precopy (only some of them)
> 
> tests done:
> - idle clean guest (just booted guest)
> - idle dirty guest (run a program to dirty all memory)
> - test with stress (4 threads each dirtying 1GB RAM)
> 
> Executive summary
> 
> 16GB guest
> Precopyupstream  zero page
> TimeDowntime   TimeDowntime  TimeDowntime
> clean idle  1548 93 1359   48 866167
   866/1359 = 64%
> dirty idle 16222220 2092   371   1870258
   1870/2092 = 89%
> busy 4GB   don't converge  31000   308   1604371
> 
> In the dirty idle, there is some weirdness in the precopy case, I
> tried several times and it always took too much time.  It should be
> faster.
> 
> In the busy 4GB case, precopy don't converge (expected) and without
> zero page, multifd is on the limit, it _almost_ don't convrge, it took
> 187 iterations to converge.
> 
> 1TB
> Precopyupstream  zero page
> TimeDowntime   TimeDowntime  TimeDowntime
> clean idle 8317438172075   345   52966   273
  52966/72075=74%
> dirty idle104587   381   75601   269
  75601/104587=72%
> busy 2GB   79912   345   58953   348
> 
> I only tried the clean idle case with 1TB.  Notice that it is already
> significantively slower.  With 1TB RAM, zero page is clearly superior in all 
> tests.
> 
> 4TB
> upstream  zero page
> TimeDowntime  TimeDowntime
> clean idle  317054  552   215567  500
215567/317054 = 68%
> dirty idle  357581  553   317428  744
317428/357581 = 89%

The 1TB dirty/idle is a bit of an unusual outlier at 72% time; but still
the 89% on the 16GB/4TB dirty case is still a useful improvement - I wasn't
expecting the dirty case to be as good - I wonder if there's some side
benefit, like meaning the page is only read by the data threads and not
also read by the main thread so only in one cache?

(the 10% improvement on the dirty case is more important to me than the
more impressive number for the clean case)

Dave

> The busy case here is similar to the 1TB

Re: [PULL 2/2] vfio: tolerate migration protocol v1 uapi renames

[Avihai Horon]

On 5/12/2022 1:29 PM, Thomas Huth wrote:

External email: Use caution opening links or attachments


From: Matthew Rosato 

The v1 uapi is deprecated and will be replaced by v2 at some point;
this patch just tolerates the renaming of uapi fields to reflect
v1 / deprecated status.

Signed-off-by: Matthew Rosato 
Message-Id: <20220404181726.60291-3-mjros...@linux.ibm.com>
Signed-off-by: Thomas Huth 
---
  hw/vfio/common.c|  2 +-
  hw/vfio/migration.c | 19 +++
  2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 159f910421..8e73d3714a 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -381,7 +381,7 @@ static bool 
vfio_devices_all_running_and_saving(VFIOContainer *container)
  return false;
  }

-if ((migration->device_state & VFIO_DEVICE_STATE_SAVING) &&
+if ((migration->device_state & VFIO_DEVICE_STATE_V1_SAVING) &&
  (migration->device_state & VFIO_DEVICE_STATE_RUNNING)) {


Only now I noticed this, but all existing VFIO_DEVICE_STATE_* enums 
should be changed to their corresponding VFIO_DEVICE_STATE_V1_*.
E.g., here VFIO_DEVICE_STATE_RUNNING should be changed as well to 
VFIO_DEVICE_STATE_V1_RUNNING.


I already have a patch that does this. I will send it today as part of 
the VFIO migration v2 series I am planning to send, so you can just take it.



  continue;
  } else {
diff --git a/hw/vfio/migration.c b/hw/vfio/migration.c
index ff6b45de6b..e109cee551 100644
--- a/hw/vfio/migration.c
+++ b/hw/vfio/migration.c
@@ -432,7 +432,7 @@ static int vfio_save_setup(QEMUFile *f, void *opaque)
  }

  ret = vfio_migration_set_state(vbasedev, VFIO_DEVICE_STATE_MASK,
-   VFIO_DEVICE_STATE_SAVING);
+   VFIO_DEVICE_STATE_V1_SAVING);
  if (ret) {
  error_report("%s: Failed to set state SAVING", vbasedev->name);
  return ret;
@@ -532,7 +532,7 @@ static int vfio_save_complete_precopy(QEMUFile *f, void 
*opaque)
  int ret;

  ret = vfio_migration_set_state(vbasedev, ~VFIO_DEVICE_STATE_RUNNING,
-   VFIO_DEVICE_STATE_SAVING);
+   VFIO_DEVICE_STATE_V1_SAVING);
  if (ret) {
  error_report("%s: Failed to set state STOP and SAVING",
   vbasedev->name);
@@ -569,7 +569,7 @@ static int vfio_save_complete_precopy(QEMUFile *f, void 
*opaque)
  return ret;
  }

-ret = vfio_migration_set_state(vbasedev, ~VFIO_DEVICE_STATE_SAVING, 0);
+ret = vfio_migration_set_state(vbasedev, ~VFIO_DEVICE_STATE_V1_SAVING, 0);
  if (ret) {
  error_report("%s: Failed to set state STOPPED", vbasedev->name);
  return ret;
@@ -730,7 +730,7 @@ static void vfio_vmstate_change(void *opaque, bool running, 
RunState state)
   * start saving data.
   */
  if (state == RUN_STATE_SAVE_VM) {
-value = VFIO_DEVICE_STATE_SAVING;
+value = VFIO_DEVICE_STATE_V1_SAVING;
  } else {
  value = 0;
  }
@@ -768,8 +768,9 @@ static void vfio_migration_state_notifier(Notifier 
*notifier, void *data)
  case MIGRATION_STATUS_FAILED:
  bytes_transferred = 0;
  ret = vfio_migration_set_state(vbasedev,
-  ~(VFIO_DEVICE_STATE_SAVING | VFIO_DEVICE_STATE_RESUMING),
-  VFIO_DEVICE_STATE_RUNNING);
+   ~(VFIO_DEVICE_STATE_V1_SAVING |
+ VFIO_DEVICE_STATE_RESUMING),
+   VFIO_DEVICE_STATE_RUNNING);
  if (ret) {
  error_report("%s: Failed to set state RUNNING", vbasedev->name);
  }
@@ -864,8 +865,10 @@ int vfio_migration_probe(VFIODevice *vbasedev, Error 
**errp)
  goto add_blocker;
  }

-ret = vfio_get_dev_region_info(vbasedev, VFIO_REGION_TYPE_MIGRATION,
-   VFIO_REGION_SUBTYPE_MIGRATION, &info);
+ret = vfio_get_dev_region_info(vbasedev,
+   VFIO_REGION_TYPE_MIGRATION_DEPRECATED,
+   VFIO_REGION_SUBTYPE_MIGRATION_DEPRECATED,
+   &info);
  if (ret) {
  goto add_blocker;
  }
--
2.27.0

Re: [PULL 0/2] Update linux-headers to v5.18-rc6

[Thomas Huth]

On 12/05/2022 12.29, Thomas Huth wrote:

  Hi!

The following changes since commit ec11dc41eec5142b4776db1296972c6323ba5847:

   Merge tag 'pull-misc-2022-05-11' of git://repo.or.cz/qemu/armbru into 
staging (2022-05-11 09:00:26 -0700)

are available in the Git repository at:

   https://gitlab.com/thuth/qemu.git tags/pull-request-2022-05-12

for you to fetch changes up to 98cdec27e4396a2982c85ed148f70770bb6600b4:

   vfio: tolerate migration protocol v1 uapi renames (2022-05-12 11:00:05 +0200)


* Update the linux headers to v5.18-rc6 (required for multiple patch
   series that are currently in flight)
* Fix the vfio code to compile again after the header update

I'm sending this as a separate pull request, so that the the patch
series that are currently in flight do not have to deal each time
with the ugly vfio macro rename anymore.


Replying to the 0/2 header to make sure that this gets seen before it gets 
merged: Please don't merge this series, as Avihai noticed correctly, this 
needs more work first.


 Thomas

Re: [PULL 2/2] vfio: tolerate migration protocol v1 uapi renames

[Thomas Huth]

On 12/05/2022 15.53, Avihai Horon wrote:


On 5/12/2022 1:29 PM, Thomas Huth wrote:

External email: Use caution opening links or attachments


From: Matthew Rosato 

The v1 uapi is deprecated and will be replaced by v2 at some point;
this patch just tolerates the renaming of uapi fields to reflect
v1 / deprecated status.

Signed-off-by: Matthew Rosato 
Message-Id: <20220404181726.60291-3-mjros...@linux.ibm.com>
Signed-off-by: Thomas Huth 
---
  hw/vfio/common.c    |  2 +-
  hw/vfio/migration.c | 19 +++
  2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 159f910421..8e73d3714a 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -381,7 +381,7 @@ static bool 
vfio_devices_all_running_and_saving(VFIOContainer *container)

  return false;
  }

-    if ((migration->device_state & VFIO_DEVICE_STATE_SAVING) &&
+    if ((migration->device_state & VFIO_DEVICE_STATE_V1_SAVING) &&
  (migration->device_state & VFIO_DEVICE_STATE_RUNNING)) {


Only now I noticed this, but all existing VFIO_DEVICE_STATE_* enums should 
be changed to their corresponding VFIO_DEVICE_STATE_V1_*.
E.g., here VFIO_DEVICE_STATE_RUNNING should be changed as well to 
VFIO_DEVICE_STATE_V1_RUNNING.


I already have a patch that does this. I will send it today as part of the 
VFIO migration v2 series I am planning to send, so you can just take it.


Ugh, thanks for noticing!

Alex, could you please take care of this in the next days? Seems like the 
next linux-header updates is really not that trivial anymore due to that 
ugly vfio macro renaming :-( And I'd prefer if somebody could tackle this 
who is really more confident in this area.


 Thomas

Re: [PATCH] vmxcap: add tertiary execution controls

[Vitaly Kuznetsov]

Paolo Bonzini  writes:

> Signed-off-by: Paolo Bonzini 
> ---
>  scripts/kvm/vmxcap | 17 +
>  1 file changed, 17 insertions(+)
>
> diff --git a/scripts/kvm/vmxcap b/scripts/kvm/vmxcap
> index f140040104..ce27f5e635 100755
> --- a/scripts/kvm/vmxcap
> +++ b/scripts/kvm/vmxcap
> @@ -23,6 +23,7 @@ MSR_IA32_VMX_TRUE_PROCBASED_CTLS = 0x48E
>  MSR_IA32_VMX_TRUE_EXIT_CTLS = 0x48F
>  MSR_IA32_VMX_TRUE_ENTRY_CTLS = 0x490
>  MSR_IA32_VMX_VMFUNC = 0x491
> +MSR_IA32_VMX_PROCBASED_CTLS3 = 0x492
>  
>  class msr(object):
>  def __init__(self):
> @@ -71,6 +72,13 @@ class Control(object):
>  s = 'yes'
>  print('  %-40s %s' % (self.bits[bit], s))
>  
> +# All 64 bits in the tertiary controls MSR are allowed-1
> +class Allowed1Control(Control):
> +def read2(self, nr):
> +m = msr()
> +val = m.read(nr, 0)
> +return (0, val)
> +
>  class Misc(object):
>  def __init__(self, name, bits, msr):
>  self.name = name
> @@ -135,6 +143,7 @@ controls = [
>  12: 'RDTSC exiting',
>  15: 'CR3-load exiting',
>  16: 'CR3-store exiting',
> +17: 'Activate tertiary controls',
>  19: 'CR8-load exiting',
>  20: 'CR8-store exiting',
>  21: 'Use TPR shadow',
> @@ -186,6 +195,14 @@ controls = [
>  cap_msr = MSR_IA32_VMX_PROCBASED_CTLS2,
>  ),
>  
> +Allowed1Control(
> +name = 'tertiary processor-based controls',
> +bits = {
> +4: 'Enable IPI virtualization'
> +},
> +cap_msr = MSR_IA32_VMX_PROCBASED_CTLS3,
> +),
> +
>  Control(
>  name = 'VM-Exit controls',
>  bits = {

Not sure which particular CPUs are going to implement this (whould be
nice to add this info to the blurb) but this matches Intel doc
(https://software.intel.com/content/www/us/en/develop/download/intel-architecture-instruction-set-extensions-programming-reference.html)
and "IPI virtualization support for VM" series for KVM, so

Reviewed-by: Vitaly Kuznetsov 

-- 
Vitaly

Re: [PATCH] qemu-iotests: inline common.config into common.rc

[Kevin Wolf]

Am 05.05.2022 um 11:47 hat Paolo Bonzini geschrieben:
> common.rc has some complicated logic to find the common.config that
> dates back to xfstests and is completely unnecessary now.  Just include
> the contents of the file.
> 
> Signed-off-by: Paolo Bonzini 

Thanks, applied to the block branch.

Kevin

Re: [PATCH v2] docs/about: Update the support statement for Windows

[Thomas Huth]

On 12/05/2022 10.37, Daniel P. Berrangé wrote:

On Thu, May 12, 2022 at 09:39:29AM +0200, Thomas Huth wrote:

Our support statement for Windows currently talks about "Vista / Server
2008" - which is related to the API of Windows, and this is not easy
to understand for the non-technical users. Additionally, glib sets the
_WIN32_WINNT macro to 0x0601 already, which indicates the Windows 7 API,
so QEMU effectively depends on the Windows 7 API, too.

Thus let's bump the _WIN32_WINNT setting in QEMU to the same level as
glib uses and adjust our support statement in the documentation to
something similar that we're using for Linux and the *BSD systems
(i.e. only the two most recent versions), which should hopefully be
easier to understand for the users now.

And since we're nowadays also compile-testing QEMU with MSYS2 on Windows
itself, I think we could mention this build environment here, too.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/880
Signed-off-by: Thomas Huth 
---
  v2: Rephrase and update the _WIN32_WINNT macro, too

  docs/about/build-platforms.rst | 14 +-
  include/qemu/osdep.h   |  2 +-
  2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/docs/about/build-platforms.rst b/docs/about/build-platforms.rst
index e9163ba556..1958edb430 100644
--- a/docs/about/build-platforms.rst
+++ b/docs/about/build-platforms.rst
@@ -86,11 +86,15 @@ similar versions.
  Windows
  ---
  
-The project supports building with current versions of the MinGW toolchain,

-hosted on Linux (Debian/Fedora).
-
-The version of the Windows API that's currently targeted is Vista / Server
-2008.
+The project aims to support the two most recent versions of Windows that are
+still supported by the vendor. The minimum Windows API that is currently
+targeted is "Windows 7", so theoretically the QEMU binaries can still be run
+on older versions of Windows, too. However, such old versions of Windows are
+not tested anymore, so it is recommended to use one of the latest versions of
+Windows instead.
+
+The project supports building QEMU with current versions of the MinGW
+toolchain, either hosted on Linux (Debian/Fedora) or via MSYS2 on Windows.
  
  .. _Homebrew: https://brew.sh/

  .. _MacPorts: https://www.macports.org/
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 1c1e7eca98..e2f88597b6 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -75,7 +75,7 @@ QEMU_EXTERN_C int daemon(int, int);
  #ifdef _WIN32
  /* as defined in sdkddkver.h */
  #ifndef _WIN32_WINNT
-#define _WIN32_WINNT 0x0600 /* Vista */
+#define _WIN32_WINNT 0x0601 /* Windows 7 API */
  #endif
  /* reduces the number of implicitly included headers */
  #ifndef WIN32_LEAN_AND_MEAN


Reviewed-by: Daniel P. Berrangé 

but how about also adding a comment before 'glib_req_ver' in
configure reminding us to bump _WIN32_WINNT and adding a
comment here reminding us to set this to match the _WIN32_WINNT
in our min glib ?


Can do. Will send a v3.

 Thomas

Re: [PATCH v5 3/4] vdpa: add vdpa-dev support

[Stefano Garzarella]

On Thu, May 12, 2022 at 02:21:02PM +0800, Longpeng(Mike) wrote:

From: Longpeng 

Supports vdpa-dev, we can use the deivce directly:

-M microvm -m 512m -smp 2 -kernel ... -initrd ... -device \
vhost-vdpa-device,vhostdev=/dev/vhost-vdpa-x

Signed-off-by: Longpeng 
---
hw/virtio/Kconfig|   5 +
hw/virtio/meson.build|   1 +
hw/virtio/vdpa-dev.c | 377 +++
include/hw/virtio/vdpa-dev.h |  43 
4 files changed, 426 insertions(+)
create mode 100644 hw/virtio/vdpa-dev.c
create mode 100644 include/hw/virtio/vdpa-dev.h

diff --git a/hw/virtio/Kconfig b/hw/virtio/Kconfig
index c144d42f9b..724eb58a32 100644
--- a/hw/virtio/Kconfig
+++ b/hw/virtio/Kconfig
@@ -68,3 +68,8 @@ config VHOST_USER_RNG
bool
default y
depends on VIRTIO && VHOST_USER
+
+config VHOST_VDPA_DEV
+bool
+default y
+depends on VIRTIO && VHOST_VDPA && LINUX
diff --git a/hw/virtio/meson.build b/hw/virtio/meson.build
index 67dc77e00f..8f6f86db71 100644
--- a/hw/virtio/meson.build
+++ b/hw/virtio/meson.build
@@ -29,6 +29,7 @@ virtio_ss.add(when: 'CONFIG_VHOST_USER_I2C', if_true: 
files('vhost-user-i2c.c'))
virtio_ss.add(when: ['CONFIG_VIRTIO_PCI', 'CONFIG_VHOST_USER_I2C'], if_true: 
files('vhost-user-i2c-pci.c'))
virtio_ss.add(when: 'CONFIG_VHOST_USER_RNG', if_true: files('vhost-user-rng.c'))
virtio_ss.add(when: ['CONFIG_VHOST_USER_RNG', 'CONFIG_VIRTIO_PCI'], if_true: 
files('vhost-user-rng-pci.c'))
+virtio_ss.add(when: 'CONFIG_VHOST_VDPA_DEV', if_true: files('vdpa-dev.c'))

virtio_pci_ss = ss.source_set()
virtio_pci_ss.add(when: 'CONFIG_VHOST_VSOCK', if_true: 
files('vhost-vsock-pci.c'))
diff --git a/hw/virtio/vdpa-dev.c b/hw/virtio/vdpa-dev.c
new file mode 100644
index 00..56597c881a
--- /dev/null
+++ b/hw/virtio/vdpa-dev.c
@@ -0,0 +1,377 @@
+/*
+ * Vhost Vdpa Device
+ *
+ * Copyright (c) Huawei Technologies Co., Ltd. 2022. All Rights Reserved.
+ *
+ * Authors:
+ *   Longpeng 
+ *
+ * Largely based on the "vhost-user-blk-pci.c" and "vhost-user-blk.c" 
implemented by:
+ *   Changpeng Liu 
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2 or later.
+ * See the COPYING.LIB file in the top-level directory.
+ */
+#include "qemu/osdep.h"
+#include 
+#include 
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu/cutils.h"
+#include "hw/qdev-core.h"
+#include "hw/qdev-properties.h"
+#include "hw/qdev-properties-system.h"
+#include "hw/virtio/vhost.h"
+#include "hw/virtio/virtio.h"
+#include "hw/virtio/virtio-bus.h"
+#include "hw/virtio/virtio-access.h"
+#include "hw/virtio/vdpa-dev.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/runstate.h"
+
+static void
+vhost_vdpa_device_dummy_handle_output(VirtIODevice *vdev, VirtQueue *vq)
+{
+/* Nothing to do */
+}
+
+static uint32_t
+vhost_vdpa_device_get_u32(int fd, unsigned long int cmd, Error **errp)
+{
+uint32_t val = (uint32_t)-1;
+
+if (ioctl(fd, cmd, &val) < 0) {
+error_setg(errp, "vhost-vdpa-device: cmd 0x%lx failed: %s",
+   cmd, strerror(errno));
+}
+
+return val;
+}
+
+static void vhost_vdpa_device_realize(DeviceState *dev, Error **errp)
+{
+VirtIODevice *vdev = VIRTIO_DEVICE(dev);
+VhostVdpaDevice *v = VHOST_VDPA_DEVICE(vdev);
+uint16_t max_queue_size;
+struct vhost_virtqueue *vqs;
+int i, ret;
+
+if (!v->vhostdev) {
+error_setg(errp, "vhost-vdpa-device: vhostdev are missing");
+return;
+}
+
+v->vhostfd = qemu_open(v->vhostdev, O_RDWR, errp);
+if (*errp) {
+return;
+}
+v->vdpa.device_fd = v->vhostfd;
+
+v->vdev_id = vhost_vdpa_device_get_u32(v->vhostfd,
+   VHOST_VDPA_GET_DEVICE_ID, errp);
+if (*errp) {
+goto out;
+}
+
+max_queue_size = vhost_vdpa_device_get_u32(v->vhostfd,
+   VHOST_VDPA_GET_VRING_NUM, errp);
+if (*errp) {
+goto out;
+}
+
+if (v->queue_size > max_queue_size) {
+error_setg(errp, "vhost-vdpa-device: invalid queue_size: %u (max:%u)",
+   v->queue_size, max_queue_size);
+goto out;
+} else if (!v->queue_size) {
+v->queue_size = max_queue_size;
+}
+
+v->num_queues = vhost_vdpa_device_get_u32(v->vhostfd,
+  VHOST_VDPA_GET_VQS_COUNT, errp);
+if (*errp) {
+goto out;
+}
+
+if (!v->num_queues || v->num_queues > VIRTIO_QUEUE_MAX) {
+error_setg(errp, "invalid number of virtqueues: %u (max:%u)",
+   v->num_queues, VIRTIO_QUEUE_MAX);
+goto out;
+}
+
+v->dev.nvqs = v->num_queues;
+vqs = g_new0(struct vhost_virtqueue, v->dev.nvqs);
+v->dev.vqs = vqs;
+v->dev.vq_index = 0;
+v->dev.vq_index_end = v->dev.nvqs;
+v->dev.backend_features = 0;
+v->started = false;
+
+ret = vhost_dev_init(&v->dev, &v->vdpa, VHOST_BACKEND_TYPE_VDPA, 0, NULL);
+if (ret < 0) {
+