* Use precise selfmodifying code mode on s390x TCG

* Check for availablility of more devices in qtests before using them
 * Some other minor qtest fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmTw5v4RHHRodXRoQHJl
 ZGhhdC5jb20ACgkQLtnXdP5wLbX2DRAAo7NPNPQ2nsYDdYfKAGt8OSg1BHqh1RYH
 jvLiU5xrWQ3whmSJYw4rcSyBk4yC+lIjoXT6oBn6O40Q1r7OmrWgtrn9g//3SLHb
 Wfob5bZkmRiETDZNFFpYcpRPzElF3ZqIfwOhJ3zfmAQxqeTxpTnAuq2vI38pk3Hz
 4pQR/j2IKZFmFt6cdYUaKi32odDK6ySKAFCKy9I8sz2hJgOXQRYBkjorDx+g+hoF
 o7DTGkA3uH2xXlLQKhbEGm5xQMlcBgTMb2XeguvRbb7g/Uc046homwm0r6rejDy5
 EgW9Kx3Y34QYZt51onqmA57MNNQboubHkSz9W2b57OX+IWA3VRncdBAxdGmubRTY
 Jb6LsBZSMdKQBXxgIP3DZjvH6MxYjA9Iy3YI7Mk+hJnDACkFVJOCPxS9acnmjYE5
 Nn935GmbYMazfci0c3zc/899hAGDNglD9Tf6ourBjl1WLQstefXhlpzkbGWqSFjF
 Tovpal+Rm6KLDFSfs6TsRp6+FF8a6C1k251Ai67adkiCYM/jKwVoiHrsUJeG0vyc
 791x5+lixxkLUHu1qNYfEdxvaOE8guhXRt3zJIjmphio3v+RFBLbzC6lTzeZbTTv
 DpnnoFJ/tCzdLew7A1QuzuW361ywyKVE4Qp8HQfaJCOJT9aGgMdyoHlpgz0ojgJm
 fD8Vfl9GZFQ=
 =tZWg
 -----END PGP SIGNATURE-----

Merge tag 'pull-request-2023-08-31' of https://gitlab.com/thuth/qemu into staging

* Use precise selfmodifying code mode on s390x TCG
* Check for availablility of more devices in qtests before using them
* Some other minor qtest fixes

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmTw5v4RHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbX2DRAAo7NPNPQ2nsYDdYfKAGt8OSg1BHqh1RYH
# jvLiU5xrWQ3whmSJYw4rcSyBk4yC+lIjoXT6oBn6O40Q1r7OmrWgtrn9g//3SLHb
# Wfob5bZkmRiETDZNFFpYcpRPzElF3ZqIfwOhJ3zfmAQxqeTxpTnAuq2vI38pk3Hz
# 4pQR/j2IKZFmFt6cdYUaKi32odDK6ySKAFCKy9I8sz2hJgOXQRYBkjorDx+g+hoF
# o7DTGkA3uH2xXlLQKhbEGm5xQMlcBgTMb2XeguvRbb7g/Uc046homwm0r6rejDy5
# EgW9Kx3Y34QYZt51onqmA57MNNQboubHkSz9W2b57OX+IWA3VRncdBAxdGmubRTY
# Jb6LsBZSMdKQBXxgIP3DZjvH6MxYjA9Iy3YI7Mk+hJnDACkFVJOCPxS9acnmjYE5
# Nn935GmbYMazfci0c3zc/899hAGDNglD9Tf6ourBjl1WLQstefXhlpzkbGWqSFjF
# Tovpal+Rm6KLDFSfs6TsRp6+FF8a6C1k251Ai67adkiCYM/jKwVoiHrsUJeG0vyc
# 791x5+lixxkLUHu1qNYfEdxvaOE8guhXRt3zJIjmphio3v+RFBLbzC6lTzeZbTTv
# DpnnoFJ/tCzdLew7A1QuzuW361ywyKVE4Qp8HQfaJCOJT9aGgMdyoHlpgz0ojgJm
# fD8Vfl9GZFQ=
# =tZWg
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 31 Aug 2023 15:16:14 EDT
# gpg:                using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg:                issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* tag 'pull-request-2023-08-31' of https://gitlab.com/thuth/qemu:
  meson: test for CONFIG_TCG in config_all
  subprojects/berkeley-testfloat-3: Update to fix a problem with compiler warnings
  tests/qtest/bios-tables-test: Check for virtio-iommu device before using it
  tests/qtest/netdev-socket: Avoid variable-length array in inet_get_free_port_multiple()
  tests/qtest/usb-hcd-xhci-test: Check availability of devices before using them
  tests/tcg/s390x: Test precise self-modifying code handling
  target/s390x: Define TARGET_HAS_PRECISE_SMC

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

subprojects/berkeley-testfloat-3.wrap

@@ -1,5 +1,5 @@
 [wrap-git]
 url = https://gitlab.com/qemu-project/berkeley-testfloat-3
-revision = 40619cbb3bf32872df8c53cc457039229428a263
+revision = e7af9751d9f9fd3b47911f51a5cfd08af256a9ab
 patch_directory = berkeley-testfloat-3
 depth = 1

target/s390x/cpu.h

@@ -36,6 +36,8 @@
 /* The z/Architecture has a strong memory model with some store-after-load re-ordering */
 #define TCG_GUEST_DEFAULT_MO      (TCG_MO_ALL & ~TCG_MO_ST_LD)
 
+#define TARGET_HAS_PRECISE_SMC
+
 #define TARGET_INSN_START_EXTRA_WORDS 2
 
 #define MMU_USER_IDX 0

tests/qtest/bios-tables-test.c

@@ -2138,7 +2138,9 @@ int main(int argc, char *argv[])
                 qtest_add_func("acpi/q35/core-count2",
                                test_acpi_q35_tcg_core_count2);
             }
-            qtest_add_func("acpi/q35/viot", test_acpi_q35_viot);
+            if (qtest_has_device("virtio-iommu-pci")) {
+                qtest_add_func("acpi/q35/viot", test_acpi_q35_viot);
+            }
 #ifdef CONFIG_POSIX
             qtest_add_func("acpi/q35/cxl", test_acpi_q35_cxl);
 #endif
@@ -2173,7 +2175,9 @@ int main(int argc, char *argv[])
             qtest_add_func("acpi/virt/memhp", test_acpi_virt_tcg_memhp);
             qtest_add_func("acpi/virt/pxb", test_acpi_virt_tcg_pxb);
             qtest_add_func("acpi/virt/oem-fields", test_acpi_virt_oem_fields);
-            qtest_add_func("acpi/virt/viot", test_acpi_virt_viot);
+            if (qtest_has_device("virtio-iommu-pci")) {
+                qtest_add_func("acpi/virt/viot", test_acpi_virt_viot);
+            }
         }
     }
     ret = g_test_run();

tests/qtest/meson.build

@@ -155,8 +155,8 @@ qtests_ppc = \
   qtests_filter + \
   (config_all_devices.has_key('CONFIG_ISA_TESTDEV') ? ['endianness-test'] : []) +            \
   (config_all_devices.has_key('CONFIG_M48T59') ? ['m48t59-test'] : []) +                     \
-  (config_all_devices.has_key('CONFIG_TCG') ? ['prom-env-test'] : []) +                      \
-  (config_all_devices.has_key('CONFIG_TCG') ? ['boot-serial-test'] : []) +                   \
+  (config_all.has_key('CONFIG_TCG') ? ['prom-env-test'] : []) +                              \
+  (config_all.has_key('CONFIG_TCG') ? ['boot-serial-test'] : []) +                           \
   ['boot-order-test']
 
 qtests_ppc64 = \

tests/qtest/netdev-socket.c

@@ -82,7 +82,7 @@ static int inet_get_free_port_socket_ipv6(int sock)
 
 static int inet_get_free_port_multiple(int nb, int *port, bool ipv6)
 {
-    int sock[nb];
+    g_autofree int *sock = g_new(int, nb);
     int i;
 
     for (i = 0; i < nb; i++) {

tests/qtest/usb-hcd-xhci-test.c

@@ -56,8 +56,12 @@ int main(int argc, char **argv)
 
     qtest_add_func("/xhci/pci/init", test_xhci_init);
     qtest_add_func("/xhci/pci/hotplug", test_xhci_hotplug);
-    qtest_add_func("/xhci/pci/hotplug/usb-uas", test_usb_uas_hotplug);
-    qtest_add_func("/xhci/pci/hotplug/usb-ccid", test_usb_ccid_hotplug);
+    if (qtest_has_device("usb-uas")) {
+        qtest_add_func("/xhci/pci/hotplug/usb-uas", test_usb_uas_hotplug);
+    }
+    if (qtest_has_device("usb-ccid")) {
+        qtest_add_func("/xhci/pci/hotplug/usb-ccid", test_usb_ccid_hotplug);
+    }
 
     qtest_start("-device nec-usb-xhci,id=xhci"
                 " -drive id=drive0,if=none,file=null-co://,"

tests/tcg/s390x/Makefile.softmmu-target

@@ -25,6 +25,7 @@ ASM_TESTS =                                                                    \
     lpswe-early                                                                \
     lra                                                                        \
     mc                                                                         \
+    precise-smc-softmmu                                                        \
     ssm-early                                                                  \
     stosm-early                                                                \
     stpq                                                                       \

tests/tcg/s390x/Makefile.target

@@ -61,6 +61,7 @@ Z13_TESTS+=locfhr
 Z13_TESTS+=vcksm
 Z13_TESTS+=vstl
 Z13_TESTS+=vrep
+Z13_TESTS+=precise-smc-user
 $(Z13_TESTS): CFLAGS+=-march=z13 -O2
 TESTS+=$(Z13_TESTS)
 

tests/tcg/s390x/precise-smc-softmmu.S

@@ -0,0 +1,63 @@
+/*
+ * Test s390x-softmmu precise self-modifying code handling.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+    .org 0x8e
+program_interruption_code:
+    .org 0x150
+program_old_psw:
+    .org 0x1D0                         /* program new PSW */
+    .quad 0x180000000,pgm              /* 64-bit mode */
+    .org 0x200                         /* lowcore padding */
+    .globl _start
+_start:
+    lctlg %c0,%c0,c0
+    lghi %r0,15
+
+    /* Test 1: replace sgr with agr. */
+    lghi %r1,21
+    vl %v0,patch1
+    jg 1f                              /* start a new TB */
+0:
+    .org . + 6                         /* pad patched code to 16 bytes */
+1:
+    vstl %v0,%r0,0b                    /* start writing before TB */
+    sgr %r1,%r1                        /* this becomes `agr %r1,%r1` */
+    cgijne %r1,42,failure
+
+    /* Test 2: replace agr with division by zero. */
+    vl %v0,patch2
+    jg 1f                              /* start a new TB */
+0:
+    .org . + 6                         /* pad patched code to 16 bytes */
+1:
+    vstl %v0,%r0,0b                    /* start writing before TB */
+    sgr %r1,%r1                        /* this becomes `d %r0,zero` */
+failure:
+    lpswe failure_psw
+
+pgm:
+    chhsi program_interruption_code,0x9          /* divide exception? */
+    jne failure
+    clc program_old_psw(16),expected_old_psw2    /* correct old PSW? */
+    jne failure
+    lpswe success_psw
+
+patch1:
+    .fill 12                           /* replaces padding and stpq */
+    agr %r1,%r1                        /* replaces sgr */
+patch2:
+    .fill 12                           /* replaces padding and stpq */
+    d %r0,zero                         /* replaces sgr */
+zero:
+    .long 0
+expected_old_psw2:
+    .quad 0x200180000000,failure       /* cc is from addition */
+    .align 8
+c0:
+    .quad 0x60000                      /* AFP, VX */
+success_psw:
+    .quad 0x2000000000000,0xfff        /* see is_special_wait_psw() */
+failure_psw:
+    .quad 0x2000000000000,0            /* disabled wait */

tests/tcg/s390x/precise-smc-user.c

@@ -0,0 +1,39 @@
+/*
+ * Test s390x-linux-user precise self-modifying code handling.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#include <assert.h>
+#include <sys/mman.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+extern __uint128_t __attribute__((__aligned__(1))) smc;
+extern __uint128_t __attribute__((__aligned__(1))) patch;
+
+int main(void)
+{
+    char *aligned_smc = (char *)((uintptr_t)&smc & ~0xFFFULL);
+    char *smc_end = (char *)&smc + sizeof(smc);
+    uint64_t value = 21;
+    int err;
+
+    err = mprotect(aligned_smc, smc_end - aligned_smc,
+                   PROT_READ | PROT_WRITE | PROT_EXEC);
+    assert(err == 0);
+
+    asm("jg 0f\n"                           /* start a new TB */
+        "patch: .byte 0,0,0,0,0,0\n"        /* replaces padding */
+        ".byte 0,0,0,0,0,0\n"               /* replaces vstl */
+        "agr %[value],%[value]\n"           /* replaces sgr */
+        "smc: .org . + 6\n"                 /* pad patched code to 16 bytes */
+        "0: vstl %[patch],%[idx],%[smc]\n"  /* start writing before TB */
+        "sgr %[value],%[value]"             /* this becomes `agr %r0,%r0` */
+        : [smc] "=R" (smc)
+        , [value] "+r" (value)
+        : [patch] "v" (patch)
+        , [idx] "r" (sizeof(patch) - 1)
+        : "cc");
+
+    return value == 42 ? EXIT_SUCCESS : EXIT_FAILURE;
+}