aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2020-09-09iotests/028: Add test for cross-base-EOF readsMax Reitz
Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20200728120806.265916-3-mreitz@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Tested-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Tested-by: Claudio Fontana <cfontana@suse.de> (cherry picked from commit ae159450e161b3e1e2c5b815d19632abbbbcd1a1) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-09-02tests: tpm: Skip over pcrUpdateCounter byte in result comparisonStefan Berger
The TPM 2 code in libtpms was fixed to handle the PCR 'TCB group' according to the PCClient profile. The change of the PCRs belonging to the 'TCB group' now affects the pcrUpdateCounter in the TPM2_PCRRead() responses where its value is now different (typically lower by '1') than what it was before. To not fail the tests, we skip the comparison of the 14th byte, which represents the pcrUpdateCounter. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20200707201625.4177419-3-stefanb@linux.vnet.ibm.com (cherry picked from commit df8a7568932e4c3c930fdfeb228dd72b4bb71a1f) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-09-02tests/acceptance/boot_linux: Expand SD card image to power of 2Philippe Mathieu-Daudé
In few commits we won't allow SD card images with invalid size (not aligned to a power of 2). Prepare the tests: add the pow2ceil() and image_pow2ceil_expand() methods and resize the images (expanding) of the tests using SD cards. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Cleber Rosa <crosa@redhat.com> Message-Id: <20200713183209.26308-5-f4bug@amsat.org> (cherry picked from commit 6a289a5ba3383e17fb47029720425bef42e424d7) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-09-02tests/acceptance: refactor boot_linux_console test to allow code reusePavel Dovgalyuk
This patch splits code in BootLinuxConsole class into two different classes to allow reusing it by record/replay tests. Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <159073588490.20809.13942096070255577558.stgit@pasha-ThinkPad-X280> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> (cherry picked from commit 12121c496fcc609e23033c4a36399b54f98bcd56) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-09-02tests/acceptance: refactor boot_linux to allow code reusePavel Dovgalyuk
This patch moves image downloading functions to the separate class to allow reusing them from record/replay tests. Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <159073593167.20809.17582679291556188984.stgit@pasha-ThinkPad-X280> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> (cherry picked from commit 1c80c87c8c2489e4318c93c844aa29bc1d014146) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-09-02tests/acceptance: allow console interaction with specific VMsPavel Dovgalyuk
Console interaction in avocado scripts was possible only with single default VM. This patch modifies the function parameters to allow passing a specific VM as a parameter to interact with it. Signed-off-by: Pavel Dovgalyuk <Pavel.Dovgaluk@ispras.ru> Reviewed-by: Willian Rampazzo <willianr@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <159073587933.20809.5122618715976660635.stgit@pasha-ThinkPad-X280> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> (cherry picked from commit a5ba86d423c2b071894d86c60487f2317c7ffb60) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-09-02tests/acceptance/boot_linux: Tag tests using a SD card with 'device:sd'Philippe Mathieu-Daudé
Avocado tags are handy to automatically select tests matching the tags. Since these tests use a SD card, tag them. We can run all the tests using a SD card at once with: $ avocado --show=app run -t u-boot tests/acceptance/ $ AVOCADO_ALLOW_LARGE_STORAGE=ok \ avocado --show=app \ run -t device:sd tests/acceptance/ Fetching asset from tests/acceptance/boot_linux_console.py:BootLinuxConsole.test_arm_orangepi_sd Fetching asset from tests/acceptance/boot_linux_console.py:BootLinuxConsole.test_arm_orangepi_bionic Fetching asset from tests/acceptance/boot_linux_console.py:BootLinuxConsole.test_arm_orangepi_uboot_netbsd9 (1/3) tests/acceptance/boot_linux_console.py:BootLinuxConsole.test_arm_orangepi_sd: PASS (19.56 s) (2/3) tests/acceptance/boot_linux_console.py:BootLinuxConsole.test_arm_orangepi_bionic: PASS (49.97 s) (3/3) tests/acceptance/boot_linux_console.py:BootLinuxConsole.test_arm_orangepi_uboot_netbsd9: PASS (20.06 s) RESULTS : PASS 3 | ERROR 0 | FAIL 0 | SKIP 0 | WARN 0 | INTERRUPT 0 | CANCEL 0 JOB TIME : 90.02 s Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Cleber Rosa <crosa@redhat.com> Tested-by: Cleber Rosa <crosa@redhat.com> Message-Id: <20200713183209.26308-4-f4bug@amsat.org> (cherry picked from commit b7dcbf1395da960ec3c313300dc0030674de8cd1) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-08-27libqos: pci-pc: use 32-bit write for EJ registerPaolo Bonzini
The memory region ops have min_access_size == 4 so obey it. Tested-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 4b7c06837ae0b1ff56473202a42e7e386f53d6db) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-08-27libqos: usb-hcd-ehci: use 32-bit write for config registerPaolo Bonzini
The memory region ops have min_access_size == 4 so obey it. Tested-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 89ed83d8b23c11d250c290593cad3ca839d5b053) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-08-24iotests/283: Use consistent size for source and targetKevin Wolf
The test case forgot to specify the null-co size for the target node. When adding a check to backup that both sizes match, this would fail because of the size mismatch and not the behaviour that the test really wanted to test. Fixes: a541fcc27c98b96da187c7d4573f3270f3ddd283 Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20200430142755.315494-2-kwolf@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> (cherry picked from commit 813cc2545b82409fd504509f0ba2e96fab6edb9e) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-08-24nbd/server: Avoid long error message assertions CVE-2020-10761Eric Blake
Ever since commit 36683283 (v2.8), the server code asserts that error strings sent to the client are well-formed per the protocol by not exceeding the maximum string length of 4096. At the time the server first started sending error messages, the assertion could not be triggered, because messages were completely under our control. However, over the years, we have added latent scenarios where a client could trigger the server to attempt an error message that would include the client's information if it passed other checks first: - requesting NBD_OPT_INFO/GO on an export name that is not present (commit 0cfae925 in v2.12 echoes the name) - requesting NBD_OPT_LIST/SET_META_CONTEXT on an export name that is not present (commit e7b1948d in v2.12 echoes the name) At the time, those were still safe because we flagged names larger than 256 bytes with a different message; but that changed in commit 93676c88 (v4.2) when we raised the name limit to 4096 to match the NBD string limit. (That commit also failed to change the magic number 4096 in nbd_negotiate_send_rep_err to the just-introduced named constant.) So with that commit, long client names appended to server text can now trigger the assertion, and thus be used as a denial of service attack against a server. As a mitigating factor, if the server requires TLS, the client cannot trigger the problematic paths unless it first supplies TLS credentials, and such trusted clients are less likely to try to intentionally crash the server. We may later want to further sanitize the user-supplied strings we place into our error messages, such as scrubbing out control characters, but that is less important to the CVE fix, so it can be a later patch to the new nbd_sanitize_name. Consideration was given to changing the assertion in nbd_negotiate_send_rep_verr to instead merely log a server error and truncate the message, to avoid leaving a latent path that could trigger a future CVE DoS on any new error message. However, this merely complicates the code for something that is already (correctly) flagging coding errors, and now that we are aware of the long message pitfall, we are less likely to introduce such errors in the future, which would make such error handling dead code. Reported-by: Xueqiang Wei <xuwei@redhat.com> CC: qemu-stable@nongnu.org Fixes: https://bugzilla.redhat.com/1843684 CVE-2020-10761 Fixes: 93676c88d7 Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20200610163741.3745251-2-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> (cherry picked from commit 5c4fe018c025740fef4a0a4421e8162db0c3eefd) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2020-04-15tests/docker: add docs FEATURE flag and use for test-miscAlex Bennée
The test-misc docker test fails on a number of images which don't have the prerequisites to build the docs. Use the FEATURES flag so we can skip those tests. As the sphinx test fails to detect whatever feature we need to get hxtool to work we drop them from debian9 so the windows build doesn't attempt to build the docs. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200414200631.12799-7-alex.bennee@linaro.org>
2020-04-14Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
Bugfixes, and reworking of the atomics documentation. # gpg: Signature made Tue 14 Apr 2020 15:38:01 BST # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: hax: Windows doesn't like posix device names tests: numa: test one backend with prealloc enabled hostmem: set default prealloc_threads to valid value Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-04-14tests: numa: test one backend with prealloc enabledIgor Mammedov
Cannibalize one backend in the HMAT test to make sure that prealloc=y is tested. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20200325094423.24293-3-imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-04-13Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
Bugfixes, and reworking of the atomics documentation. # gpg: Signature made Mon 13 Apr 2020 07:56:22 BST # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: module: increase dirs array size by one memory: Do not allow direct write access to rom_device regions vl.c: error out if -mem-path is used together with -M memory-backend rcu: do not mention atomic_mb_read/set in documentation atomics: update documentation atomics: convert to reStructuredText oslib-posix: take lock before qemu_cond_broadcast piix: fix xenfv regression, add compat machine xenfv-4.2 Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-04-11piix: fix xenfv regression, add compat machine xenfv-4.2Olaf Hering
With QEMU 4.0 an incompatible change was added to pc_piix, which makes it practical impossible to migrate domUs started with qemu2 or qemu3 to newer qemu versions. Commit 7fccf2a06890e3bc3b30e29827ad3fb93fe88fea added and enabled a new member "smbus_no_migration_support". In commit 4ab2f2a8aabfea95cc53c64e13b3f67960b27fdf the vmstate_acpi got new elements, which are conditionally filled. As a result, an incoming migration expected smbus related data unless smbus migration was disabled for a given MachineClass. Since first commit forgot to handle 'xenfv', domUs started with QEMU 4.x are incompatible with their QEMU siblings. Using other existing machine types, such as 'pc-i440fx-3.1', is not possible because 'xenfv' creates the 'xen-platform' PCI device at 00:02.0, while all other variants to run a domU would create it at 00:04.0. To cover both the existing and the broken case of 'xenfv' in a single qemu binary, a new compatibility variant of 'xenfv-4.2' must be added which targets domUs started with qemu 4.2. The existing 'xenfv' restores compatibility of QEMU 5.x with qemu 3.1. Host admins who started domUs with QEMU 4.x (preferrable QEMU 4.2) have to use a wrapper script which appends '-machine xenfv-4.2' to the device-model command line. This is only required if there is no maintenance window which allows to temporary shutdown the domU and restart it with a fixed device-model. The wrapper script is as simple as this: #!/bin/sh exec /usr/bin/qemu-system-i386 "$@" -machine xenfv-4.2 With xl this script will be enabled with device_model_override=, see xl.cfg(5). To live migrate a domU, adjust the existing domU.cfg and pass it to xl migrate or xl save/restore: xl migrate -C new-domU.cfg domU remote-host xl save domU CheckpointFile new-domU.cfg xl restore new-domU.cfg CheckpointFile With libvirt this script will be enabled with the <emulator> element in domU.xml. Use 'virsh edit' prior 'virsh migrate' to replace the existing <emulator> element to point it to the wrapper script. Signed-off-by: Olaf Hering <olaf@aepfle.de> Message-Id: <20200327151841.13877-1-olaf@aepfle.de> [Adjust tests for blacklisted machine types, simplifying the one in qom-test. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-04-07Merge remote-tracking branch 'remotes/stsquad/tags/pull-misc-fixes-070420-1' ↵Peter Maydell
into staging Various fixes: - add .github repo lockdown config - better handle missing symbols in elf-ops - protect fcntl64 with #ifdef - remove unused macros from test - fix handling of /proc/self/maps - avoid BAD_SHIFT in x80 softfloat - properly terminate on .hex EOF - fix configure probe on windows cross build - fix %r12 guest_base initialization # gpg: Signature made Tue 07 Apr 2020 16:31:14 BST # gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full] # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-misc-fixes-070420-1: tcg/i386: Fix %r12 guest_base initialization configure: Add -Werror to PIE probe hw/core: properly terminate loading .hex on EOF record linux-user: clean-up padding on /proc/self/maps linux-user: factor out reading of /proc/self/maps softfloat: Fix BAD_SHIFT from normalizeFloatx80Subnormal gdbstub: fix compiler complaining target/xtensa: add FIXME for translation memory leak linux-user: more debug for init_guest_space tests/tcg: remove extraneous pasting macros linux-user: protect fcntl64 with an #ifdef elf-ops: bail out if we have no function symbols .github: Enable repo-lockdown bot to refuse GitHub pull requests Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-04-07Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell
Block layer patches: - Fix crashes and hangs related to iothreads, bdrv_drain and block jobs: - Fix some AIO context locking in jobs - Fix blk->in_flight during blk_wait_while_drained() - vpc: Don't round up already aligned BAT sizes # gpg: Signature made Tue 07 Apr 2020 15:25:24 BST # gpg: using RSA key 7F09B272C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full] # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: vpc: Don't round up already aligned BAT sizes block: Fix blk->in_flight during blk_wait_while_drained() block: Increase BB.in_flight for coroutine and sync interfaces block-backend: Reorder flush/pdiscard function definitions backup: don't acquire aio_context in backup_clean replication: assert we own context before job_cancel_sync job: take each job's lock individually in job_txn_apply Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-04-07Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2020-04-07' ↵Peter Maydell
into staging Block patches for 5.0-rc2: - Fix double QLIST_REMOVE() and potential request object leak in xen-block - Prevent a potential assertion failure in qcow2's code for compressed clusters by rejecting invalid (unaligned) requests with -EIO - Prevent discards on qcow2 v2 images from making backing data reappear - Make qemu-img convert report I/O error locations by byte offsets consistently - Fix for potential I/O test errors (accidental globbing due to missing quotes) # gpg: Signature made Tue 07 Apr 2020 13:30:01 BST # gpg: using RSA key 91BEB60A30DB3E8857D11829F407DB0061D5CF40 # gpg: issuer "mreitz@redhat.com" # gpg: Good signature from "Max Reitz <mreitz@redhat.com>" [full] # Primary key fingerprint: 91BE B60A 30DB 3E88 57D1 1829 F407 DB00 61D5 CF40 * remotes/maxreitz/tags/pull-block-2020-04-07: xen-block: Fix double qlist remove and request leak iotests/common.pattern: Quote echos qcow2: Check request size in qcow2_co_pwritev_compressed_part() qemu-img: Report convert errors by bytes, not sectors qcow2: Forbid discard in qcow2 v2 images with backing files Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-04-07tests/tcg: remove extraneous pasting macrosAlex Bennée
We are not using them and they just get in the way. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200403191150.863-4-alex.bennee@linaro.org>
2020-04-07job: take each job's lock individually in job_txn_applyStefan Reiter
All callers of job_txn_apply hold a single job's lock, but different jobs within a transaction can have different contexts, thus we need to lock each one individually before applying the callback function. Similar to job_completed_txn_abort this also requires releasing the caller's context before and reacquiring it after to avoid recursive locks which might break AIO_WAIT_WHILE in the callback. This is safe, since existing code would already have to take this into account, lest job_completed_txn_abort might have broken. This also brings to light a different issue: When a callback function in job_txn_apply moves it's job to a different AIO context, callers will try to release the wrong lock (now that we re-acquire the lock correctly, previously it would just continue with the old lock, leaving the job unlocked for the rest of the return path). Fix this by not caching the job's context. This is only necessary for qmp_block_job_finalize, qmp_job_finalize and job_exit, since everyone else calls through job_exit. One test needed adapting, since it calls job_finalize directly, so it manually needs to acquire the correct context. Signed-off-by: Stefan Reiter <s.reiter@proxmox.com> Message-Id: <20200407115651.69472-2-s.reiter@proxmox.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-04-07iotests/common.pattern: Quote echosMax Reitz
From time to time, my shell decides to repace the bracketed numbers here by the numbers inside (i.e., "=== Clusters to be compressed [1]" is printed as "=== Clusters to be compressed 1"). That makes tests that use common.pattern fail. Prevent that from happening by quoting the arguments to all echos in common.pattern. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20200403101134.805871-1-mreitz@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-04-07qemu-img: Report convert errors by bytes, not sectorsEric Blake
Various qemu-img commands are inconsistent on whether they report status/errors in terms of bytes or sector offsets. The latter is confusing (especially as more places move to 4k block sizes), so let's switch everything to just use bytes everywhere. One iotest is impacted. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20200402135717.476398-1-eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-04-07qcow2: Forbid discard in qcow2 v2 images with backing filesAlberto Garcia
A discard request deallocates the selected clusters so they read back as zeroes. This is done by clearing the cluster offset field and setting QCOW_OFLAG_ZERO in the L2 entry. This flag is however only supported when qcow_version >= 3. In older images the cluster is simply deallocated, exposing any possible stale data from the backing file. Since discard is an advisory operation it's safer to simply forbid it in this scenario. Note that we are adding this check to qcow2_co_pdiscard() and not to qcow2_cluster_discard() or discard_in_l2_slice() because the last two are also used by qcow2_snapshot_create() to discard the clusters used by the VM state. In this case there's no risk of exposing stale data to the guest and we really want that the clusters are always discarded. Signed-off-by: Alberto Garcia <berto@igalia.com> Message-Id: <20200331114345.29993-1-berto@igalia.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-04-06tests/acceptance/machine_sparc_leon3: Disable HelenOS testPhilippe Mathieu-Daudé
This test was written/tested around beginning of 2019, but was extracted from a bigger series and posted end of June 2019 [*]. Unfortunately I did not notice commit 162abf1a8 was merged by then, which implements the AHB and APB plug and play devices. HelenOS 0.6 is expecting the PnP registers to be not implemented by QEMU, then forces the discovered AMBA devices (see [2]). Before 162abf1a8, the console was displaying: HelenOS bootloader, release 0.6.0 (Elastic Horse) Built on 2014-12-21 20:17:42 for sparc32 Copyright (c) 2001-2014 HelenOS project 0x4000bf20|0x4000bf20: kernel image (496640/128466 bytes) 0x4002b4f2|0x4002b4f2: ns image (154195/66444 bytes) 0x4003b87e|0x4003b87e: loader image (153182/66437 bytes) 0x4004bc03|0x4004bc03: init image (155339/66834 bytes) 0x4005c115|0x4005c115: locsrv image (162063/70267 bytes) 0x4006d390|0x4006d390: rd image (152678/65889 bytes) 0x4007d4f1|0x4007d4f1: vfs image (168480/73394 bytes) 0x4008f3a3|0x4008f3a3: logger image (158034/68368 bytes) 0x4009feb3|0x4009feb3: ext4fs image (234510/100301 bytes) 0x400b8680|0x400b8680: initrd image (8388608/1668901 bytes) ABMA devices: <1:00c> at 0x80000100 irq 3 <1:00d> at 0x80000200 <1:011> at 0x80000300 irq 8 Memory size: 64 MB As of this commit, it is now confused: ABMA devices: <1:3000> at 0x00000000 irq 0 <1:3000> at 0x00000000 irq 0 <1:3000> at 0x00000000 irq 0 <1:3000> at 0x00000000 irq 0 <1:3000> at 0x00000000 irq 0 <1:3000> at 0x00000000 irq 0 <1:3000> at 0x00000000 irq 0 ... As this test is not working as expected, simply disable it (by skipping it) for now. [1] https://www.mail-archive.com/qemu-devel@nongnu.org/msg627094.html [2] https://github.com/HelenOS/helenos/blob/0.6.0/boot/arch/sparc32/src/ambapp.c#L75 Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200331105048.27989-2-f4bug@amsat.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-04-06tests/acceptance/ppc_prep_40p: Use mirror for ftp.software.ibm.comPhilippe Mathieu-Daudé
To avoid regular failures on Travis-CI with ftp.software.ibm.com, use a mirror. Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Tested-by: Willian Rampazzo <willianr@gmail.com> Reviewed-by: Willian Rampazzo <willianr@gmail.com> Message-Id: <20200403172919.24621-4-philmd@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-04-06tests/acceptance/ppc_prep_40p: Use cdn.netbsd.org hostnamePhilippe Mathieu-Daudé
Use NetBSD content delivery network to get faster downloads. Suggested-by: Kamil Rytarowski <kamil@netbsd.org> Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Message-Id: <20200211134504.9156-1-philmd@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-04-06Acceptance test: Fix to EXEC migrationOksana Vohchana
The exec migration test isn't run a whole test scenario. This patch fixes it Fixes: 2e768cb682bf Signed-off-by: Oksana Vohchana <ovoshcha@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Message-Id: <20200325113138.20337-1-ovoshcha@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2020-03-31qtest: add tulip test caseLi Qiang
The tulip networking card emulation has an OOB issue in 'tulip_copy_tx_buffers' when the guest provide malformed descriptor. This test will trigger a ASAN heap overflow crash. To trigger this issue we can construct the data as following: 1. construct a 'tulip_descriptor'. Its control is set to '0x7ff | 0x7ff << 11', this will make the 'tulip_copy_tx_buffers's 'len1' and 'len2' to 0x7ff(2047). So 'len1+len2' will overflow 'TULIPState's 'tx_frame' field. This descriptor's 'buf_addr1' and 'buf_addr2' should set to a guest address. 2. write this descriptor to tulip device's CSR4 register. This will set the 'TULIPState's 'current_tx_desc' field. 3. write 'CSR6_ST' to tulip device's CSR6 register. This will trigger 'tulip_xmit_list_update' and finally calls 'tulip_copy_tx_buffers'. Following shows the backtrack of crash: ==31781==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x628000007cd0 at pc 0x7fe03c5a077a bp 0x7fff05b46770 sp 0x7fff05b45f18 WRITE of size 2047 at 0x628000007cd0 thread T0 #0 0x7fe03c5a0779 (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x79779) #1 0x5575fb6daa6a in flatview_read_continue /home/test/qemu/exec.c:3194 #2 0x5575fb6daccb in flatview_read /home/test/qemu/exec.c:3227 #3 0x5575fb6dae66 in address_space_read_full /home/test/qemu/exec.c:3240 #4 0x5575fb6db0cb in address_space_rw /home/test/qemu/exec.c:3268 #5 0x5575fbdfd460 in dma_memory_rw_relaxed /home/test/qemu/include/sysemu/dma.h:87 #6 0x5575fbdfd4b5 in dma_memory_rw /home/test/qemu/include/sysemu/dma.h:110 #7 0x5575fbdfd866 in pci_dma_rw /home/test/qemu/include/hw/pci/pci.h:787 #8 0x5575fbdfd8a3 in pci_dma_read /home/test/qemu/include/hw/pci/pci.h:794 #9 0x5575fbe02761 in tulip_copy_tx_buffers hw/net/tulip.c:585 #10 0x5575fbe0366b in tulip_xmit_list_update hw/net/tulip.c:678 #11 0x5575fbe04073 in tulip_write hw/net/tulip.c:783 Signed-off-by: Li Qiang <liq3ea@163.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2020-03-27tests/docker: Add libepoxy and libudev packages to the Fedora imagePhilippe Mathieu-Daudé
Install optional dependencies of QEMU to get better coverage. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200322120104.21267-5-philmd@redhat.com> Message-Id: <20200323161514.23952-11-alex.bennee@linaro.org>
2020-03-27tests/docker: Use Python3 PyYAML in the Fedora imagePhilippe Mathieu-Daudé
The Python2 PyYAML is now pointless, switch to the Python3 version. Fixes: bcbf27947 (docker: move tests from python2 to python3) Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200322120104.21267-4-philmd@redhat.com> Message-Id: <20200323161514.23952-10-alex.bennee@linaro.org>
2020-03-27tests/docker: Install gcrypt devel package in Debian imagePhilippe Mathieu-Daudé
In commit 6f8bbb374be we enabled building with the gcrypt library on the the Debian 'x86 host', which was based on Debian Stretch. Later in commit 698a71edbed we upgraded the Debian base image to Buster. Apparently Debian Stretch was listing gcrypt as a QEMU dependency, but this is not the case anymore in Buster, so we need to install it manually (it it not listed by 'apt-get -s build-dep qemu' in the common debian10.docker anymore). This fixes: $ ../configure $QEMU_CONFIGURE_OPTS ERROR: User requested feature gcrypt configure was not able to find it. Install gcrypt devel >= 1.5.0 Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200322120104.21267-3-philmd@redhat.com> Message-Id: <20200323161514.23952-9-alex.bennee@linaro.org>
2020-03-27tests/docker: Keep package list sortedPhilippe Mathieu-Daudé
Keep package list sorted, this eases rebase/cherry-pick. Fixes: 3a6784813 Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20200322120104.21267-2-philmd@redhat.com> Message-Id: <20200323161514.23952-8-alex.bennee@linaro.org>
2020-03-27tests/vm: fix basevm configAlex Bennée
When the patch was merged it was part of a longer series which had already merged the config changes. Semu-revert the config related changes for now so things will build. Fixes: b081986c85fd2 Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200323161514.23952-6-alex.bennee@linaro.org>
2020-03-27tests/vm: update NetBSD to 9.0Gerd Hoffmann
The installer supports GPT now, so the install workflow has changed a bit. Also: run without VGA device. This works around a bug in the seabios sercon code and makes the bootloader menu show up on the serial line, so we can drop the quirk for that. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20200310083218.26355-5-kraxel@redhat.com> Message-Id: <20200323161514.23952-5-alex.bennee@linaro.org>
2020-03-27tests/vm: update FreeBSD to 12.1Gerd Hoffmann
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20200310083218.26355-4-kraxel@redhat.com> Message-Id: <20200323161514.23952-4-alex.bennee@linaro.org>
2020-03-27tests/vm: move vga setupGerd Hoffmann
Move '-device VGA' from basevm.py to the guests, so they have the chance to opt out and run without display device. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200310083218.26355-3-kraxel@redhat.com> Message-Id: <20200323161514.23952-3-alex.bennee@linaro.org>
2020-03-27tests/vm: write raw console logGerd Hoffmann
Run "tail -f /var/tmp/*/qemu*console.raw" in another terminal to watch the install console. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200310083218.26355-2-kraxel@redhat.com> Message-Id: <20200323161514.23952-2-alex.bennee@linaro.org>
2020-03-26iotests/138: Test leaks/corruptions fixed reportMax Reitz
Test that qemu-img check reports the number of leaks and corruptions fixed in its JSON report (after a successful run). While touching the _unsupported_imgopts line, adjust the note on why data_file does not work with this test: The current comment sounds a bit like it is a mistake for qemu-img check not to check external data files' refcounts. But there are no such refcounts, so it is no mistake. Just say that qemu-img check does not do much for external data files, and this is why this test does not work with them. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20200324172757.1173824-4-mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-03-26iotests: Add poke_file_[bl]e functionsMax Reitz
Similarly to peek_file_[bl]e, we may want to write binary integers into a file. Currently, this often means messing around with poke_file and raw binary strings. I hope these functions make it a bit more comfortable. Signed-off-by: Max Reitz <mreitz@redhat.com> Code-suggested-by: Eric Blake <eblake@redhat.com> Message-Id: <20200324172757.1173824-3-mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-03-26qcow2: Avoid feature name extension on small cluster sizeEric Blake
As the feature name table can be quite large (over 9k if all 64 bits of all three feature fields have names; a mere 8 features leaves only 8 bytes for a backing file name in a 512-byte cluster), it is unwise to emit this optional header in images with small cluster sizes. Update iotest 036 to skip running on small cluster sizes; meanwhile, note that iotest 061 never passed on alternative cluster sizes (however, I limited this patch to tests with output affected by adding feature names, rather than auditing for other tests that are not robust to alternative cluster sizes). Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Message-Id: <20200324174233.1622067-4-eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-03-26qcow2: List autoclear bit names in headerEric Blake
The feature table is supposed to advertise the name of all feature bits that we support; however, we forgot to update the table for autoclear bits. While at it, move the table to read-only memory in code, and tweak the qcow2 spec to name the second autoclear bit. Update iotests that are affected by the longer header length. Fixes: 88ddffae Fixes: 93c24936 Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20200324174233.1622067-3-eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-03-25tests/migration: Reduce autoconverge initial bandwidthPhilippe Mathieu-Daudé
When using max-bandwidth=~100Mb/s, this test fails on Travis-CI s390x when configured with --disable-tcg: $ make check-qtest TEST check-qtest-s390x: tests/qtest/boot-serial-test qemu-system-s390x: -accel tcg: invalid accelerator tcg qemu-system-s390x: falling back to KVM TEST check-qtest-s390x: tests/qtest/pxe-test TEST check-qtest-s390x: tests/qtest/test-netfilter TEST check-qtest-s390x: tests/qtest/test-filter-mirror TEST check-qtest-s390x: tests/qtest/test-filter-redirector TEST check-qtest-s390x: tests/qtest/drive_del-test TEST check-qtest-s390x: tests/qtest/device-plug-test TEST check-qtest-s390x: tests/qtest/virtio-ccw-test TEST check-qtest-s390x: tests/qtest/cpu-plug-test TEST check-qtest-s390x: tests/qtest/migration-test ** ERROR:tests/qtest/migration-test.c:1229:test_migrate_auto_converge: 'got_stop' should be FALSE ERROR - Bail out! ERROR:tests/qtest/migration-test.c:1229:test_migrate_auto_converge: 'got_stop' should be FALSE make: *** [tests/Makefile.include:633: check-qtest-s390x] Error 1 Per David Gilbert, "it could just be the writing is slow on s390 and the migration thread fast; in which case the autocomplete wouldn't be needed. Perhaps we just need to reduce the bandwidth limit." Tuning the threshold by reducing the initial bandwidth makes the autoconverge test pass. Suggested-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200323184015.11565-1-philmd@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Tested-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2020-03-24iotests/026: Move v3-exclusive test to new fileMax Reitz
data_file does not work with v2, and we probably want 026 to keep working for v2 images. Thus, open a new file for v3-exclusive error path test cases. Fixes: 81311255f217859413c94f2cd9cebf2684bbda94 (“iotests/026: Test EIO on allocation in a data-file”) Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20200311140707.1243218-1-mreitz@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Tested-by: John Snow <jsnow@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-03-24iotests: Fix cleanup path in some testsMax Reitz
Some iotests leave behind some external data file when run for qcow2 with -o data_file. Fix that. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20200224171631.384314-1-mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-03-21iotests: Increase pause_wait() timeoutKevin Wolf
Waiting for only 1 second proved to be too short on a loaded system, resulting in false positives when testing pull requests. Increase the timeout a bit to make this less likely. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200313083617.8326-4-kwolf@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-03-21iotests.py: Enable faulthandlerKevin Wolf
With this, you can send SIGABRT to a hanging test case and you'll get a Python stack trace so you know where it was hanging. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20200313083617.8326-2-kwolf@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-03-20Merge remote-tracking branch ↵Peter Maydell
'remotes/philmd-gitlab/tags/target_renesas_rx-20200320' into staging Introduce the architectural part of the Renesas RX architecture emulation, developed by Yoshinori Sato. CI jobs results: https://gitlab.com/philmd/qemu/pipelines/127886344 https://travis-ci.org/github/philmd/qemu/builds/664579420 # gpg: Signature made Fri 20 Mar 2020 10:27:32 GMT # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/target_renesas_rx-20200320: Add rx-softmmu target/rx: Dump bytes for each insn during disassembly target/rx: Collect all bytes during disassembly target/rx: Emit all disassembly in one prt() target/rx: Use prt_ldmi for XCHG_mr disassembly target/rx: Replace operand with prt_ldmi in disassembler target/rx: Disassemble rx_index_addr into a string target/rx: RX disassembler target/rx: CPU definitions target/rx: TCG helpers target/rx: TCG translation MAINTAINERS: Add entry for the Renesas RX architecture hw/registerfields.h: Add 8bit and 16bit register macros Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-03-19Add rx-softmmuYoshinori Sato
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Yoshinori Sato <ysato@users.sourceforge.jp> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> [PMD: Squashed patches from Richard Henderson modifying qapi/common.json and tests/machine-none-test.c] Message-Id: <20200224141923.82118-21-ysato@users.sourceforge.jp> [PMD: Added @since 5.0 tag in SysEmuTarget] Acked-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-03-19Merge remote-tracking branch 'remotes/jnsnow/tags/bitmaps-pull-request' into ↵Peter Maydell
staging Pull request # gpg: Signature made Wed 18 Mar 2020 20:23:28 GMT # gpg: using RSA key F9B7ABDBBCACDF95BE76CBD07DEF8106AAFC390E # gpg: Good signature from "John Snow (John Huston) <jsnow@redhat.com>" [full] # Primary key fingerprint: FAEB 9711 A12C F475 812F 18F2 88A9 064D 1835 61EB # Subkey fingerprint: F9B7 ABDB BCAC DF95 BE76 CBD0 7DEF 8106 AAFC 390E * remotes/jnsnow/tags/bitmaps-pull-request: block/qcow2-bitmap: use bdrv_dirty_bitmap_next_dirty nbd/server: use bdrv_dirty_bitmap_next_dirty_area nbd/server: introduce NBDExtentArray block/dirty-bitmap: improve _next_dirty_area API block/dirty-bitmap: add _next_dirty API block/dirty-bitmap: switch _next_dirty_area and _next_zero to int64_t hbitmap: drop meta bitmaps as they are unused hbitmap: unpublish hbitmap_iter_skip_words hbitmap: move hbitmap_iter_next_word to hbitmap.c hbitmap: assert that we don't create bitmap larger than INT64_MAX build: Silence clang warning on older glib autoptr usage Signed-off-by: Peter Maydell <peter.maydell@linaro.org>