docs/devel/tcg-plugins.rst | 13 +++++- include/qemu/bitops.h | 38 ++++++++++++++++ target/riscv/instmap.h | 8 ++-- plugins/core.c | 1 + target/riscv/translate.c | 40 +++++++++-------- tcg/tcg-op.c | 23 ++++++++-- tests/plugin/bb.c | 6 +-- tests/plugin/howvec.c | 26 +++++++---- tests/plugin/insn.c | 3 +- tests/rcutorture.c | 74 +++++++++++++++++++++---------- tests/tcg/aarch64/pauth-4.c | 54 +++++++++++++++------- trace/control.c | 11 +++-- .travis.yml | 23 +++++++--- tests/qemu-iotests/214 | 4 +- tests/tcg/Makefile.target | 4 +- tests/tcg/aarch64/Makefile.softmmu-target | 2 + tests/tcg/configure.sh | 2 +- 17 files changed, 235 insertions(+), 97 deletions(-)
The following changes since commit db736e0437aa6fd7c1b7e4599c17f9619ab6b837:
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging (2020-02-25 13:31:16 +0000)
are available in the Git repository at:
https://github.com/stsquad/qemu.git tags/pull-testing-and-plugins-250220-1
for you to fetch changes up to bc97f9f64f8a4a84d0d06949749e9dbec143b9f5:
tests/tcg: take into account expected clashes pauth-4 (2020-02-25 20:20:23 +0000)
----------------------------------------------------------------
Testing and plugin updates:
- fix pauth TCG tests
- tweak away rcutorture failures
- various Travis updates
- relax iotest size check a little
- fix for -trace/-D clash
- fix cross compile detection for tcg tests
- document plugin query lifetime
- fix missing break in plugin core
- fix some plugin warnings
- better progressive instruction decode
- avoid trampling vaddr in plugins
----------------------------------------------------------------
Alex Bennée (14):
tests/tcg: include a skip runner for pauth3 with plugins
tests/rcutorture: update usage hint
tests/rcutorture: better document locking of stats
tests/rcutorture: mild documenting refactor of update thread
travis.yml: single-thread build-tcg stages
tests/iotests: be a little more forgiving on the size test
tracing: only allow -trace to override -D if set
docs/devel: document query handle lifetimes
target/riscv: progressively load the instruction during decode
tests/plugins: make howvec clean-up after itself.
tests/tcg: give debug builds a little bit longer
tcg: save vaddr temp for plugin usage
tests/tcg: fix typo in configure.sh test for v8.3
tests/tcg: take into account expected clashes pauth-4
Chen Qun (1):
tests/plugin: prevent uninitialized warning
Emilio G. Cota (1):
plugins/core: add missing break in cb_to_tcg_flags
Thomas Huth (1):
travis.yml: Test the s390-ccw build, too
Wainer dos Santos Moschetta (1):
travis.yml: Fix Travis YAML configuration warnings
Yoshinori Sato (1):
qemu/bitops.h: Add extract8 and extract16
docs/devel/tcg-plugins.rst | 13 +++++-
include/qemu/bitops.h | 38 ++++++++++++++++
target/riscv/instmap.h | 8 ++--
plugins/core.c | 1 +
target/riscv/translate.c | 40 +++++++++--------
tcg/tcg-op.c | 23 ++++++++--
tests/plugin/bb.c | 6 +--
tests/plugin/howvec.c | 26 +++++++----
tests/plugin/insn.c | 3 +-
tests/rcutorture.c | 74 +++++++++++++++++++++----------
tests/tcg/aarch64/pauth-4.c | 54 +++++++++++++++-------
trace/control.c | 11 +++--
.travis.yml | 23 +++++++---
tests/qemu-iotests/214 | 4 +-
tests/tcg/Makefile.target | 4 +-
tests/tcg/aarch64/Makefile.softmmu-target | 2 +
tests/tcg/configure.sh | 2 +-
17 files changed, 235 insertions(+), 97 deletions(-)
--
2.20.1
On Wed, 26 Feb 2020 at 07:39, Alex Bennée <alex.bennee@linaro.org> wrote: > > The following changes since commit db736e0437aa6fd7c1b7e4599c17f9619ab6b837: > > Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging (2020-02-25 13:31:16 +0000) > > are available in the Git repository at: > > https://github.com/stsquad/qemu.git tags/pull-testing-and-plugins-250220-1 > > for you to fetch changes up to bc97f9f64f8a4a84d0d06949749e9dbec143b9f5: > > tests/tcg: take into account expected clashes pauth-4 (2020-02-25 20:20:23 +0000) > > ---------------------------------------------------------------- > Testing and plugin updates: > > - fix pauth TCG tests > - tweak away rcutorture failures > - various Travis updates > - relax iotest size check a little > - fix for -trace/-D clash > - fix cross compile detection for tcg tests > - document plugin query lifetime > - fix missing break in plugin core > - fix some plugin warnings > - better progressive instruction decode > - avoid trampling vaddr in plugins > Applied, thanks. Please update the changelog at https://wiki.qemu.org/ChangeLog/5.0 for any user-visible changes. -- PMM
If we have plugins enabled we still need to have built the test to be able to run it. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Robert Foley <robert.foley@linaro.org> Message-Id: <20200225124710.14152-2-alex.bennee@linaro.org> diff --git a/tests/tcg/aarch64/Makefile.softmmu-target b/tests/tcg/aarch64/Makefile.softmmu-target index d2299b98b76..71f72cfbe34 100644 --- a/tests/tcg/aarch64/Makefile.softmmu-target +++ b/tests/tcg/aarch64/Makefile.softmmu-target @@ -70,4 +70,6 @@ pauth-3: $(call skip-test, "BUILD of $@", "missing compiler support") run-pauth-3: $(call skip-test, "RUN of pauth-3", "not built") +run-plugin-pauth-3-with-%: + $(call skip-test, "RUN of pauth-3 ($*)", "not built") endif -- 2.20.1
Although documented in the comments we don't display all the various
invocations we can in the usage.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200225124710.14152-3-alex.bennee@linaro.org>
diff --git a/tests/rcutorture.c b/tests/rcutorture.c
index 49311c82ea4..e8b2169e7dd 100644
--- a/tests/rcutorture.c
+++ b/tests/rcutorture.c
@@ -413,7 +413,8 @@ static void gtest_stress_10_5(void)
static void usage(int argc, char *argv[])
{
- fprintf(stderr, "Usage: %s [nreaders [ perf | stress ] ]\n", argv[0]);
+ fprintf(stderr, "Usage: %s [nreaders [ [r|u]perf | stress [duration]]\n",
+ argv[0]);
exit(-1);
}
--
2.20.1
This is pure code motion with no functional effect.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200225124710.14152-4-alex.bennee@linaro.org>
diff --git a/tests/rcutorture.c b/tests/rcutorture.c
index e8b2169e7dd..256d24ed5ba 100644
--- a/tests/rcutorture.c
+++ b/tests/rcutorture.c
@@ -65,8 +65,6 @@
#include "qemu/rcu.h"
#include "qemu/thread.h"
-long long n_reads = 0LL;
-long n_updates = 0L;
int nthreadsrunning;
#define GOFLAG_INIT 0
@@ -78,11 +76,20 @@ static volatile int goflag = GOFLAG_INIT;
#define RCU_READ_RUN 1000
#define NR_THREADS 100
-static QemuMutex counts_mutex;
static QemuThread threads[NR_THREADS];
static struct rcu_reader_data *data[NR_THREADS];
static int n_threads;
+/*
+ * Statistical counts
+ *
+ * These are the sum of local counters at the end of a run.
+ * Updates are protected by a mutex.
+ */
+static QemuMutex counts_mutex;
+long long n_reads = 0LL;
+long n_updates = 0L;
+
static void create_thread(void *(*func)(void *))
{
if (n_threads >= NR_THREADS) {
@@ -230,8 +237,9 @@ struct rcu_stress {
struct rcu_stress rcu_stress_array[RCU_STRESS_PIPE_LEN] = { { 0 } };
struct rcu_stress *rcu_stress_current;
int rcu_stress_idx;
-
int n_mberror;
+
+/* Updates protected by counts_mutex */
long long rcu_stress_count[RCU_STRESS_PIPE_LEN + 1];
--
2.20.1
This is mainly to help with reasoning what the test is trying to do.
We can move rcu_stress_idx to a local variable as there is only ever
one updater thread. I've also added an assert to catch the case where
we end up updating the current structure to itself which is the only
way I can see the mberror cases we are seeing on Travis.
We shall see if the rcutorture test failures go away now.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200225124710.14152-5-alex.bennee@linaro.org>
diff --git a/tests/rcutorture.c b/tests/rcutorture.c
index 256d24ed5ba..732f03abdaa 100644
--- a/tests/rcutorture.c
+++ b/tests/rcutorture.c
@@ -230,13 +230,12 @@ static void uperftest(int nupdaters, int duration)
#define RCU_STRESS_PIPE_LEN 10
struct rcu_stress {
- int pipe_count;
+ int age; /* how many update cycles while not rcu_stress_current */
int mbtest;
};
struct rcu_stress rcu_stress_array[RCU_STRESS_PIPE_LEN] = { { 0 } };
struct rcu_stress *rcu_stress_current;
-int rcu_stress_idx;
int n_mberror;
/* Updates protected by counts_mutex */
@@ -261,7 +260,7 @@ static void *rcu_read_stress_test(void *arg)
while (goflag == GOFLAG_RUN) {
rcu_read_lock();
p = atomic_rcu_read(&rcu_stress_current);
- if (p->mbtest == 0) {
+ if (atomic_read(&p->mbtest) == 0) {
n_mberror++;
}
rcu_read_lock();
@@ -269,7 +268,7 @@ static void *rcu_read_stress_test(void *arg)
garbage++;
}
rcu_read_unlock();
- pc = p->pipe_count;
+ pc = atomic_read(&p->age);
rcu_read_unlock();
if ((pc > RCU_STRESS_PIPE_LEN) || (pc < 0)) {
pc = RCU_STRESS_PIPE_LEN;
@@ -288,32 +287,52 @@ static void *rcu_read_stress_test(void *arg)
return NULL;
}
+/*
+ * Stress Test Updater
+ *
+ * The updater cycles around updating rcu_stress_current to point at
+ * one of the rcu_stress_array_entries and resets it's age. It
+ * then increments the age of all the other entries. The age
+ * will be read under an rcu_read_lock() and distribution of values
+ * calculated. The final result gives an indication of how many
+ * previously current rcu_stress entries are in flight until the RCU
+ * cycle complete.
+ */
static void *rcu_update_stress_test(void *arg)
{
- int i;
- struct rcu_stress *p;
+ int i, rcu_stress_idx = 0;
+ struct rcu_stress *cp = atomic_read(&rcu_stress_current);
rcu_register_thread();
-
*(struct rcu_reader_data **)arg = &rcu_reader;
+
while (goflag == GOFLAG_INIT) {
g_usleep(1000);
}
+
while (goflag == GOFLAG_RUN) {
- i = rcu_stress_idx + 1;
- if (i >= RCU_STRESS_PIPE_LEN) {
- i = 0;
+ struct rcu_stress *p;
+ rcu_stress_idx++;
+ if (rcu_stress_idx >= RCU_STRESS_PIPE_LEN) {
+ rcu_stress_idx = 0;
}
- p = &rcu_stress_array[i];
- p->mbtest = 0;
+ p = &rcu_stress_array[rcu_stress_idx];
+ /* catching up with ourselves would be a bug */
+ assert(p != cp);
+ atomic_set(&p->mbtest, 0);
smp_mb();
- p->pipe_count = 0;
- p->mbtest = 1;
+ atomic_set(&p->age, 0);
+ atomic_set(&p->mbtest, 1);
atomic_rcu_set(&rcu_stress_current, p);
- rcu_stress_idx = i;
+ cp = p;
+ /*
+ * New RCU structure is now live, update pipe counts on old
+ * ones.
+ */
for (i = 0; i < RCU_STRESS_PIPE_LEN; i++) {
if (i != rcu_stress_idx) {
- rcu_stress_array[i].pipe_count++;
+ atomic_set(&rcu_stress_array[i].age,
+ rcu_stress_array[i].age + 1);
}
}
synchronize_rcu();
@@ -346,7 +365,7 @@ static void stresstest(int nreaders, int duration)
int i;
rcu_stress_current = &rcu_stress_array[0];
- rcu_stress_current->pipe_count = 0;
+ rcu_stress_current->age = 0;
rcu_stress_current->mbtest = 1;
for (i = 0; i < nreaders; i++) {
create_thread(rcu_read_stress_test);
@@ -376,7 +395,7 @@ static void gtest_stress(int nreaders, int duration)
int i;
rcu_stress_current = &rcu_stress_array[0];
- rcu_stress_current->pipe_count = 0;
+ rcu_stress_current->age = 0;
rcu_stress_current->mbtest = 1;
for (i = 0; i < nreaders; i++) {
create_thread(rcu_read_stress_test);
--
2.20.1
From: Thomas Huth <thuth@redhat.com>
Since we can now use a s390x host on Travis, we can also build and
test the s390-ccw bios images there. For this we have to make sure
that roms/SLOF is checked out, too, and then move the generated *.img
files to the right location before running the tests.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <20200206202543.7085-1-thuth@redhat.com>
Message-Id: <20200225124710.14152-6-alex.bennee@linaro.org>
diff --git a/.travis.yml b/.travis.yml
index 58870559515..ea13e071795 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -509,6 +509,16 @@ matrix:
env:
- TEST_CMD="make check check-tcg V=1"
- CONFIG="--disable-containers --target-list=${MAIN_SOFTMMU_TARGETS},s390x-linux-user"
+ script:
+ - ( cd ${SRC_DIR} ; git submodule update --init roms/SLOF )
+ - BUILD_RC=0 && make -j${JOBS} || BUILD_RC=$?
+ - |
+ if [ "$BUILD_RC" -eq 0 ] ; then
+ mv pc-bios/s390-ccw/*.img pc-bios/ ;
+ ${TEST_CMD} ;
+ else
+ $(exit $BUILD_RC);
+ fi
# Release builds
# The make-release script expect a QEMU version, so our tag must start with a 'v'.
--
2.20.1
From: Wainer dos Santos Moschetta <wainersm@redhat.com>
This fixes the following warnings Travis has detected on the
YAML configuration:
- 'on root: missing os, using the default "linux"'
- 'on root: the key matrix is an alias for jobs, using jobs'
- 'on jobs.include.python: unexpected sequence, using the first value (3.5)'
- 'on jobs.include.python: unexpected sequence, using the first value (3.6)'
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200207210124.141119-2-wainersm@redhat.com>
Message-Id: <20200225124710.14152-7-alex.bennee@linaro.org>
diff --git a/.travis.yml b/.travis.yml
index ea13e071795..0612998958b 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,6 +1,7 @@
# The current Travis default is a VM based 16.04 Xenial on GCE
# Additional builds with specific requirements for a full VM need to
# be added as additional matrix: entries later on
+os: linux
dist: xenial
language: c
compiler:
@@ -113,7 +114,7 @@ after_script:
- if command -v ccache ; then ccache --show-stats ; fi
-matrix:
+jobs:
include:
- name: "GCC static (user)"
env:
@@ -297,8 +298,7 @@ matrix:
- CONFIG="--target-list=x86_64-softmmu"
- CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-default"
language: python
- python:
- - "3.5"
+ python: 3.5
- name: "GCC Python 3.6 (x86_64-softmmu)"
@@ -306,8 +306,7 @@ matrix:
- CONFIG="--target-list=x86_64-softmmu"
- CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-default"
language: python
- python:
- - "3.6"
+ python: 3.6
# Acceptance (Functional) tests
--
2.20.1
This still seems to be a problem for Travis.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200225124710.14152-8-alex.bennee@linaro.org>
diff --git a/.travis.yml b/.travis.yml
index 0612998958b..f4020dcc6c8 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -400,7 +400,7 @@ jobs:
- name: "GCC check-tcg (some-softmmu)"
env:
- CONFIG="--enable-debug-tcg --target-list=xtensa-softmmu,arm-softmmu,aarch64-softmmu,alpha-softmmu"
- - TEST_BUILD_CMD="make -j${JOBS} build-tcg"
+ - TEST_BUILD_CMD="make build-tcg"
- TEST_CMD="make check-tcg"
- CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-debug-tcg"
@@ -409,7 +409,7 @@ jobs:
- name: "GCC plugins check-tcg (some-softmmu)"
env:
- CONFIG="--enable-plugins --enable-debug-tcg --target-list=xtensa-softmmu,arm-softmmu,aarch64-softmmu,alpha-softmmu"
- - TEST_BUILD_CMD="make -j${JOBS} build-tcg"
+ - TEST_BUILD_CMD="make build-tcg"
- TEST_CMD="make check-tcg"
- CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-debug-tcg"
--
2.20.1
At least on ZFS this was failing as 512 was less than or equal to 512.
I suspect the reason is additional compression done by ZFS and however
qemu-img gets the actual size.
Loosen the criteria to make sure after is not bigger than before and
also dump the values in the report.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Robert Foley <robert.foley@linaro.org>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200225124710.14152-9-alex.bennee@linaro.org>
diff --git a/tests/qemu-iotests/214 b/tests/qemu-iotests/214
index 3500e0c47a2..af677d90b86 100755
--- a/tests/qemu-iotests/214
+++ b/tests/qemu-iotests/214
@@ -125,9 +125,9 @@ $QEMU_IO -c "write -P 0xcc $offset $data_size" "json:{\
sizeB=$($QEMU_IMG info --output=json "$TEST_IMG" |
sed -n '/"actual-size":/ s/[^0-9]//gp')
-if [ $sizeA -le $sizeB ]
+if [ $sizeA -lt $sizeB ]
then
- echo "Compression ERROR"
+ echo "Compression ERROR ($sizeA < $sizeB)"
fi
$QEMU_IMG check --output=json "$TEST_IMG" |
--
2.20.1
Otherwise any -D settings the user may have made get ignored.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Robert Foley <robert.foley@linaro.org>
Message-Id: <20200225124710.14152-10-alex.bennee@linaro.org>
diff --git a/trace/control.c b/trace/control.c
index 6c775e68eba..2ffe0008184 100644
--- a/trace/control.c
+++ b/trace/control.c
@@ -226,10 +226,15 @@ void trace_init_file(const char *file)
#ifdef CONFIG_TRACE_SIMPLE
st_set_trace_file(file);
#elif defined CONFIG_TRACE_LOG
- /* If both the simple and the log backends are enabled, "--trace file"
- * only applies to the simple backend; use "-D" for the log backend.
+ /*
+ * If both the simple and the log backends are enabled, "--trace file"
+ * only applies to the simple backend; use "-D" for the log
+ * backend. However we should only override -D if we actually have
+ * something to override it with.
*/
- qemu_set_log_filename(file, &error_fatal);
+ if (file) {
+ qemu_set_log_filename(file, &error_fatal);
+ }
#else
if (file) {
fprintf(stderr, "error: --trace file=...: "
--
2.20.1
I forgot to document the lifetime of handles in the developer documentation. Do so now. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Robert Foley <robert.foley@linaro.org> Reviewed-by: Robert Foley <robert.foley@linaro.org> Message-Id: <20200225124710.14152-11-alex.bennee@linaro.org> diff --git a/docs/devel/tcg-plugins.rst b/docs/devel/tcg-plugins.rst index 718eef00f22..a05990906cc 100644 --- a/docs/devel/tcg-plugins.rst +++ b/docs/devel/tcg-plugins.rst @@ -51,8 +51,17 @@ about how QEMU's translation works to the plugins. While there are conceptions such as translation time and translation blocks the details are opaque to plugins. The plugin is able to query select details of instructions and system configuration only through the -exported *qemu_plugin* functions. The types used to describe -instructions and events are opaque to the plugins themselves. +exported *qemu_plugin* functions. + +Query Handle Lifetime +--------------------- + +Each callback provides an opaque anonymous information handle which +can usually be further queried to find out information about a +translation, instruction or operation. The handles themselves are only +valid during the lifetime of the callback so it is important that any +information that is needed is extracted during the callback and saved +by the plugin. Usage ===== -- 2.20.1
From: "Emilio G. Cota" <cota@braap.org>
Fixes: 54cb65d8588
Reported-by: Robert Henry <robhenry@microsoft.com>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200105072940.32204-1-cota@braap.org>
Cc: qemu-stable@nongnu.org
Message-Id: <20200225124710.14152-12-alex.bennee@linaro.org>
diff --git a/plugins/core.c b/plugins/core.c
index 9e1b9e7a915..ed863011baf 100644
--- a/plugins/core.c
+++ b/plugins/core.c
@@ -286,6 +286,7 @@ static inline uint32_t cb_to_tcg_flags(enum qemu_plugin_cb_flags flags)
switch (flags) {
case QEMU_PLUGIN_CB_RW_REGS:
ret = 0;
+ break;
case QEMU_PLUGIN_CB_R_REGS:
ret = TCG_CALL_NO_WG;
break;
--
2.20.1
From: Yoshinori Sato <ysato@users.sourceforge.jp>
Signed-off-by: Yoshinori Sato <ysato@users.sourceforge.jp>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20200212130311.127515-3-ysato@users.sourceforge.jp>
Message-Id: <20200225124710.14152-14-alex.bennee@linaro.org>
diff --git a/include/qemu/bitops.h b/include/qemu/bitops.h
index 02c1ce6a5d4..f55ce8b320b 100644
--- a/include/qemu/bitops.h
+++ b/include/qemu/bitops.h
@@ -301,6 +301,44 @@ static inline uint32_t extract32(uint32_t value, int start, int length)
return (value >> start) & (~0U >> (32 - length));
}
+/**
+ * extract8:
+ * @value: the value to extract the bit field from
+ * @start: the lowest bit in the bit field (numbered from 0)
+ * @length: the length of the bit field
+ *
+ * Extract from the 8 bit input @value the bit field specified by the
+ * @start and @length parameters, and return it. The bit field must
+ * lie entirely within the 8 bit word. It is valid to request that
+ * all 8 bits are returned (ie @length 8 and @start 0).
+ *
+ * Returns: the value of the bit field extracted from the input value.
+ */
+static inline uint8_t extract8(uint8_t value, int start, int length)
+{
+ assert(start >= 0 && length > 0 && length <= 8 - start);
+ return extract32(value, start, length);
+}
+
+/**
+ * extract16:
+ * @value: the value to extract the bit field from
+ * @start: the lowest bit in the bit field (numbered from 0)
+ * @length: the length of the bit field
+ *
+ * Extract from the 16 bit input @value the bit field specified by the
+ * @start and @length parameters, and return it. The bit field must
+ * lie entirely within the 16 bit word. It is valid to request that
+ * all 16 bits are returned (ie @length 16 and @start 0).
+ *
+ * Returns: the value of the bit field extracted from the input value.
+ */
+static inline uint16_t extract16(uint16_t value, int start, int length)
+{
+ assert(start >= 0 && length > 0 && length <= 16 - start);
+ return extract32(value, start, length);
+}
+
/**
* extract64:
* @value: the value to extract the bit field from
--
2.20.1
TCG plugins are responsible for their own memory usage and although
the plugin_exit is tied to the end of execution in this case it is
still poor practice. Ensure we delete the hash table and related data
when we are done to be a good plugin citizen.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Robert Foley <robert.foley@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200225124710.14152-16-alex.bennee@linaro.org>
diff --git a/tests/plugin/howvec.c b/tests/plugin/howvec.c
index 4ca555e1239..3b9a6939f23 100644
--- a/tests/plugin/howvec.c
+++ b/tests/plugin/howvec.c
@@ -163,6 +163,13 @@ static gint cmp_exec_count(gconstpointer a, gconstpointer b)
return ea->count > eb->count ? -1 : 1;
}
+static void free_record(gpointer data)
+{
+ InsnExecCount *rec = (InsnExecCount *) data;
+ g_free(rec->insn);
+ g_free(rec);
+}
+
static void plugin_exit(qemu_plugin_id_t id, void *p)
{
g_autoptr(GString) report = g_string_new("Instruction Classes:\n");
@@ -195,30 +202,31 @@ static void plugin_exit(qemu_plugin_id_t id, void *p)
counts = g_hash_table_get_values(insns);
if (counts && g_list_next(counts)) {
- GList *it;
-
g_string_append_printf(report,"Individual Instructions:\n");
+ counts = g_list_sort(counts, cmp_exec_count);
- it = g_list_sort(counts, cmp_exec_count);
-
- for (i = 0; i < limit && it->next; i++, it = it->next) {
- InsnExecCount *rec = (InsnExecCount *) it->data;
- g_string_append_printf(report, "Instr: %-24s\t(%ld hits)\t(op=%#08x/%s)\n",
+ for (i = 0; i < limit && g_list_next(counts);
+ i++, counts = g_list_next(counts)) {
+ InsnExecCount *rec = (InsnExecCount *) counts->data;
+ g_string_append_printf(report,
+ "Instr: %-24s\t(%ld hits)\t(op=%#08x/%s)\n",
rec->insn,
rec->count,
rec->opcode,
rec->class ?
rec->class->class : "un-categorised");
}
- g_list_free(it);
+ g_list_free(counts);
}
+ g_hash_table_destroy(insns);
+
qemu_plugin_outs(report->str);
}
static void plugin_init(void)
{
- insns = g_hash_table_new(NULL, g_direct_equal);
+ insns = g_hash_table_new_full(NULL, g_direct_equal, NULL, &free_record);
}
static void vcpu_insn_exec_before(unsigned int cpu_index, void *udata)
--
2.20.1
When combined with heavy plugins we occasionally hit the timeouts. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20200225124710.14152-17-alex.bennee@linaro.org> diff --git a/tests/tcg/Makefile.target b/tests/tcg/Makefile.target index 3c7421a356e..b3cff3cad1a 100644 --- a/tests/tcg/Makefile.target +++ b/tests/tcg/Makefile.target @@ -79,7 +79,7 @@ QEMU_OPTS= # If TCG debugging is enabled things are a lot slower ifeq ($(CONFIG_DEBUG_TCG),y) -TIMEOUT=45 +TIMEOUT=60 else TIMEOUT=15 endif @@ -137,7 +137,7 @@ PLUGINS=$(notdir $(wildcard $(PLUGIN_DIR)/*.so)) $(foreach p,$(PLUGINS), \ $(foreach t,$(TESTS),\ $(eval run-plugin-$(t)-with-$(p): $t $p) \ - $(eval run-plugin-$(t)-with-$(p): TIMEOUT=30) \ + $(eval run-plugin-$(t)-with-$(p): TIMEOUT=60) \ $(eval RUN_TESTS+=run-plugin-$(t)-with-$(p)))) endif -- 2.20.1
While do_gen_mem_cb does copy (via extu_tl_i64) vaddr into a new temp
this won't help if the vaddr temp gets clobbered by the actual
load/store op. To avoid this clobbering we explicitly copy vaddr
before the op to ensure it is live my the time we do the
instrumentation.
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Emilio G. Cota <cota@braap.org>
Cc: qemu-stable@nongnu.org
Message-Id: <20200225124710.14152-18-alex.bennee@linaro.org>
diff --git a/tcg/tcg-op.c b/tcg/tcg-op.c
index 7d782002e3f..e2e25ebf7db 100644
--- a/tcg/tcg-op.c
+++ b/tcg/tcg-op.c
@@ -2794,13 +2794,26 @@ static void tcg_gen_req_mo(TCGBar type)
}
}
+static inline TCGv plugin_prep_mem_callbacks(TCGv vaddr)
+{
+#ifdef CONFIG_PLUGIN
+ if (tcg_ctx->plugin_insn != NULL) {
+ /* Save a copy of the vaddr for use after a load. */
+ TCGv temp = tcg_temp_new();
+ tcg_gen_mov_tl(temp, vaddr);
+ return temp;
+ }
+#endif
+ return vaddr;
+}
+
static inline void plugin_gen_mem_callbacks(TCGv vaddr, uint16_t info)
{
#ifdef CONFIG_PLUGIN
- if (tcg_ctx->plugin_insn == NULL) {
- return;
+ if (tcg_ctx->plugin_insn != NULL) {
+ plugin_gen_empty_mem_callback(vaddr, info);
+ tcg_temp_free(vaddr);
}
- plugin_gen_empty_mem_callback(vaddr, info);
#endif
}
@@ -2822,6 +2835,7 @@ void tcg_gen_qemu_ld_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
}
}
+ addr = plugin_prep_mem_callbacks(addr);
gen_ldst_i32(INDEX_op_qemu_ld_i32, val, addr, memop, idx);
plugin_gen_mem_callbacks(addr, info);
@@ -2868,6 +2882,7 @@ void tcg_gen_qemu_st_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
memop &= ~MO_BSWAP;
}
+ addr = plugin_prep_mem_callbacks(addr);
gen_ldst_i32(INDEX_op_qemu_st_i32, val, addr, memop, idx);
plugin_gen_mem_callbacks(addr, info);
@@ -2905,6 +2920,7 @@ void tcg_gen_qemu_ld_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
}
}
+ addr = plugin_prep_mem_callbacks(addr);
gen_ldst_i64(INDEX_op_qemu_ld_i64, val, addr, memop, idx);
plugin_gen_mem_callbacks(addr, info);
@@ -2967,6 +2983,7 @@ void tcg_gen_qemu_st_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
memop &= ~MO_BSWAP;
}
+ addr = plugin_prep_mem_callbacks(addr);
gen_ldst_i64(INDEX_op_qemu_st_i64, val, addr, memop, idx);
plugin_gen_mem_callbacks(addr, info);
--
2.20.1
Although most people use the docker images this can trip up on
developer systems with actual valid cross-compilers!
Fixes: bb516dfc5b3
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200225124710.14152-19-alex.bennee@linaro.org>
diff --git a/tests/tcg/configure.sh b/tests/tcg/configure.sh
index 9eb6ba3b7ea..eaaaff6233a 100755
--- a/tests/tcg/configure.sh
+++ b/tests/tcg/configure.sh
@@ -228,7 +228,7 @@ for target in $target_list; do
echo "CROSS_CC_HAS_SVE=y" >> $config_target_mak
fi
if do_compiler "$target_compiler" $target_compiler_cflags \
- -march=-march=armv8.3-a -o $TMPE $TMPC; then
+ -march=armv8.3-a -o $TMPE $TMPC; then
echo "CROSS_CC_HAS_ARMV8_3=y" >> $config_target_mak
fi
;;
--
2.20.1
Pointer authentication isn't perfect so measure the percentage of
failed checks. As we want to vary the pointer we work through a bunch
of different addresses.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Robert Foley <robert.foley@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200225124710.14152-20-alex.bennee@linaro.org>
diff --git a/tests/tcg/aarch64/pauth-4.c b/tests/tcg/aarch64/pauth-4.c
index 1040e92aec3..24a639e36ca 100644
--- a/tests/tcg/aarch64/pauth-4.c
+++ b/tests/tcg/aarch64/pauth-4.c
@@ -1,25 +1,45 @@
#include <stdint.h>
#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define TESTS 1000
int main()
{
- uintptr_t x, y;
+ int i, count = 0;
+ float perc;
+ void *base = malloc(TESTS);
+
+ for (i = 0; i < TESTS; i++) {
+ uintptr_t in, x, y;
+
+ in = i + (uintptr_t) base;
+
+ asm("mov %0, %[in]\n\t"
+ "pacia %0, sp\n\t" /* sigill if pauth not supported */
+ "eor %0, %0, #4\n\t" /* corrupt single bit */
+ "mov %1, %0\n\t"
+ "autia %1, sp\n\t" /* validate corrupted pointer */
+ "xpaci %0\n\t" /* strip pac from corrupted pointer */
+ : /* out */ "=r"(x), "=r"(y)
+ : /* in */ [in] "r" (in)
+ : /* clobbers */);
- asm("mov %0, lr\n\t"
- "pacia %0, sp\n\t" /* sigill if pauth not supported */
- "eor %0, %0, #4\n\t" /* corrupt single bit */
- "mov %1, %0\n\t"
- "autia %1, sp\n\t" /* validate corrupted pointer */
- "xpaci %0\n\t" /* strip pac from corrupted pointer */
- : "=r"(x), "=r"(y));
+ /*
+ * Once stripped, the corrupted pointer is of the form 0x0000...wxyz.
+ * We expect the autia to indicate failure, producing a pointer of the
+ * form 0x000e....wxyz. Use xpaci and != for the test, rather than
+ * extracting explicit bits from the top, because the location of the
+ * error code "e" depends on the configuration of virtual memory.
+ */
+ if (x != y) {
+ count++;
+ }
- /*
- * Once stripped, the corrupted pointer is of the form 0x0000...wxyz.
- * We expect the autia to indicate failure, producing a pointer of the
- * form 0x000e....wxyz. Use xpaci and != for the test, rather than
- * extracting explicit bits from the top, because the location of the
- * error code "e" depends on the configuration of virtual memory.
- */
- assert(x != y);
- return 0;
+ }
+ perc = (float) count / (float) TESTS;
+ printf("Checks Passed: %0.2f%%", perc * 100.0);
+ assert(perc > 0.95);
+ return 0;
}
--
2.20.1
© 2016 - 2025 Red Hat, Inc.