Merge tag 'pr-2023-02-16' of https://gitlab.com/a1xndr/qemu into staging

Replace fork-based fuzzing with reboots.
Now the fuzzers will reboot the guest between inputs.

# -----BEGIN PGP SIGNATURE---

Merge tag 'pr-2023-02-16' of https://gitlab.com/a1xndr/qemu into staging

Replace fork-based fuzzing with reboots.
Now the fuzzers will reboot the guest between inputs.

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEE+tTiv4cTddY0BRfETmYd3lg6lk4FAmPu/LoACgkQTmYd3lg6
# lk6RHg/7BRGI5ZPXb1MmTNCC+SroQ6TT++lO4b0hbkN2HO6U+WVvfuA6+0wg+8qC
# 4bp+G1Tabpcq1MTYUuim6DBtWswgpqr0AbWNwn1eF7hya+3W9woH2POVYY2wwc7m
# S3EdwXCCKo9gGXlaNrotnbwIk+o8B4BzXOXLIlRtg26wGYhT5fkJA/BQcHKDXz37
# ctyWxlyjIM8pNCgfybMvjC7MYtp8DufPsv/rrKx9t0TM7f1jPVgXLek7t0+ZwjeY
# qz2Om2jiij1INgK9hTieWs4eHwpwre6vH2a+JKRkZ3sS7WYcj1auNKVJb3GvDqmc
# wy+Nz5Lz4+aPP19pkCYjfz5w3CqEEsSlSDn5UVRbfl2fbENSceoNwo9huMXsF1pB
# oO6NK2NxbOygmNpYxp+JEt45KFIXzUcIFQwbn8aCDODIl+0H2yu7/ll6XgELf1Pa
# P83THOaVxIxfcI9VOdt/FwDq1ZzmV5nk/BkIGJeIWNYMbU4Gze6YoaL3U8AHDxKH
# f6f3qDzcVJjqD0wKhvYcQ3kSPq+vHc/ioh6mYwos6VUEVYz/SLOY876MaSB/K4PE
# ofBV7y6HvJ6AMwg1TBg4YtOP08gWK+4sYH+I09oU40U3UcwEpkbkQTF72lPQHxFs
# 8UVRJrgWv/xzrwzXTX5ruQ633F8zuhqQTeERqksj1pPHJ3NdHps=
# =F6qI
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 17 Feb 2023 04:04:10 GMT
# gpg: using RSA key FAD4E2BF871375D6340517C44E661DDE583A964E
# gpg: Good signature from "Alexander Bulekov <alxndr@bu.edu>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FAD4 E2BF 8713 75D6 3405 17C4 4E66 1DDE 583A 964E

* tag 'pr-2023-02-16' of https://gitlab.com/a1xndr/qemu:
docs/fuzz: remove mentions of fork-based fuzzing
fuzz: remove fork-fuzzing scaffolding
fuzz/i440fx: remove fork-based fuzzer
fuzz/virtio-blk: remove fork-based fuzzer
fuzz/virtio-net: remove fork-based fuzzer
fuzz/virtio-scsi: remove fork-based fuzzer
fuzz/generic-fuzz: add a limit on DMA bytes written
fuzz/generic-fuzz: use reboots instead of forks to reset state
fuzz: add fuzz_reset API
hw/sparse-mem: clear memory on reset

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

fuzz/virtio-scsi: remove fork-based fuzzer

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>

Merge tag 'misc-pull-request' of gitlab.com:marcandre.lureau/qemu into staging

Misc cleanups

# -----BEGIN PGP SIGNATURE-----
#
# iQJQBAABCAA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmJxKjQcHG1hcmNhbmRy
# Z

Merge tag 'misc-pull-request' of gitlab.com:marcandre.lureau/qemu into staging

Misc cleanups

# -----BEGIN PGP SIGNATURE-----
#
# iQJQBAABCAA6FiEEh6m9kz+HxgbSdvYt2ujhCXWWnOUFAmJxKjQcHG1hcmNhbmRy
# ZS5sdXJlYXVAcmVkaGF0LmNvbQAKCRDa6OEJdZac5ZD5D/9f5CGbNsrl7kB1t6iS
# 1ABr5AeW0g9sidMCsQAe9xhWl6+R2SO/z0bBue+mv1ltG0RSZ1ZXS4FyJFBAhFfR
# fZ6J7bvdnawIKOxu5T9NY/UvthdRV0eC8CTo0q6GAJo9MHyIGvo1TOoM2Ld9QpfB
# 2uup+9fw3Clh0HSHwV9LSL7v2nucFef4A5P1CJ6d1KHnnej0hfug5o+Aiy+wDLA2
# 5RnTm44dqm9lzTgt/x4MqE6Us7WWQukjlLny8/gyurNTR+6fxLqjsHZG+6woQETu
# Gg6angsOoAFyciFZ564rjGv80qQuccMVMjtrKvBZz/cmwUUz+Lb4tU3tUPBqomGX
# wiofVtL4qcXs94OHWX654UX/iXgkRqC3r+aC0xT37cL4svC8N69BhilxI5+gIGxZ
# ZjaQhHx/0e+Ut3c+xrjYHbywQMd9L9AhRyYSMz5BNeLg9+yUiMR+hvGVR/SubLN1
# iiLS07CRgdOKdP6ts7CC7txAgDw4h3cPN5Hz+gqXMJTcnBKpXpnF1lL+Zd/J5++N
# 8qMVQH5O4REQRISsbKaOPW8PCiPESsUaHb/mWkre7iYLgkEdNMVQvRcnfx14ejbk
# /KKXolrG1huJXGQGnYvgJArHMBBL+ieIYiT6alKFNRNECLdioL46FuSOlirHVCGe
# StU22Vsl61M8ifDOPdolK55X5Q==
# =npwd
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 03 May 2022 06:12:20 AM PDT
# gpg: using RSA key 87A9BD933F87C606D276F62DDAE8E10975969CE5
# gpg: issuer "marcandre.lureau@redhat.com"
# gpg: Good signature from "Marc-André Lureau <marcandre.lureau@redhat.com>" [full]
# gpg: aka "Marc-André Lureau <marcandre.lureau@gmail.com>" [full]

* tag 'misc-pull-request' of gitlab.com:marcandre.lureau/qemu: (23 commits)
util: rename qemu_*block() socket functions
tests: replace qemu_set_nonblock()
net: replace qemu_set_nonblock()
ui: replace qemu_set_nonblock()
hw: replace qemu_set_nonblock()
qga: replace qemu_set_nonblock()
io: replace qemu_set{_non}block()
chardev: replace qemu_set_nonblock()
io: make qio_channel_command_new_pid() static
Replace fcntl(O_NONBLOCK) with g_unix_set_fd_nonblocking()
io: replace pipe() with g_unix_open_pipe(CLOEXEC)
virtiofsd: replace pipe() with g_unix_open_pipe(CLOEXEC)
os-posix: replace pipe()+cloexec with g_unix_open_pipe(CLOEXEC)
tests: replace pipe() with g_unix_open_pipe(CLOEXEC)
qga: replace pipe() with g_unix_open_pipe(CLOEXEC)
util: replace pipe()+cloexec with g_unix_open_pipe()
Replace qemu_pipe() with g_unix_open_pipe()
block: move fcntl_setfl()
Use g_unix_set_fd_nonblocking()
libqtest: split QMP part in libqmp
...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

tests: move libqtest.h back under qtest/

Since commit a2ce7dbd917 ("meson: convert tests/qtest to meson"),
libqtest.h is under libqos/ directory, while libqtest.c is still in
qtest/. Move back to it

tests: move libqtest.h back under qtest/

Since commit a2ce7dbd917 ("meson: convert tests/qtest to meson"),
libqtest.h is under libqos/ directory, while libqtest.c is still in
qtest/. Move back to its original location to avoid mixing with libqos/.

Suggested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>

show more ...

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

New build system, with "fake in-tree builds" support.

Missing:
* converting configure tests
* converting unit te

Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into staging

New build system, with "fake in-tree builds" support.

Missing:
* converting configure tests
* converting unit tests
* converting some remaining parts of the installation

# gpg: Signature made Fri 21 Aug 2020 11:33:35 BST
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83

* remotes/bonzini-gitlab/tags/for-upstream: (152 commits)
docs: convert build system documentation to rST
meson: update build-system documentation
meson: avoid unstable module warning with Meson 0.56.0 or newer
meson: convert po/
meson: convert VNC and dependent libraries to meson
meson: move SDL and SDL-image detection to meson
meson: convert sample plugins
meson: replace create-config with meson configure_file
rules.mak: drop unneeded macros
meson: convert check-block
meson: build texi doc
docs: automatically track manual dependencies
meson: sphinx-build
remove Makefile.target
rules.mak: remove version.o
meson: convert systemtap files
configure: place compatibility symlinks in target directories
meson: link emulators without Makefile.target
meson: plugins
meson: cpu-emu
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

meson: link emulators without Makefile.target

The binaries move to the root directory, e.g. qemu-system-i386 or
qemu-arm. This requires changes to qtests, CI, etc.

Signed-off-by: Marc-André Lureau

meson: link emulators without Makefile.target

The binaries move to the root directory, e.g. qemu-system-i386 or
qemu-arm. This requires changes to qtests, CI, etc.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-07-13' into staging

* Some fuzzer related fixes
* Fixes / improvements for the "configure" script
* Doc updates
* Gitlab pipe

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-07-13' into staging

* Some fuzzer related fixes
* Fixes / improvements for the "configure" script
* Doc updates
* Gitlab pipeline-status script

# gpg: Signature made Mon 13 Jul 2020 11:48:32 BST
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2020-07-13:
docs/system/s390x: Improve the 3270 documentation
GitLab Gating CI: introduce pipeline-status contrib script
disas/sh4: Add missing fallthrough annotations
Remove the CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE switch
docs/devel/fuzzing: Fix bugs in documentation
tests/qtest/fuzz: Add missing spaces in description
fuzz: add missing header for rcu_enable_atfork
configure: do not clobber CFLAGS with --enable-fuzzing
configure: fix malloc check

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

tests/qtest/fuzz: Add missing spaces in description

There should be a space between "forking" and "for".

Message-Id: <20200709083719.22221-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <p

tests/qtest/fuzz: Add missing spaces in description

There should be a space between "forking" and "for".

Message-Id: <20200709083719.22221-1-thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Thomas Huth <thuth@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

# gpg: Signature made Fri 05 Jun 2020 10:47:27 BST
# gpg: using RSA key 8695A8BFD3F9

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

# gpg: Signature made Fri 05 Jun 2020 10:47:27 BST
# gpg: using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full]
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" [full]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
block: Factor out bdrv_run_co()
exec: Rename qemu_ram_writeback() as qemu_ram_msync()
hw/block: Let the NVMe emulated device be target-agnostic
memory: Extract memory_region_msync() from memory_region_writeback()
memory: Rename memory_region_do_writeback -> memory_region_writeback
fuzz: run the main-loop in fork-server process
fuzz: add mangled object name to linker script
fuzz: fix typo in i440fx-qtest-reboot arguments
fuzz: add datadir for oss-fuzz compatability
io_uring: use io_uring_cq_ready() to check for ready cqes
io_uring: retry io_uring_submit() if it fails with errno=EINTR

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

fuzz: run the main-loop in fork-server process

Without this, the time since the last main-loop keeps increasing, as the
fuzzer runs. The forked children need to handle all the "past-due"
timers, slo

fuzz: run the main-loop in fork-server process

Without this, the time since the last main-loop keeps increasing, as the
fuzzer runs. The forked children need to handle all the "past-due"
timers, slowing them down, over time. With this change, the
parent/fork-server process runs the main-loop, while waiting on the
child, ensuring that the timer events do not pile up, over time.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-id: 20200512030133.29896-5-alxndr@bu.edu
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

This pull request contains a virtio-blk/scsi performance optimization, event
loop scalability impro

Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging

Pull request

This pull request contains a virtio-blk/scsi performance optimization, event
loop scalability improvements, and a qtest-based device fuzzing framework. I
am including the fuzzing patches because I have reviewed them and Thomas Huth
is currently away on leave.

# gpg: Signature made Sat 22 Feb 2020 08:50:05 GMT
# gpg: using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full]
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" [full]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request: (31 commits)
fuzz: add documentation to docs/devel/
fuzz: add virtio-scsi fuzz target
fuzz: add virtio-net fuzz target
fuzz: add i440fx fuzz targets
fuzz: add configure flag --enable-fuzzing
fuzz: add target/fuzz makefile rules
fuzz: add support for qos-assisted fuzz targets
fuzz: support for fork-based fuzzing.
main: keep rcu_atfork callback enabled for qtest
exec: keep ram block across fork when using qtest
fuzz: add fuzzer skeleton
libqos: move useful qos-test funcs to qos_external
libqos: split qos-test and libqos makefile vars
libqos: rename i2c_send and i2c_recv
qtest: add in-process incoming command handler
libqtest: make bufwrite rely on the TransportOps
libqtest: add a layer of abstraction to send/recv
qtest: add qtest_server_send abstraction
fuzz: add FUZZ_TARGET module type
module: check module wasn't already initialized
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

fuzz: add virtio-scsi fuzz target

The virtio-scsi fuzz target sets up and fuzzes the available virtio-scsi
queues. After an element is placed on a queue, the fuzzer can select
whether to perform a k

fuzz: add virtio-scsi fuzz target

The virtio-scsi fuzz target sets up and fuzzes the available virtio-scsi
queues. After an element is placed on a queue, the fuzzer can select
whether to perform a kick, or continue adding elements.

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-id: 20200220041118.23264-22-alxndr@bu.edu
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...