The following changes since commit 17dc57990320edaad52ac9ea808be9719c91cea6:

  Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2019-08-20' into staging (2019-08-20 14:14:20 +0100)

are available in the git repository at:


  git://github.com/bonzini/qemu.git tags/for-upstream

for you to fetch changes up to f496f8aca311b0b1fab979657694069871426395:

  x86: Intel AVX512_BF16 feature enabling (2019-08-20 17:26:30 +0200)

----------------------------------------------------------------
* New KVM PV features (Marcelo, Wanpeng)
* valgrind fixes (Andrey)
* Remove clock reset notifiers (David)
* KConfig and Makefile cleanups (Paolo)
* Replay and icount improvements (Pavel)
* x86 FP fixes (Peter M.)
* TCG locking assertions (Roman)
* x86 support for mmap-ed -kernel/-initrd (Stefano)
* Other cleanups (Wei Yang, Yan Zhao, Tony)
* LSI fix for infinite loop (Prasad)
* ARM migration fix (Catherine)
* AVX512_BF16 feature (Jing)

----------------------------------------------------------------
Andrey Shinkevich (3):
      test-throttle: Fix uninitialized use of burst_length
      tests: Fix uninitialized byte in test_visitor_in_fuzz
      i386/kvm: initialize struct at full before ioctl call

Catherine Ho (1):
      migration: do not rom_reset() during incoming migration

Dr. David Alan Gilbert (4):
      mc146818rtc: Remove reset notifiers
      timer: Remove reset notifiers
      replay: Remove host_clock_last
      timer: last, remove last bits of last

Eduardo Habkost (1):
      HACKING: Document 'struct' keyword usage

Jan Kiszka (1):
      kvm: vmxcap: Enhance with latest features

Jing Liu (1):
      x86: Intel AVX512_BF16 feature enabling

Li Qiang (1):
      target-i386: kvm: 'kvm_get_supported_msrs' cleanup

Marcelo Tosatti (1):
      kvm: i386: halt poll control MSR support

Paolo Bonzini (3):
      9p: simplify source file selection
      memory: fix race between TCG and accesses to dirty bitmap
      scsi: lsi: exit infinite loop while executing script (CVE-2019-12068)

Pavel Dovgalyuk (8):
      replay: add missing fix for internal function
      replay: document development rules
      util/qemu-timer: refactor deadline calculation for external timers
      replay: fix replay shutdown
      replay: refine replay-time module
      replay: rename step-related variables and functions
      icount: clean up cpu_can_io at the entry to the block
      icount: remove unnecessary gen_io_end calls

Peter Maydell (1):
      target/i386: Return 'indefinite integer value' for invalid SSE fp->int conversions

Roman Kagan (2):
      cpus-common: nuke finish_safe_work
      cpus-common: assert BQL nesting within cpu-exclusive sections

Stefano Garzarella (3):
      loader: Handle memory-mapped ELFs
      elf-ops.h: Map into memory the ELF to load
      hw/i386/pc: Map into memory the initrd

Wanpeng Li (1):
      target-i386: adds PV_SCHED_YIELD CPUID feature bit

Wei Yang (1):
      test-bitmap: test set 1 bit case for bitmap_set

Yan Zhao (1):
      memory: assert on out of scope notification

tony.nguyen@bt.com (1):
      configure: Define target access alignment in configure

 HACKING                                     |  14 +-
 Kconfig.host                                |   1 +
 accel/tcg/cpu-exec.c                        |   1 -
 accel/tcg/translator.c                      |   1 -
 configure                                   |  12 +-
 cpus-common.c                               |  12 +-
 cpus.c                                      |  17 ++-
 docs/devel/replay.txt                       |  46 +++++++
 exec.c                                      |  31 +++++
 fsdev/Makefile.objs                         |   2 +-
 hw/9pfs/Kconfig                             |   5 +
 hw/core/loader.c                            |  48 +++++--
 hw/i386/pc.c                                |  17 ++-
 hw/scsi/lsi53c895a.c                        |  41 ++++--
 hw/timer/mc146818rtc.c                      |  19 ---
 include/exec/gen-icount.h                   |  44 +++---
 include/exec/memory.h                       |  12 ++
 include/exec/poison.h                       |   1 +
 include/hw/elf_ops.h                        |  71 ++++++----
 include/hw/i386/pc.h                        |   1 +
 include/hw/loader.h                         |   5 +-
 include/qemu/timer.h                        |  43 +-----
 include/qom/cpu.h                           |   2 +-
 include/standard-headers/asm-x86/kvm_para.h |   2 +
 include/sysemu/replay.h                     |   2 +-
 memory.c                                    |  16 ++-
 migration/ram.c                             |   1 +
 qtest.c                                     |   3 +-
 replay/replay-events.c                      |   2 +-
 replay/replay-internal.c                    |  10 +-
 replay/replay-internal.h                    |  10 +-
 replay/replay-snapshot.c                    |  13 +-
 replay/replay-time.c                        |  36 +++--
 replay/replay.c                             |  30 ++--
 scripts/kvm/vmxcap                          |   8 ++
 target/alpha/cpu.h                          |   2 -
 target/alpha/translate.c                    |   2 -
 target/arm/translate-a64.c                  |   4 -
 target/arm/translate.c                      |   7 -
 target/cris/translate.c                     |   2 -
 target/hppa/cpu.h                           |   1 -
 target/hppa/translate.c                     |   1 -
 target/i386/cpu.c                           |  43 +++++-
 target/i386/cpu.h                           |   8 ++
 target/i386/kvm.c                           | 205 +++++++++++++++-------------
 target/i386/machine.c                       |  20 +++
 target/i386/ops_sse.h                       |  88 ++++++++----
 target/i386/translate.c                     |  10 --
 target/lm32/translate.c                     |   9 --
 target/microblaze/translate.c               |   2 -
 target/mips/cpu.h                           |   2 -
 target/mips/translate.c                     |  11 --
 target/nios2/translate.c                    |   4 -
 target/ppc/translate.c                      |  13 --
 target/ppc/translate_init.inc.c             |   2 -
 target/riscv/insn_trans/trans_rvi.inc.c     |   1 -
 target/sh4/cpu.h                            |   2 -
 target/sparc/cpu.h                          |   2 -
 target/sparc/translate.c                    |  16 ---
 target/unicore32/translate.c                |   1 -
 target/xtensa/cpu.h                         |   2 -
 target/xtensa/translate.c                   |  15 --
 tcg/tcg.c                                   |   2 +-
 tcg/tcg.h                                   |   8 +-
 tests/ptimer-test-stubs.c                   |   4 +-
 tests/ptimer-test.c                         |   6 +-
 tests/test-bitmap.c                         |  12 ++
 tests/test-string-input-visitor.c           |   8 +-
 tests/test-throttle.c                       |   2 +
 util/qemu-timer.c                           |  71 ++++------
 70 files changed, 665 insertions(+), 502 deletions(-)
 create mode 100644 docs/devel/replay.txt
-- 
1.8.3.1

On Tue, 20 Aug 2019 at 16:28, Paolo Bonzini <pbonzini@redhat.com> wrote:
>
> The following changes since commit 17dc57990320edaad52ac9ea808be9719c91cea6:
>
>   Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2019-08-20' into staging (2019-08-20 14:14:20 +0100)
>
> are available in the git repository at:
>
>
>   git://github.com/bonzini/qemu.git tags/for-upstream
>
> for you to fetch changes up to f496f8aca311b0b1fab979657694069871426395:
>
>   x86: Intel AVX512_BF16 feature enabling (2019-08-20 17:26:30 +0200)
>
> ----------------------------------------------------------------
> * New KVM PV features (Marcelo, Wanpeng)
> * valgrind fixes (Andrey)
> * Remove clock reset notifiers (David)
> * KConfig and Makefile cleanups (Paolo)
> * Replay and icount improvements (Pavel)
> * x86 FP fixes (Peter M.)
> * TCG locking assertions (Roman)
> * x86 support for mmap-ed -kernel/-initrd (Stefano)
> * Other cleanups (Wei Yang, Yan Zhao, Tony)
> * LSI fix for infinite loop (Prasad)
> * ARM migration fix (Catherine)
> * AVX512_BF16 feature (Jing)
>
> ----------------------------------------------------------------

The linux-user build seems to fail 'make check-tcg':
e104462:bionic:qemu-for-merges$ make -C build/all-linux-static/ check-tcg
make: Entering directory
'/home/petmay01/linaro/qemu-for-merges/build/all-linux-static'
make[1]: Entering directory '/home/petmay01/linaro/qemu-for-merges/slirp'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory '/home/petmay01/linaro/qemu-for-merges/slirp'
  BUILD   debian10
  BUILD   debian-buster-arm64-cross
  BUILD   TCG tests for aarch64-linux-user
  BUILD   aarch64 guest-tests with aarch64-linux-gnu-gcc
  RUN     TCG tests for aarch64-linux-user
  BUILD   aarch64 guest-tests with aarch64-linux-gnu-gcc
  RUN     tests for aarch64
  TEST    test-mmap (default) on aarch64
qemu-aarch64: /home/petmay01/linaro/qemu-for-merges/cpus-common.c:219:
cpu_exec_start: Assertion `!qemu_mutex_iothread_locked()' failed.
/home/petmay01/linaro/qemu-for-merges/tests/tcg/multiarch/Makefile.target:30:
recipe for target 'run-test-mmap' failed
make[2]: *** [run-test-mmap] Error 127
/home/petmay01/linaro/qemu-for-merges/tests/tcg/Makefile.include:71:
recipe for target 'run-guest-tests' failed
make[1]: *** [run-guest-tests] Error 2
/home/petmay01/linaro/qemu-for-merges/tests/Makefile.include:1075:
recipe for target 'run-tcg-tests-aarch64-linux-user' failed
make: *** [run-tcg-tests-aarch64-linux-user] Error 2
make: Leaving directory
'/home/petmay01/linaro/qemu-for-merges/build/all-linux-static'

Looks like we hit the assertion immediately on startup before
we try to do anything:

Thread 2 (Thread 0x7ffff7ff9700 (LWP 9252)):
#0  0x0000000060340b49 in syscall ()
#1  0x00000000601492af in qemu_futex_wait (f=0x628c9838
<rcu_call_ready_event>, val=4294967295)
    at /home/petmay01/linaro/qemu-for-merges/include/qemu/futex.h:29
#2  0x0000000060149476 in qemu_event_wait (ev=0x628c9838 <rcu_call_ready_event>)
    at /home/petmay01/linaro/qemu-for-merges/util/qemu-thread-posix.c:442
#3  0x0000000060152794 in call_rcu_thread (opaque=0x0) at
/home/petmay01/linaro/qemu-for-merges/util/rcu.c:260
#4  0x0000000060149629 in qemu_thread_start (args=0x628d3f20) at
/home/petmay01/linaro/qemu-for-merges/util/qemu-thread-posix.c:502
#5  0x00000000602b19fb in start_thread (arg=0x7ffff7ff9700) at
pthread_create.c:463
#6  0x000000006034292f in clone ()

Thread 1 (Thread 0x628d2940 (LWP 9248)):
#0  0x00000000602d52b7 in raise ()
#1  0x00000000602d5951 in abort ()
#2  0x00000000602c884c in __assert_fail_base ()
#3  0x00000000602c88c2 in __assert_fail ()
#4  0x00000000600f2438 in cpu_exec_start (cpu=0x628f5cd0) at
/home/petmay01/linaro/qemu-for-merges/cpus-common.c:219
#5  0x0000000060094fc7 in cpu_loop (env=0x628fdfa0) at
/home/petmay01/linaro/qemu-for-merges/linux-user/i386/cpu_loop.c:93
#6  0x0000000060064f2c in main (argc=6, argv=0x7fffffffe3b8,
envp=0x7fffffffe3f0)
    at /home/petmay01/linaro/qemu-for-merges/linux-user/main.c:838

This is because for linux-user we're using the stubs/ version
of qemu_mutex_iothread_locked(), which always returns 'true',
so the assertion can never pass...

thanks
-- PMM