Branch: refs/heads/staging-8.1
Home: https://github.com/qemu/qemu
Commit: 5b4372fff00b16b19369213dd6da2afc9dd6ffd4
https://github.com/qemu/qemu/commit/5b4372fff00b16b19369213dd6da2afc9dd6ffd4
Author: Kevin Wolf <kw...@redhat.com>
Date: 2023-09-11 (Mon, 11 Sep 2023)
Changed paths:
M hw/virtio/virtio.c
Log Message:
-----------
virtio: Drop out of coroutine context in virtio_load()
virtio_load() as a whole should run in coroutine context because it
reads from the migration stream and we don't want this to block.
However, it calls virtio_set_features_nocheck() and devices don't
expect their .set_features callback to run in a coroutine and therefore
call functions that may not be called in coroutine context. To fix this,
drop out of coroutine context for calling virtio_set_features_nocheck().
Without this fix, the following crash was reported:
#0 __pthread_kill_implementation (threadid=<optimized out>,
signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1 0x00007efc738c05d3 in __pthread_kill_internal (signo=6,
threadid=<optimized out>) at pthread_kill.c:78
#2 0x00007efc73873d26 in __GI_raise (sig=sig@entry=6) at
../sysdeps/posix/raise.c:26
#3 0x00007efc738477f3 in __GI_abort () at abort.c:79
#4 0x00007efc7384771b in __assert_fail_base (fmt=0x7efc739dbcb8 "",
assertion=assertion@entry=0x560aebfbf5cf "!qemu_in_coroutine()",
file=file@entry=0x560aebfcd2d4 "../block/graph-lock.c",
line=line@entry=275, function=function@entry=0x560aebfcd34d "void
bdrv_graph_rdlock_main_loop(void)") at assert.c:92
#5 0x00007efc7386ccc6 in __assert_fail (assertion=0x560aebfbf5cf
"!qemu_in_coroutine()", file=0x560aebfcd2d4 "../block/graph-lock.c", line=275,
function=0x560aebfcd34d "void bdrv_graph_rdlock_main_loop(void)") at
assert.c:101
#6 0x0000560aebcd8dd6 in bdrv_register_buf ()
#7 0x0000560aeb97ed97 in ram_block_added.llvm ()
#8 0x0000560aebb8303f in ram_block_add.llvm ()
#9 0x0000560aebb834fa in qemu_ram_alloc_internal.llvm ()
#10 0x0000560aebb2ac98 in vfio_region_mmap ()
#11 0x0000560aebb3ea0f in vfio_bars_register ()
#12 0x0000560aebb3c628 in vfio_realize ()
#13 0x0000560aeb90f0c2 in pci_qdev_realize ()
#14 0x0000560aebc40305 in device_set_realized ()
#15 0x0000560aebc48e07 in property_set_bool.llvm ()
#16 0x0000560aebc46582 in object_property_set ()
#17 0x0000560aebc4cd58 in object_property_set_qobject ()
#18 0x0000560aebc46ba7 in object_property_set_bool ()
#19 0x0000560aeb98b3ca in qdev_device_add_from_qdict ()
#20 0x0000560aebb1fbaf in virtio_net_set_features ()
#21 0x0000560aebb46b51 in virtio_set_features_nocheck ()
#22 0x0000560aebb47107 in virtio_load ()
#23 0x0000560aeb9ae7ce in vmstate_load_state ()
#24 0x0000560aeb9d2ee9 in qemu_loadvm_state_main ()
#25 0x0000560aeb9d45e1 in qemu_loadvm_state ()
#26 0x0000560aeb9bc32c in process_incoming_migration_co.llvm ()
#27 0x0000560aebeace56 in coroutine_trampoline.llvm ()
Cc: qemu-sta...@nongnu.org
Buglink: https://issues.redhat.com/browse/RHEL-832
Signed-off-by: Kevin Wolf <kw...@redhat.com>
Message-ID: <20230905145002.46391-3-kw...@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com>
Signed-off-by: Kevin Wolf <kw...@redhat.com>
(cherry picked from commit 92e2e6a867334a990f8d29f07ca34e3162fdd6ec)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: e765afbfe5d29260d3f2e54ccfcd44a7c4681b75
https://github.com/qemu/qemu/commit/e765afbfe5d29260d3f2e54ccfcd44a7c4681b75
Author: Colton Lewis <coltonle...@google.com>
Date: 2023-09-11 (Mon, 11 Sep 2023)
Changed paths:
M target/arm/kvm64.c
Log Message:
-----------
arm64: Restore trapless ptimer access
Due to recent KVM changes, QEMU is setting a ptimer offset resulting
in unintended trap and emulate access and a consequent performance
hit. Filter out the PTIMER_CNT register to restore trapless ptimer
access.
Quoting Andrew Jones:
Simply reading the CNT register and writing back the same value is
enough to set an offset, since the timer will have certainly moved
past whatever value was read by the time it's written. QEMU
frequently saves and restores all registers in the get-reg-list array,
unless they've been explicitly filtered out (with Linux commit
680232a94c12, KVM_REG_ARM_PTIMER_CNT is now in the array). So, to
restore trapless ptimer accesses, we need a QEMU patch to filter out
the register.
See
https://lore.kernel.org/kvmarm/gsntttsonus5....@coltonlewis-kvm.c.googlers.com/T/#m0770023762a821db2a3f0dd0a7dc6aa54e0d0da9
for additional context.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Andrew Jones <andrew.jo...@linux.dev>
Signed-off-by: Colton Lewis <coltonle...@google.com>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Tested-by: Colton Lewis <coltonle...@google.com>
Message-id: 20230831190052.129045-1-coltonle...@google.com
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit 682814e2a3c883b27f24b9e7cab47313c49acbd4)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 3bfabfb7ea083050b1487d94bb3f4d1aac047985
https://github.com/qemu/qemu/commit/3bfabfb7ea083050b1487d94bb3f4d1aac047985
Author: Thomas Huth <th...@redhat.com>
Date: 2023-09-11 (Mon, 11 Sep 2023)
Changed paths:
M hw/char/riscv_htif.c
Log Message:
-----------
hw/char/riscv_htif: Fix printing of console characters on big endian hosts
The character that should be printed is stored in the 64 bit "payload"
variable. The code currently tries to print it by taking the address
of the variable and passing this pointer to qemu_chr_fe_write(). However,
this only works on little endian hosts where the least significant bits
are stored on the lowest address. To do this in a portable way, we have
to store the value in an uint8_t variable instead.
Fixes: 5033606780 ("RISC-V HTIF Console")
Signed-off-by: Thomas Huth <th...@redhat.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Reviewed-by: Bin Meng <bm...@tinylab.org>
Reviewed-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-Id: <20230721094720.902454-2-th...@redhat.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit c255946e3df4d9660e4f468a456633c24393d468)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: c56055f680677eb2c2ec1cd578a4c5a1eec94ac6
https://github.com/qemu/qemu/commit/c56055f680677eb2c2ec1cd578a4c5a1eec94ac6
Author: Thomas Huth <th...@redhat.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M hw/char/riscv_htif.c
Log Message:
-----------
hw/char/riscv_htif: Fix the console syscall on big endian hosts
Values that have been read via cpu_physical_memory_read() from the
guest's memory have to be swapped in case the host endianess differs
from the guest.
Fixes: a6e13e31d5 ("riscv_htif: Support console output via proxy syscall")
Signed-off-by: Thomas Huth <th...@redhat.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Reviewed-by: Bin Meng <bm...@tinylab.org>
Reviewed-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Message-Id: <20230721094720.902454-3-th...@redhat.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit 058096f1c55ab688db7e1d6814aaefc1bcd87f7a)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: b2e4203a8343d44039e0042168d6f57409437062
https://github.com/qemu/qemu/commit/b2e4203a8343d44039e0042168d6f57409437062
Author: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M target/riscv/cpu.c
Log Message:
-----------
target/riscv/cpu.c: add zmmul isa string
zmmul was promoted from experimental to ratified in commit 6d00ffad4e95.
Add a riscv,isa string for it.
Fixes: 6d00ffad4e95 ("target/riscv: move zmmul out of the experimental
properties")
Signed-off-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Reviewed-by: Weiwei Li <liwei...@iscas.ac.cn>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Message-Id: <20230720132424.371132-2-dbarb...@ventanamicro.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit 50f9464962fb41f04fd5f42e7ee2cb60942aba89)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: f5cef73e0f37ad16688f06fe660f228e0aeecee3
https://github.com/qemu/qemu/commit/f5cef73e0f37ad16688f06fe660f228e0aeecee3
Author: LIU Zhiwei <zhiwei_...@linux.alibaba.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M target/riscv/vector_helper.c
Log Message:
-----------
target/riscv: Fix page_check_range use in fault-only-first
Commit bef6f008b98(accel/tcg: Return bool from page_check_range) converts
integer return value to bool type. However, it wrongly converted the use
of the API in riscv fault-only-first, where page_check_range < = 0, should
be converted to !page_check_range.
Signed-off-by: LIU Zhiwei <zhiwei_...@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Message-ID: <20230729031618.821-1-zhiwei_...@linux.alibaba.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit 4cc9f284d5971ecd8055d26ef74c23ef0be8b8f5)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 6dbc23073459034bdc8fb8261a4452eebc8365ab
https://github.com/qemu/qemu/commit/6dbc23073459034bdc8fb8261a4452eebc8365ab
Author: LIU Zhiwei <zhiwei_...@linux.alibaba.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M target/riscv/insn_trans/trans_rvzfa.c.inc
Log Message:
-----------
target/riscv: Fix zfa fleq.d and fltq.d
Commit a47842d ("riscv: Add support for the Zfa extension") implemented the zfa
extension.
However, it has some typos for fleq.d and fltq.d. Both of them misused the
fltq.s
helper function.
Fixes: a47842d ("riscv: Add support for the Zfa extension")
Signed-off-by: LIU Zhiwei <zhiwei_...@linux.alibaba.com>
Reviewed-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Reviewed-by: Weiwei Li <liwei...@iscas.ac.cn>
Message-ID: <20230728003906.768-1-zhiwei_...@linux.alibaba.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit eda633a534f8af4abe3a88731bba6dacdb973993)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: cf14dbf2bdac156f0b5b26c72f27aa73e588ac26
https://github.com/qemu/qemu/commit/cf14dbf2bdac156f0b5b26c72f27aa73e588ac26
Author: Jason Chien <jason.ch...@sifive.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M hw/intc/riscv_aclint.c
Log Message:
-----------
hw/intc: Fix upper/lower mtime write calculation
When writing the upper mtime, we should keep the original lower mtime
whose value is given by cpu_riscv_read_rtc() instead of
cpu_riscv_read_rtc_raw(). The same logic applies to writes to lower mtime.
Signed-off-by: Jason Chien <jason.ch...@sifive.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Message-ID: <20230728082502.26439-1-jason.ch...@sifive.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit e0922b73baf00c4c19d4ad30d09bb94f7ffea0f4)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: f15d281eceb935775a3c612145d161072a26f6c4
https://github.com/qemu/qemu/commit/f15d281eceb935775a3c612145d161072a26f6c4
Author: Jason Chien <jason.ch...@sifive.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M hw/intc/riscv_aclint.c
Log Message:
-----------
hw/intc: Make rtc variable names consistent
The variables whose values are given by cpu_riscv_read_rtc() should be named
"rtc". The variables whose value are given by cpu_riscv_read_rtc_raw()
should be named "rtc_r".
Signed-off-by: Jason Chien <jason.ch...@sifive.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Message-ID: <20230728082502.26439-2-jason.ch...@sifive.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit 9382a9eafccad8dc6a487ea3a8d2bed03dc35db9)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: aabed16d52f1ecc40c37353ce96998a6307720b8
https://github.com/qemu/qemu/commit/aabed16d52f1ecc40c37353ce96998a6307720b8
Author: LIU Zhiwei <zhiwei_...@linux.alibaba.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M linux-user/riscv/signal.c
Log Message:
-----------
linux-user/riscv: Use abi type for target_ucontext
We should not use types dependend on host arch for target_ucontext.
This bug is found when run rv32 applications.
Signed-off-by: LIU Zhiwei <zhiwei_...@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Reviewed-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-ID: <20230811055438.1945-1-zhiwei_...@linux.alibaba.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit ae7d4d625cab49657b9fc2be09d895afb9bcdaf0)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 33159bc90db64c7ea10b34926b0d3277e45d80bb
https://github.com/qemu/qemu/commit/33159bc90db64c7ea10b34926b0d3277e45d80bb
Author: Conor Dooley <conor.doo...@microchip.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M hw/riscv/virt.c
Log Message:
-----------
hw/riscv: virt: Fix riscv,pmu DT node path
On a dtb dumped from the virt machine, dt-validate complains:
soc: pmu: {'riscv,event-to-mhpmcounters': [[1, 1, 524281], [2, 2, 524284],
[65561, 65561, 524280], [65563, 65563, 524280], [65569, 65569, 524280]],
'compatible': ['riscv,pmu']} should not be valid under {'type': 'object'}
from schema $id: http://devicetree.org/schemas/simple-bus.yaml#
That's pretty cryptic, but running the dtb back through dtc produces
something a lot more reasonable:
Warning (simple_bus_reg): /soc/pmu: missing or empty reg/ranges property
Moving the riscv,pmu node out of the soc bus solves the problem.
Signed-off-by: Conor Dooley <conor.doo...@microchip.com>
Acked-by: Alistair Francis <alistair.fran...@wdc.com>
Reviewed-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Message-ID: <20230727-groom-decline-2c57ce42841c@spud>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit 9ff31406312500053ecb5f92df01dd9ce52e635d)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: cca8a52f0251d143ccab1cabe5d5d25702b9bb11
https://github.com/qemu/qemu/commit/cca8a52f0251d143ccab1cabe5d5d25702b9bb11
Author: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M target/riscv/cpu.c
Log Message:
-----------
target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0
In the same emulated RISC-V host, the 'host' KVM CPU takes 4 times
longer to boot than the 'rv64' KVM CPU.
The reason is an unintended behavior of riscv_cpu_satp_mode_finalize()
when satp_mode.supported = 0, i.e. when cpu_init() does not set
satp_mode_max_supported(). satp_mode_max_from_map(map) does:
31 - __builtin_clz(map)
This means that, if satp_mode.supported = 0, satp_mode_supported_max
wil be '31 - 32'. But this is C, so satp_mode_supported_max will gladly
set it to UINT_MAX (4294967295). After that, if the user didn't set a
satp_mode, set_satp_mode_default_map(cpu) will make
cfg.satp_mode.map = cfg.satp_mode.supported
So satp_mode.map = 0. And then satp_mode_map_max will be set to
satp_mode_max_from_map(cpu->cfg.satp_mode.map), i.e. also UINT_MAX. The
guard "satp_mode_map_max > satp_mode_supported_max" doesn't protect us
here since both are UINT_MAX.
And finally we have 2 loops:
for (int i = satp_mode_map_max - 1; i >= 0; --i) {
Which are, in fact, 2 loops from UINT_MAX -1 to -1. This is where the
extra delay when booting the 'host' CPU is coming from.
Commit 43d1de32f8 already set a precedence for satp_mode.supported = 0
in a different manner. We're doing the same here. If supported == 0,
interpret as 'the CPU wants the OS to handle satp mode alone' and skip
satp_mode_finalize().
We'll also put a guard in satp_mode_max_from_map() to assert out if map
is 0 since the function is not ready to deal with it.
Cc: Alexandre Ghiti <alexgh...@rivosinc.com>
Fixes: 6f23aaeb9b ("riscv: Allow user to set the satp mode")
Signed-off-by: Daniel Henrique Barboza <dbarb...@ventanamicro.com>
Reviewed-by: Andrew Jones <ajo...@ventanamicro.com>
Message-ID: <20230817152903.694926-1-dbarb...@ventanamicro.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit 3a2fc23563885c219c73c8f24318921daf02f3f2)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 7f1a9ebb8c3251101f652064f049780f881de265
https://github.com/qemu/qemu/commit/7f1a9ebb8c3251101f652064f049780f881de265
Author: Leon Schuermann <le...@opentitan.org>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M target/riscv/pmp.c
Log Message:
-----------
target/riscv/pmp.c: respect mseccfg.RLB for pmpaddrX changes
When the rule-lock bypass (RLB) bit is set in the mseccfg CSR, the PMP
configuration lock bits must not apply. While this behavior is
implemented for the pmpcfgX CSRs, this bit is not respected for
changes to the pmpaddrX CSRs. This patch ensures that pmpaddrX CSR
writes work even on locked regions when the global rule-lock bypass is
enabled.
Signed-off-by: Leon Schuermann <le...@opentitan.org>
Reviewed-by: Mayuresh Chitale <mchit...@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Message-ID: <20230829215046.1430463-1-leon@is.currently.online>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit 4e3adce1244e1ca30ec05874c3eca14911dc0825)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: ab6453e0baf7cb210d74257290dc9c08915a2978
https://github.com/qemu/qemu/commit/ab6453e0baf7cb210d74257290dc9c08915a2978
Author: Akihiko Odaki <akihiko.od...@daynix.com>
Date: 2023-09-12 (Tue, 12 Sep 2023)
Changed paths:
M target/riscv/cpu.c
M target/riscv/debug.c
M target/riscv/debug.h
Log Message:
-----------
target/riscv: Allocate itrigger timers only once
riscv_trigger_init() had been called on reset events that can happen
several times for a CPU and it allocated timers for itrigger. If old
timers were present, they were simply overwritten by the new timers,
resulting in a memory leak.
Divide riscv_trigger_init() into two functions, namely
riscv_trigger_realize() and riscv_trigger_reset() and call them in
appropriate timing. The timer allocation will happen only once for a
CPU in riscv_trigger_realize().
Fixes: 5a4ae64cac ("target/riscv: Add itrigger support when icount is enabled")
Signed-off-by: Akihiko Odaki <akihiko.od...@daynix.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_...@linux.alibaba.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Message-ID: <20230818034059.9146-1-akihiko.od...@daynix.com>
Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
(cherry picked from commit a7c272df82af11c568ea83921b04334791dccd5e)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Compare: https://github.com/qemu/qemu/compare/00628cf412cd...ab6453e0baf7
