Re: [Qemu-devel] [PATCH 2/6] tests/device-introspection: Check that the qom-tree and qtree do not change
On 08/14/2018 07:53 PM, Markus Armbruster wrote:
> Thomas Huth writes:
>
>> Introspection should not change the qom-tree / qtree, so we should check
>> this in the device-introspect-test, too. This patch helped to find lots
>> of instrospection bugs during the QEMU v3.0 soft/hard-freeze period in the
>> last two months.
>
> Clever idea.
>
>> Signed-off-by: Thomas Huth
>> ---
>> tests/device-introspect-test.c | 23 +++
>> 1 file changed, 19 insertions(+), 4 deletions(-)
>>
>> diff --git a/tests/device-introspect-test.c b/tests/device-introspect-test.c
>> index 0b4f221..5b7ec05 100644
>> --- a/tests/device-introspect-test.c
>> +++ b/tests/device-introspect-test.c
>> @@ -103,7 +103,14 @@ static QList *device_type_list(bool abstract)
>> static void test_one_device(const char *type)
>> {
>> QDict *resp;
>> -char *help, *qom_tree;
>> +char *help;
>> +char *qom_tree_start, *qom_tree_end;
>> +char *qtree_start, *qtree_end;
>> +
>> +g_debug("Testing device '%s'", type);
>
> This is only the second use of g_debug() in tests/. What are you trying
> to accomplish?
When the test crashes, I need a way to determine the device which caused
the crash. To avoid that I've then got to insert fprintf statements
manually here and recompile, the g_debug() seems to be a good solution,
since you can enable its output by setting some environment variable (I
use G_MESSAGES_DEBUG=all and G_MESSAGES_PREFIXED=none).
Or do you see a better way to provide a possibility to determine the
device that caused a crash?
Thomas
Re: [Qemu-devel] [PATCH 1/3] qsp: QEMU's Synchronization Profiler
On Wed, Aug 15, 2018 at 11:09:42 +0800, Fam Zheng wrote:
> On Mon, 08/13 13:11, Emilio G. Cota wrote:
> > + --enable-sync-profiler) sync_profiler="yes"
> > + ;;
>
> Curious, not asking for a change: can this be made a runtime option instead of
> compile time, since there's no library dependencies? That should make this
> somewhat easier to use.
Good point. I'll do some profiling tomorrow to see how the latency
of the locking primitives could be minimized (ideally, not using
the profiler should just add a well-predicted branch).
> > +
> > +#define QSP_GEN_VOID(type_, qsp_t_, func_, impl_) \
> > +void func_(type_ *obj, const char *file, unsigned line) \
> > +{ \
> > +struct qsp_entry *e = qsp_entry_get(obj, file, line, qsp_t_); \
> > +int64_t t; \
> > +\
>
> No qsp_init()?
>
> > +t = get_clock();\
> > +impl_(obj, file, line); \
> > +atomic_set(>ns, e->ns + get_clock() - t);\
> > +atomic_set(>n_acqs, e->n_acqs + 1); \
> > +}
> > +
> > +#define QSP_GEN_RET1(type_, qsp_t_, func_, impl_) \
> > +int func_(type_ *obj, const char *file, unsigned line) \
> > +{ \
> > +struct qsp_entry *e = qsp_entry_get(obj, file, line, qsp_t_); \
> > +int64_t t; \
> > +int err;\
> > +\
>
> Same here.
qsp_init is called by qsp_get_entry.
(snip)
> > +void qsp_cond_wait(QemuCond *cond, QemuMutex *mutex, const char *file,
> > + unsigned line)
> > +{
> > +struct qsp_entry *e;
> > +int64_t t;
> > +
> > +qsp_init();
> > +
> > +e = qsp_entry_get(cond, file, line, QSP_CONDVAR);
> > +t = get_clock();
> > +qemu_cond_wait_impl(cond, mutex, file, line);
> > +atomic_set(>ns, e->ns + get_clock() - t);
> > +atomic_set(>n_acqs, e->n_acqs + 1);
>
> Why not atomic_add (both here and in above macros)? Because fetching e->ns and
> then updating it is not "atomic" this way.
This isn't a read-modify-write op; atomic_set is used here as
"write_once".
Note that struct qsp_entry is only ever modified by the current
thread (thread_ptr is part of the struct; yes this uses a lot
more memory but that's the price of scalability). The struct might
be read anytime by other threads though, so we have to use atomic_set
to avoid undefined behaviour (e.g. torn reads/writes).
Thanks,
Emilio
Re: [Qemu-devel] [PATCH 1/3] qsp: QEMU's Synchronization Profiler
"Emilio G. Cota" writes: > On Tue, Aug 14, 2018 at 10:13:12 +0200, Paolo Bonzini wrote: >> On 13/08/2018 19:11, Emilio G. Cota wrote: >> > +struct qsp_report rep; >> >> Don't like camelcase? But that's really all that I have to remark on >> this lovely series. > > I have a strong aversion to it :-) I despise it as much as anyone, but CODING_STYLE demands CamelCase for "type names" (which I interpret as typedef names), and convention (not codified in CODING_STYLE) demands typedef for struct types. > But if that's a deal breaker, let me know. Hold your nose and go with the flow.
Re: [Qemu-devel] [PATCH v1] exec: handle NULL pointer in flatview_read_continue
Hi, This series seems to have some coding style problems. See output below for more information: Type: series Message-id: 20180809141403.11296-1-o...@aepfle.de Subject: [Qemu-devel] [PATCH v1] exec: handle NULL pointer in flatview_read_continue === TEST SCRIPT BEGIN === #!/bin/bash BASE=base n=1 total=$(git log --oneline $BASE.. | wc -l) failed=0 git config --local diff.renamelimit 0 git config --local diff.renames True git config --local diff.algorithm histogram commits="$(git log --format=%H --reverse $BASE..)" for c in $commits; do echo "Checking PATCH $n/$total: $(git log -n 1 --format=%s $c)..." if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then failed=1 echo fi n=$((n+1)) done exit $failed === TEST SCRIPT END === Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384 Switched to a new branch 'test' 41d94e5a05 exec: handle NULL pointer in flatview_read_continue === OUTPUT BEGIN === Checking PATCH 1/1: exec: handle NULL pointer in flatview_read_continue... ERROR: code indent should never use tabs #21: FILE: exec.c:3321: +^Iif (ptr)$ total: 1 errors, 0 warnings, 9 lines checked Your patch has style problems, please review. If any of these errors are false positives report them to the maintainer, see CHECKPATCH in MAINTAINERS. === OUTPUT END === Test command exited with code: 1 --- Email generated automatically by Patchew [http://patchew.org/]. Please send your feedback to patchew-de...@redhat.com
Re: [Qemu-devel] [PATCH v3 5/5] qmp: add pmemload command
Simon Ruderich writes: > On Tue, Aug 14, 2018 at 05:49:12PM +0200, Markus Armbruster wrote: >>> On Fri, Aug 10, 2018 at 11:36:51AM +0100, Dr. David Alan Gilbert wrote: > --- a/hmp-commands.hx > +++ b/hmp-commands.hx >> >> Subject claims "qmp: add", but the patch also adds to hmp. Recommend to >> split the patch into QMP and HMP part. > > Hello, > > Sure, I can do that. > >>> qapi/misc.json seems to always use 'int' for integer types. Is >>> this value large enough on 64-bit architectures? >> >> Yes. QAPI's int translates to int64_t. > > Thanks. > >>> Just curious, what is the difference between 's' and 'F'. Is that >>> only for documentation purposes (and maybe tab completion) or is >>> the usage different? I noticed existing code uses qdict_get_str() >>> for both 's' and 'F'. >> >> The main behavioral difference is completion. > > Good to know, thanks. > >> I recommend to start with the QMP interface. Parameters are unordered >> there. memsave and pmemsave both take mandatory @val, @size, @filename. >> memsave additionally takes optional @cpu-index. > > Yes. > >> Your pmemload has pmemsave's arguments plus and mandatory @offset. >> Rationale for adding @offset? You may have answered this question >> already; pointer to that answer would be fine. > > My initial patch didn't have the offset. It was suggested by Eric > Blake in <0a960aa8-2a3f-8667-3d46-cecf8e65e...@redhat.com>: > > On Tue, Apr 10, 2018 at 04:33:03PM -0500, Eric Blake wrote: >> Do you additionally need an offset where to start reading from within >> the file (that is, since you already have the 'size' parameter to avoid >> reading the entire file, and the 'val' parameter to target anywhere in >> physical memory, how do I start reading anywhere from the file)? > > It sounded useful to me so I added it. Feels like an optional parameter to me. >> Once we got the QMP interface nailed down, we can move to the HMP >> interface. > > Good point. > >> These two should become a separate bug fix patch. The bug being fixed >> is completion. > > Sure, they are in separate patches. Just wanted to show the > general changes I applied from the reviews. > > Thanks for the review. > > Regards > Simon
Re: [Qemu-devel] [Bug 1785698] Re: Solaris build error: unknown type name ‘gcry_error_t’
Peter Maydell writes: > On 14 August 2018 at 18:44, Michele Denber <1785...@bugs.launchpad.net> wrote: >> On 08-14-2018 4:42 AM, Peter Maydell wrote: >>> >>> We do assume a posix shell and that that shell is /bin/sh. >>> We may have bugs where we assume non-posix behaviour >>> from it, since almost all users are going to be on systems >>> where /bin/sh is bash or dash or whatever the BSD /bin/sh is. >> Apparently Solaris is different in that regard (among others). > > Yeah. I'm not sure how much I care about supporting OSes that > decide to be totally different from everybody else, to be honest. > It's the 21st century and POSIX is a thing. Setting SHELL=/usr/xpg4/bin/sh PATH=/usr/xpg6/bin:/usr/xpg4/bin:$PATH should make it a thing even on Solaris: https://docs.oracle.com/cd/E86824_01/html/E54776/standards-5.html A quick git-grep shows several hardcoded /bin/sh, so setting SHELL might not stick. Whether they're in the way of building I can't say. [...]
[Qemu-devel] [PULL 17/17] aio-posix: Improve comment around marking node deleted
The counter is for qemu_lockcnt_inc/dec sections (read side),
qemu_lockcnt_lock/unlock is for the write side.
Suggested-by: Paolo Bonzini
Signed-off-by: Fam Zheng
Message-Id: <20180803063917.30292-1-f...@redhat.com>
Signed-off-by: Fam Zheng
---
util/aio-posix.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/aio-posix.c b/util/aio-posix.c
index b5c609b68b..131ba6b4a8 100644
--- a/util/aio-posix.c
+++ b/util/aio-posix.c
@@ -232,7 +232,7 @@ void aio_set_fd_handler(AioContext *ctx,
g_source_remove_poll(>source, >pfd);
}
-/* If the lock is held, just mark the node as deleted */
+/* If a read is in progress, just mark the node as deleted */
if (qemu_lockcnt_count(>list_lock)) {
node->deleted = 1;
node->pfd.revents = 0;
--
2.17.1
[Qemu-devel] [PULL 11/17] tests: vm: Add vm-clean-all
The images are big. Add a rule to clean up easily. Suggested-by: Philippe Mathieu-Daudé Signed-off-by: Fam Zheng Message-Id: <20180716020008.31468-1-f...@redhat.com> Reviewed-by: Philippe Mathieu-Daudé Tested-by: Philippe Mathieu-Daudé Signed-off-by: Fam Zheng --- tests/vm/Makefile.include | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/vm/Makefile.include b/tests/vm/Makefile.include index af19b7a4e6..a5abb569c5 100644 --- a/tests/vm/Makefile.include +++ b/tests/vm/Makefile.include @@ -1,6 +1,6 @@ # Makefile for VM tests -.PHONY: vm-build-all +.PHONY: vm-build-all vm-clean-all IMAGES := ubuntu.i386 freebsd netbsd openbsd centos IMAGE_FILES := $(patsubst %, tests/vm/%.img, $(IMAGES)) @@ -18,6 +18,9 @@ vm-test: vm-build-all: $(addprefix vm-build-, $(IMAGES)) +vm-clean-all: + rm -f $(IMAGE_FILES) + tests/vm/%.img: $(SRC_PATH)/tests/vm/% \ $(SRC_PATH)/tests/vm/basevm.py \ $(SRC_PATH)/tests/vm/Makefile.include -- 2.17.1
[Qemu-devel] [PULL 16/17] tests/vm: Add vm-build-all/vm-clean-all in help text
Suggested-by: Philippe Mathieu-Daudé Signed-off-by: Fam Zheng Message-Id: <20180727083445.21436-1-f...@redhat.com> Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Alex Bennée Signed-off-by: Fam Zheng --- tests/vm/Makefile.include | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/vm/Makefile.include b/tests/vm/Makefile.include index 76f416286e..a98fb3027f 100644 --- a/tests/vm/Makefile.include +++ b/tests/vm/Makefile.include @@ -15,6 +15,9 @@ vm-test: @echo " vm-build-netbsd - Build QEMU in NetBSD VM" @echo " vm-build-openbsd- Build QEMU in OpenBSD VM" @echo " vm-build-centos - Build QEMU in CentOS VM, with Docker" + @echo "" + @echo " vm-build-all- Build QEMU in all VMs" + @echo " vm-clean-all- Clean up VM images" vm-build-all: $(addprefix vm-build-, $(IMAGES)) -- 2.17.1
[Qemu-devel] [PULL 06/17] aio: Do aio_notify_accept only during blocking aio_poll
An aio_notify() pairs with an aio_notify_accept(). The former should
happen in the main thread or a vCPU thread, and the latter should be
done in the IOThread.
There is one rare case that the main thread or vCPU thread may "steal"
the aio_notify() event just raised by itself, in bdrv_set_aio_context()
[1]. The sequence is like this:
main thread IO Thread
===
bdrv_drained_begin()
aio_disable_external(ctx)
aio_poll(ctx, true)
ctx->notify_me += 2
...
bdrv_drained_end()
...
aio_notify()
...
bdrv_set_aio_context()
aio_poll(ctx, false)
[1] aio_notify_accept(ctx)
ppoll() /* Hang! */
[1] is problematic. It will clear the ctx->notifier event so that
the blocked ppoll() will not return.
(For the curious, this bug was noticed when booting a number of VMs
simultaneously in RHV. One or two of the VMs will hit this race
condition, making the VIRTIO device unresponsive to I/O commands. When
it hangs, Seabios is busy waiting for a read request to complete (read
MBR), right after initializing the virtio-blk-pci device, using 100%
guest CPU. See also https://bugzilla.redhat.com/show_bug.cgi?id=1562750
for the original bug analysis.)
aio_notify() only injects an event when ctx->notify_me is set,
correspondingly aio_notify_accept() is only useful when ctx->notify_me
_was_ set. Move the call to it into the "blocking" branch. This will
effectively skip [1] and fix the hang.
Furthermore, blocking aio_poll is only allowed on home thread
(in_aio_context_home_thread), because otherwise two blocking
aio_poll()'s can steal each other's ctx->notifier event and cause
hanging just like described above.
Cc: qemu-sta...@nongnu.org
Suggested-by: Paolo Bonzini
Signed-off-by: Fam Zheng
Message-Id: <20180809132259.18402-3-f...@redhat.com>
Signed-off-by: Fam Zheng
---
util/aio-posix.c | 4 ++--
util/aio-win32.c | 3 ++-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/util/aio-posix.c b/util/aio-posix.c
index b5c7f463aa..b5c609b68b 100644
--- a/util/aio-posix.c
+++ b/util/aio-posix.c
@@ -591,6 +591,7 @@ bool aio_poll(AioContext *ctx, bool blocking)
* so disable the optimization now.
*/
if (blocking) {
+assert(in_aio_context_home_thread(ctx));
atomic_add(>notify_me, 2);
}
@@ -633,6 +634,7 @@ bool aio_poll(AioContext *ctx, bool blocking)
if (blocking) {
atomic_sub(>notify_me, 2);
+aio_notify_accept(ctx);
}
/* Adjust polling time */
@@ -676,8 +678,6 @@ bool aio_poll(AioContext *ctx, bool blocking)
}
}
-aio_notify_accept(ctx);
-
/* if we have any readable fds, dispatch event */
if (ret > 0) {
for (i = 0; i < npfd; i++) {
diff --git a/util/aio-win32.c b/util/aio-win32.c
index e676a8d9b2..c58957cc4b 100644
--- a/util/aio-win32.c
+++ b/util/aio-win32.c
@@ -373,11 +373,12 @@ bool aio_poll(AioContext *ctx, bool blocking)
ret = WaitForMultipleObjects(count, events, FALSE, timeout);
if (blocking) {
assert(first);
+assert(in_aio_context_home_thread(ctx));
atomic_sub(>notify_me, 2);
+aio_notify_accept(ctx);
}
if (first) {
-aio_notify_accept(ctx);
progress |= aio_bh_poll(ctx);
first = false;
}
--
2.17.1
[Qemu-devel] [PULL 15/17] tests/vm: Use make's --output-sync option
From: Peter Maydell
Use make's --output-sync option when running tests inside VMs,
so that if we're building with parallelization the output doesn't
get scrambled.
Signed-off-by: Peter Maydell
Message-Id: <20180803085230.30574-6-peter.mayd...@linaro.org>
Signed-off-by: Fam Zheng
---
tests/vm/freebsd | 4 ++--
tests/vm/netbsd | 4 ++--
tests/vm/openbsd | 4 ++--
tests/vm/ubuntu.i386 | 4 ++--
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/tests/vm/freebsd b/tests/vm/freebsd
index 795f739c7b..0a6ec4614a 100755
--- a/tests/vm/freebsd
+++ b/tests/vm/freebsd
@@ -23,8 +23,8 @@ class FreeBSDVM(basevm.BaseVM):
cd $(mktemp -d /var/tmp/qemu-test.XX);
tar -xf /dev/vtbd1;
./configure {configure_opts};
-gmake -j{jobs} {verbose};
-gmake -j{jobs} check {verbose};
+gmake --output-sync -j{jobs} {verbose};
+gmake --output-sync -j{jobs} check {verbose};
"""
def build_image(self, img):
diff --git a/tests/vm/netbsd b/tests/vm/netbsd
index c211672bcb..45c9260dc0 100755
--- a/tests/vm/netbsd
+++ b/tests/vm/netbsd
@@ -23,8 +23,8 @@ class NetBSDVM(basevm.BaseVM):
cd $(mktemp -d /var/tmp/qemu-test.XX);
tar -xf /dev/rld1a;
./configure --python=python2.7 {configure_opts};
-gmake -j{jobs} {verbose};
-gmake -j{jobs} check {verbose};
+gmake --output-sync -j{jobs} {verbose};
+gmake --output-sync -j{jobs} check {verbose};
"""
def build_image(self, img):
diff --git a/tests/vm/openbsd b/tests/vm/openbsd
index 1e0c2500ad..98edfbca4b 100755
--- a/tests/vm/openbsd
+++ b/tests/vm/openbsd
@@ -23,9 +23,9 @@ class OpenBSDVM(basevm.BaseVM):
cd $(mktemp -d /var/tmp/qemu-test.XX);
tar -xf /dev/rsd1c;
./configure --cc=x86_64-unknown-openbsd6.1-gcc-4.9.4
--python=python2.7 {configure_opts};
-gmake -j{jobs} {verbose};
+gmake --output-sync -j{jobs} {verbose};
# XXX: "gmake check" seems to always hang or fail
-#gmake -j{jobs} check {verbose};
+#gmake --output-sync -j{jobs} check {verbose};
"""
def build_image(self, img):
diff --git a/tests/vm/ubuntu.i386 b/tests/vm/ubuntu.i386
index 160b9be034..3f6ed48b74 100755
--- a/tests/vm/ubuntu.i386
+++ b/tests/vm/ubuntu.i386
@@ -25,8 +25,8 @@ class UbuntuX86VM(basevm.BaseVM):
sudo chmod a+r /dev/vdb;
tar -xf /dev/vdb;
./configure {configure_opts};
-make -j{jobs};
-make check -j{jobs} {verbose};
+make --output-sync -j{jobs};
+make --output-sync check -j{jobs} {verbose};
"""
def _gen_cloud_init_iso(self):
--
2.17.1
[Qemu-devel] [PULL 04/17] nvme: simplify plug/unplug
From: Paolo Bonzini
bdrv_io_plug/bdrv_io_unplug take care of keeping a nesting count,
so change s->plugged to just a bool.
Signed-off-by: Paolo Bonzini
Message-Id: <20180813144320.12382-2-pbonz...@redhat.com>
Signed-off-by: Fam Zheng
---
block/nvme.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/block/nvme.c b/block/nvme.c
index 37805e8890..781d77d6d2 100644
--- a/block/nvme.c
+++ b/block/nvme.c
@@ -104,7 +104,7 @@ typedef struct {
uint64_t nsze; /* Namespace size reported by identify command */
int nsid; /* The namespace id to read/write data. */
uint64_t max_transfer;
-int plugged;
+bool plugged;
CoMutex dma_map_lock;
CoQueue dma_flush_queue;
@@ -1101,7 +1101,8 @@ static void nvme_attach_aio_context(BlockDriverState *bs,
static void nvme_aio_plug(BlockDriverState *bs)
{
BDRVNVMeState *s = bs->opaque;
-s->plugged++;
+assert(!s->plugged);
+s->plugged = true;
}
static void nvme_aio_unplug(BlockDriverState *bs)
@@ -1109,14 +1110,13 @@ static void nvme_aio_unplug(BlockDriverState *bs)
int i;
BDRVNVMeState *s = bs->opaque;
assert(s->plugged);
-if (!--s->plugged) {
-for (i = 1; i < s->nr_queues; i++) {
-NVMeQueuePair *q = s->queues[i];
-qemu_mutex_lock(>lock);
-nvme_kick(s, q);
-nvme_process_completion(s, q);
-qemu_mutex_unlock(>lock);
-}
+s->plugged = false;
+for (i = 1; i < s->nr_queues; i++) {
+NVMeQueuePair *q = s->queues[i];
+qemu_mutex_lock(>lock);
+nvme_kick(s, q);
+nvme_process_completion(s, q);
+qemu_mutex_unlock(>lock);
}
}
--
2.17.1
[Qemu-devel] [PULL 09/17] tests: Allow overriding archive path with SRC_ARCHIVE
In VM based tests, the source archive is created in host, we don't have to run archive-source.sh again, as it complicates the Makefile and scripts. Signed-off-by: Fam Zheng Message-Id: <20180712012829.20231-4-f...@redhat.com> Tested-by: Philippe Mathieu-Daudé Signed-off-by: Fam Zheng --- tests/docker/Makefile.include | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include index 1aaa795743..d3101afecd 100644 --- a/tests/docker/Makefile.include +++ b/tests/docker/Makefile.include @@ -27,8 +27,11 @@ DOCKER_SRC_COPY := $(BUILD_DIR)/docker-src.$(CUR_TIME) $(DOCKER_SRC_COPY): @mkdir $@ - $(call quiet-command, cd $(SRC_PATH) && scripts/archive-source.sh $@/qemu.tar, \ - "GEN", "$@/qemu.tar") + $(if $(SRC_ARCHIVE), \ + $(call quiet-command, cp "$(SRC_ARCHIVE)" $@/qemu.tar, \ + "CP", "$@/qemu.tar"), \ + $(call quiet-command, cd $(SRC_PATH) && scripts/archive-source.sh $@/qemu.tar, \ + "GEN", "$@/qemu.tar")) $(call quiet-command, cp $(SRC_PATH)/tests/docker/run $@/run, \ "COPY","RUNNER") -- 2.17.1
[Qemu-devel] [PULL 14/17] tests/vm: Bump guest RAM up from 2G to 4G
From: Peter Maydell Currently we run the guests in a VM which is given only 2G of RAM. Since the guests are configured without any swap space, builds can fail because the system runs out of memory and kills the compiler, especially if the job count is set for a lot of parallelism. Bump the setting up from 2G to 4G to give us some more headroom. Signed-off-by: Peter Maydell Message-Id: <20180803085230.30574-5-peter.mayd...@linaro.org> Signed-off-by: Fam Zheng --- tests/vm/basevm.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/vm/basevm.py b/tests/vm/basevm.py index d73cba9edb..d7149dea7d 100755 --- a/tests/vm/basevm.py +++ b/tests/vm/basevm.py @@ -64,7 +64,7 @@ class BaseVM(object): else: self._stdout = self._devnull self._args = [ \ -"-nodefaults", "-m", "2G", +"-nodefaults", "-m", "4G", "-netdev", "user,id=vnet,hostfwd=:127.0.0.1:0-:22", "-device", "virtio-net-pci,netdev=vnet", "-vnc", "127.0.0.1:0,to=20", -- 2.17.1
[Qemu-devel] [PULL 05/17] aio-posix: Don't count ctx->notifier as progress when polling
The same logic exists in fd polling. This change is especially important
to avoid busy loop once we limit aio_notify_accept() to blocking
aio_poll().
Cc: qemu-sta...@nongnu.org
Signed-off-by: Fam Zheng
Message-Id: <20180809132259.18402-2-f...@redhat.com>
Signed-off-by: Fam Zheng
---
util/aio-posix.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/util/aio-posix.c b/util/aio-posix.c
index 118bf5784b..b5c7f463aa 100644
--- a/util/aio-posix.c
+++ b/util/aio-posix.c
@@ -494,7 +494,8 @@ static bool run_poll_handlers_once(AioContext *ctx)
QLIST_FOREACH_RCU(node, >aio_handlers, node) {
if (!node->deleted && node->io_poll &&
aio_node_check(ctx, node->is_external) &&
-node->io_poll(node->opaque)) {
+node->io_poll(node->opaque) &&
+node->opaque != >notifier) {
progress = true;
}
--
2.17.1
[Qemu-devel] [PULL 13/17] tests/vm: Propagate V=1 down into the make inside the VM
From: Peter Maydell
Invoking 'make vm-build-freebsd' and friends with V=1 should
propagate that verbosity setting down into the build run
inside the VM. Make sure we do that. This brings it into
line with how the container tests handle V=1.
Signed-off-by: Peter Maydell
Message-Id: <20180803085230.30574-4-peter.mayd...@linaro.org>
Signed-off-by: Fam Zheng
---
docs/devel/testing.rst| 1 +
tests/vm/Makefile.include | 1 +
tests/vm/basevm.py| 5 -
tests/vm/freebsd | 4 ++--
tests/vm/netbsd | 4 ++--
tests/vm/openbsd | 4 ++--
tests/vm/ubuntu.i386 | 2 +-
7 files changed, 13 insertions(+), 8 deletions(-)
diff --git a/docs/devel/testing.rst b/docs/devel/testing.rst
index 8e1fa3a66e..727c4019b5 100644
--- a/docs/devel/testing.rst
+++ b/docs/devel/testing.rst
@@ -434,6 +434,7 @@ Debugging
Add ``DEBUG=1`` and/or ``V=1`` to the make command to allow interactive
debugging and verbose output. If this is not enough, see the next section.
+``V=1`` will be propagated down into the make jobs in the guest.
Manual invocation
-
diff --git a/tests/vm/Makefile.include b/tests/vm/Makefile.include
index a5abb569c5..76f416286e 100644
--- a/tests/vm/Makefile.include
+++ b/tests/vm/Makefile.include
@@ -40,6 +40,7 @@ vm-build-%: tests/vm/%.img
$(if $(V)$(DEBUG), --debug) \
$(if $(DEBUG), --interactive) \
$(if $(J),--jobs $(J)) \
+ $(if $(V),--verbose) \
--image "$<" \
--build-qemu $(SRC_PATH), \
" VM-BUILD $*")
diff --git a/tests/vm/basevm.py b/tests/vm/basevm.py
index 1f1579dc9a..d73cba9edb 100755
--- a/tests/vm/basevm.py
+++ b/tests/vm/basevm.py
@@ -211,6 +211,8 @@ def parse_args(vm_name):
help="force build image even if image exists")
parser.add_option("--jobs", type=int, default=multiprocessing.cpu_count()
/ 2,
help="number of virtual CPUs")
+parser.add_option("--verbose", "-V", action="store_true",
+ help="Pass V=1 to builds within the guest")
parser.add_option("--build-image", "-b", action="store_true",
help="build image")
parser.add_option("--build-qemu",
@@ -241,7 +243,8 @@ def main(vmcls):
vm.add_source_dir(args.build_qemu)
cmd = [vm.BUILD_SCRIPT.format(
configure_opts = " ".join(argv),
- jobs=args.jobs)]
+ jobs=args.jobs,
+ verbose = "V=1" if args.verbose else "")]
else:
cmd = argv
img = args.image
diff --git a/tests/vm/freebsd b/tests/vm/freebsd
index 2187a17327..795f739c7b 100755
--- a/tests/vm/freebsd
+++ b/tests/vm/freebsd
@@ -23,8 +23,8 @@ class FreeBSDVM(basevm.BaseVM):
cd $(mktemp -d /var/tmp/qemu-test.XX);
tar -xf /dev/vtbd1;
./configure {configure_opts};
-gmake -j{jobs};
-gmake -j{jobs} check;
+gmake -j{jobs} {verbose};
+gmake -j{jobs} check {verbose};
"""
def build_image(self, img):
diff --git a/tests/vm/netbsd b/tests/vm/netbsd
index 2cc4798f0c..c211672bcb 100755
--- a/tests/vm/netbsd
+++ b/tests/vm/netbsd
@@ -23,8 +23,8 @@ class NetBSDVM(basevm.BaseVM):
cd $(mktemp -d /var/tmp/qemu-test.XX);
tar -xf /dev/rld1a;
./configure --python=python2.7 {configure_opts};
-gmake -j{jobs};
-gmake -j{jobs} check;
+gmake -j{jobs} {verbose};
+gmake -j{jobs} check {verbose};
"""
def build_image(self, img):
diff --git a/tests/vm/openbsd b/tests/vm/openbsd
index df6b79fe7d..1e0c2500ad 100755
--- a/tests/vm/openbsd
+++ b/tests/vm/openbsd
@@ -23,9 +23,9 @@ class OpenBSDVM(basevm.BaseVM):
cd $(mktemp -d /var/tmp/qemu-test.XX);
tar -xf /dev/rsd1c;
./configure --cc=x86_64-unknown-openbsd6.1-gcc-4.9.4
--python=python2.7 {configure_opts};
-gmake -j{jobs};
+gmake -j{jobs} {verbose};
# XXX: "gmake check" seems to always hang or fail
-#gmake -j{jobs} check;
+#gmake -j{jobs} check {verbose};
"""
def build_image(self, img):
diff --git a/tests/vm/ubuntu.i386 b/tests/vm/ubuntu.i386
index 2498fc7570..160b9be034 100755
--- a/tests/vm/ubuntu.i386
+++ b/tests/vm/ubuntu.i386
@@ -26,7 +26,7 @@ class UbuntuX86VM(basevm.BaseVM):
tar -xf /dev/vdb;
./configure {configure_opts};
make -j{jobs};
-make -j{jobs} check;
+make check -j{jobs} {verbose};
"""
def _gen_cloud_init_iso(self):
--
2.17.1
[Qemu-devel] [PULL 08/17] tests: Add an option for snapshot (default: off)
Not using snapshot has the benefit of automatically persisting useful
test harnesses, such as docker images and ccache database. Although it
will lose some cleanness, it is imaginably useful for patchew.
Signed-off-by: Fam Zheng
Message-Id: <20180712012829.20231-2-f...@redhat.com>
Tested-by: Philippe Mathieu-Daudé
Signed-off-by: Fam Zheng
---
tests/vm/basevm.py | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/tests/vm/basevm.py b/tests/vm/basevm.py
index d80cc8ab85..1f1579dc9a 100755
--- a/tests/vm/basevm.py
+++ b/tests/vm/basevm.py
@@ -217,6 +217,8 @@ def parse_args(vm_name):
help="build QEMU from source in guest")
parser.add_option("--interactive", "-I", action="store_true",
help="Interactively run command")
+parser.add_option("--snapshot", "-s", action="store_true",
+ help="run tests with a snapshot")
parser.disable_interspersed_args()
return parser.parse_args()
@@ -242,7 +244,10 @@ def main(vmcls):
jobs=args.jobs)]
else:
cmd = argv
-vm.boot(args.image + ",snapshot=on")
+img = args.image
+if args.snapshot:
+img += ",snapshot=on"
+vm.boot(img)
vm.wait_ssh()
except Exception as e:
if isinstance(e, SystemExit) and e.code == 0:
--
2.17.1
[Qemu-devel] [PULL 07/17] docker: Install more packages in centos7
This makes test-block work. Signed-off-by: Fam Zheng Message-Id: <20180711065813.14894-1-f...@redhat.com> Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Fam Zheng --- tests/docker/dockerfiles/centos7.docker | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/docker/dockerfiles/centos7.docker b/tests/docker/dockerfiles/centos7.docker index 575de29a0a..83462b7205 100644 --- a/tests/docker/dockerfiles/centos7.docker +++ b/tests/docker/dockerfiles/centos7.docker @@ -3,6 +3,7 @@ RUN yum install -y epel-release centos-release-xen RUN yum -y update ENV PACKAGES \ bison \ +bzip2 \ bzip2-devel \ ccache \ csnappy-devel \ @@ -12,10 +13,12 @@ ENV PACKAGES \ gettext \ git \ glib2-devel \ +libaio-devel \ libepoxy-devel \ libfdt-devel \ librdmacm-devel \ lzo-devel \ +nettle-devel \ make \ mesa-libEGL-devel \ mesa-libgbm-devel \ -- 2.17.1
[Qemu-devel] [PULL 10/17] tests: Add centos VM testing
This one does docker testing in the VM. It is intended to replace the
native docker testing on patchew testers.
Signed-off-by: Fam Zheng
Message-Id: <20180712012829.20231-5-f...@redhat.com>
Tested-by: Philippe Mathieu-Daudé
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Fam Zheng
---
tests/vm/Makefile.include | 3 +-
tests/vm/centos | 84 +++
2 files changed, 86 insertions(+), 1 deletion(-)
create mode 100755 tests/vm/centos
diff --git a/tests/vm/Makefile.include b/tests/vm/Makefile.include
index 5daa2a3b73..af19b7a4e6 100644
--- a/tests/vm/Makefile.include
+++ b/tests/vm/Makefile.include
@@ -2,7 +2,7 @@
.PHONY: vm-build-all
-IMAGES := ubuntu.i386 freebsd netbsd openbsd
+IMAGES := ubuntu.i386 freebsd netbsd openbsd centos
IMAGE_FILES := $(patsubst %, tests/vm/%.img, $(IMAGES))
.PRECIOUS: $(IMAGE_FILES)
@@ -14,6 +14,7 @@ vm-test:
@echo " vm-build-freebsd- Build QEMU in FreeBSD VM"
@echo " vm-build-netbsd - Build QEMU in NetBSD VM"
@echo " vm-build-openbsd- Build QEMU in OpenBSD VM"
+ @echo " vm-build-centos - Build QEMU in CentOS VM,
with Docker"
vm-build-all: $(addprefix vm-build-, $(IMAGES))
diff --git a/tests/vm/centos b/tests/vm/centos
new file mode 100755
index 00..afd560c564
--- /dev/null
+++ b/tests/vm/centos
@@ -0,0 +1,84 @@
+#!/usr/bin/env python
+#
+# CentOS image
+#
+# Copyright 2018 Red Hat Inc.
+#
+# Authors:
+# Fam Zheng
+#
+# This code is licensed under the GPL version 2 or later. See
+# the COPYING file in the top-level directory.
+#
+
+import os
+import sys
+import subprocess
+import basevm
+import time
+
+class CentosVM(basevm.BaseVM):
+name = "centos"
+BUILD_SCRIPT = """
+set -e;
+cd $(mktemp -d);
+export SRC_ARCHIVE=/dev/vdb;
+sudo chmod a+r $SRC_ARCHIVE;
+tar -xf $SRC_ARCHIVE;
+make docker-test-block@centos7 V={verbose} J={jobs};
+make docker-test-quick@centos7 V={verbose} J={jobs};
+make docker-test-mingw@fedora V={verbose} J={jobs};
+"""
+
+def _gen_cloud_init_iso(self):
+cidir = self._tmpdir
+mdata = open(os.path.join(cidir, "meta-data"), "w")
+mdata.writelines(["instance-id: centos-vm-0\n",
+ "local-hostname: centos-guest\n"])
+mdata.close()
+udata = open(os.path.join(cidir, "user-data"), "w")
+udata.writelines(["#cloud-config\n",
+ "chpasswd:\n",
+ " list: |\n",
+ "root:%s\n" % self.ROOT_PASS,
+ "%s:%s\n" % (self.GUEST_USER, self.GUEST_PASS),
+ " expire: False\n",
+ "users:\n",
+ " - name: %s\n" % self.GUEST_USER,
+ "sudo: ALL=(ALL) NOPASSWD:ALL\n",
+ "ssh-authorized-keys:\n",
+ "- %s\n" % basevm.SSH_PUB_KEY,
+ " - name: root\n",
+ "ssh-authorized-keys:\n",
+ "- %s\n" % basevm.SSH_PUB_KEY,
+ "locale: en_US.UTF-8\n"])
+udata.close()
+subprocess.check_call(["genisoimage", "-output", "cloud-init.iso",
+ "-volid", "cidata", "-joliet", "-rock",
+ "user-data", "meta-data"],
+ cwd=cidir,
+ stdin=self._devnull, stdout=self._stdout,
+ stderr=self._stdout)
+return os.path.join(cidir, "cloud-init.iso")
+
+def build_image(self, img):
+cimg =
self._download_with_cache("https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1802.qcow2.xz;)
+img_tmp = img + ".tmp"
+subprocess.check_call(["cp", "-f", cimg, img_tmp + ".xz"])
+subprocess.check_call(["xz", "-df", img_tmp + ".xz"])
+subprocess.check_call(["qemu-img", "resize", img_tmp, "50G"])
+self.boot(img_tmp, extra_args = ["-cdrom", self._gen_cloud_init_iso()])
+self.wait_ssh()
+self.ssh_root_check("touch /etc/cloud/cloud-init.disabled")
+self.ssh_root_check("yum update -y")
+self.ssh_root_check("yum install -y docker make git")
+self.ssh_root_check("systemctl enable docker")
+self.ssh_root("poweroff")
+self.wait()
+if os.path.exists(img):
+os.remove(img)
+os.rename(img_tmp, img)
+return 0
+
+if __name__ == "__main__":
+sys.exit(basevm.main(CentosVM))
--
2.17.1
[Qemu-devel] [PULL 03/17] nvme: Fix nvme_init error handling
It is wrong to leave this field as 1, as nvme_close() called in the
error handling code in nvme_file_open() will use it and try to free
s->queues again.
Another problem is the cleaning ups are duplicated between the fail*
labels of nvme_init() and nvme_file_open(), which calls nvme_close().
A third problem is nvme_close() misses g_free() and
event_notifier_cleanup().
Fix all of them.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Fam Zheng
Message-Id: <20180712025420.4932-1-f...@redhat.com>
Reviewed-by: Stefan Hajnoczi
Signed-off-by: Fam Zheng
---
block/nvme.c | 37 -
1 file changed, 12 insertions(+), 25 deletions(-)
diff --git a/block/nvme.c b/block/nvme.c
index 6f71122bf5..37805e8890 100644
--- a/block/nvme.c
+++ b/block/nvme.c
@@ -569,13 +569,13 @@ static int nvme_init(BlockDriverState *bs, const char
*device, int namespace,
s->vfio = qemu_vfio_open_pci(device, errp);
if (!s->vfio) {
ret = -EINVAL;
-goto fail;
+goto out;
}
s->regs = qemu_vfio_pci_map_bar(s->vfio, 0, 0, NVME_BAR_SIZE, errp);
if (!s->regs) {
ret = -EINVAL;
-goto fail;
+goto out;
}
/* Perform initialize sequence as described in NVMe spec "7.6.1
@@ -585,7 +585,7 @@ static int nvme_init(BlockDriverState *bs, const char
*device, int namespace,
if (!(cap & (1ULL << 37))) {
error_setg(errp, "Device doesn't support NVMe command set");
ret = -EINVAL;
-goto fail;
+goto out;
}
s->page_size = MAX(4096, 1 << (12 + ((cap >> 48) & 0xF)));
@@ -603,7 +603,7 @@ static int nvme_init(BlockDriverState *bs, const char
*device, int namespace,
PRId64 " ms)",
timeout_ms);
ret = -ETIMEDOUT;
-goto fail;
+goto out;
}
}
@@ -613,7 +613,7 @@ static int nvme_init(BlockDriverState *bs, const char
*device, int namespace,
s->queues[0] = nvme_create_queue_pair(bs, 0, NVME_QUEUE_SIZE, errp);
if (!s->queues[0]) {
ret = -EINVAL;
-goto fail;
+goto out;
}
QEMU_BUILD_BUG_ON(NVME_QUEUE_SIZE & 0xF000);
s->regs->aqa = cpu_to_le32((NVME_QUEUE_SIZE << 16) | NVME_QUEUE_SIZE);
@@ -633,14 +633,14 @@ static int nvme_init(BlockDriverState *bs, const char
*device, int namespace,
PRId64 " ms)",
timeout_ms);
ret = -ETIMEDOUT;
-goto fail_queue;
+goto out;
}
}
ret = qemu_vfio_pci_init_irq(s->vfio, >irq_notifier,
VFIO_PCI_MSIX_IRQ_INDEX, errp);
if (ret) {
-goto fail_queue;
+goto out;
}
aio_set_event_notifier(bdrv_get_aio_context(bs), >irq_notifier,
false, nvme_handle_event, nvme_poll_cb);
@@ -649,30 +649,15 @@ static int nvme_init(BlockDriverState *bs, const char
*device, int namespace,
if (local_err) {
error_propagate(errp, local_err);
ret = -EIO;
-goto fail_handler;
+goto out;
}
/* Set up command queues. */
if (!nvme_add_io_queue(bs, errp)) {
ret = -EIO;
-goto fail_handler;
}
-return 0;
-
-fail_handler:
-aio_set_event_notifier(bdrv_get_aio_context(bs), >irq_notifier,
- false, NULL, NULL);
-fail_queue:
-nvme_free_queue_pair(bs, s->queues[0]);
-fail:
-g_free(s->queues);
-if (s->regs) {
-qemu_vfio_pci_unmap_bar(s->vfio, 0, (void *)s->regs, 0, NVME_BAR_SIZE);
-}
-if (s->vfio) {
-qemu_vfio_close(s->vfio);
-}
-event_notifier_cleanup(>irq_notifier);
+out:
+/* Cleaning up is done in nvme_file_open() upon error. */
return ret;
}
@@ -739,8 +724,10 @@ static void nvme_close(BlockDriverState *bs)
for (i = 0; i < s->nr_queues; ++i) {
nvme_free_queue_pair(bs, s->queues[i]);
}
+g_free(s->queues);
aio_set_event_notifier(bdrv_get_aio_context(bs), >irq_notifier,
false, NULL, NULL);
+event_notifier_cleanup(>irq_notifier);
qemu_vfio_pci_unmap_bar(s->vfio, 0, (void *)s->regs, 0, NVME_BAR_SIZE);
qemu_vfio_close(s->vfio);
}
--
2.17.1
[Qemu-devel] [PULL 12/17] tests/vm: Pass the jobs parallelism setting to 'make check'
From: Peter Maydell
Our test suite works for parallel execution too, and this can
noticeably speed up a test run; pass the 'jobs' setting to
it as well as to the build proper.
Signed-off-by: Peter Maydell
Message-Id: <20180803085230.30574-3-peter.mayd...@linaro.org>
Signed-off-by: Fam Zheng
---
tests/vm/freebsd | 2 +-
tests/vm/netbsd | 2 +-
tests/vm/openbsd | 2 +-
tests/vm/ubuntu.i386 | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/tests/vm/freebsd b/tests/vm/freebsd
index 039dad8f69..2187a17327 100755
--- a/tests/vm/freebsd
+++ b/tests/vm/freebsd
@@ -24,7 +24,7 @@ class FreeBSDVM(basevm.BaseVM):
tar -xf /dev/vtbd1;
./configure {configure_opts};
gmake -j{jobs};
-gmake check;
+gmake -j{jobs} check;
"""
def build_image(self, img):
diff --git a/tests/vm/netbsd b/tests/vm/netbsd
index 3972d8b45c..2cc4798f0c 100755
--- a/tests/vm/netbsd
+++ b/tests/vm/netbsd
@@ -24,7 +24,7 @@ class NetBSDVM(basevm.BaseVM):
tar -xf /dev/rld1a;
./configure --python=python2.7 {configure_opts};
gmake -j{jobs};
-gmake check;
+gmake -j{jobs} check;
"""
def build_image(self, img):
diff --git a/tests/vm/openbsd b/tests/vm/openbsd
index 6ae16d97fd..df6b79fe7d 100755
--- a/tests/vm/openbsd
+++ b/tests/vm/openbsd
@@ -25,7 +25,7 @@ class OpenBSDVM(basevm.BaseVM):
./configure --cc=x86_64-unknown-openbsd6.1-gcc-4.9.4
--python=python2.7 {configure_opts};
gmake -j{jobs};
# XXX: "gmake check" seems to always hang or fail
-#gmake check;
+#gmake -j{jobs} check;
"""
def build_image(self, img):
diff --git a/tests/vm/ubuntu.i386 b/tests/vm/ubuntu.i386
index fc27b6935e..2498fc7570 100755
--- a/tests/vm/ubuntu.i386
+++ b/tests/vm/ubuntu.i386
@@ -26,7 +26,7 @@ class UbuntuX86VM(basevm.BaseVM):
tar -xf /dev/vdb;
./configure {configure_opts};
make -j{jobs};
-make check;
+make -j{jobs} check;
"""
def _gen_cloud_init_iso(self):
--
2.17.1
[Qemu-devel] [PULL 02/17] tests/vm: Add flex and bison to the vm image
From: Philippe Mathieu-Daudé
Similar to 79f24568e5e70, this fixes the following warnings:
CHK version_gen.h
LEX convert-dtsv0-lexer.lex.c
make[1]: flex: Command not found
BISON dtc-parser.tab.c
make[1]: bison: Command not found
LEX dtc-lexer.lex.c
make[1]: flex: Command not found
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20180628153535.1411-5-f4...@amsat.org>
Signed-off-by: Fam Zheng
---
tests/vm/ubuntu.i386 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/vm/ubuntu.i386 b/tests/vm/ubuntu.i386
index fc319e0e6e..fc27b6935e 100755
--- a/tests/vm/ubuntu.i386
+++ b/tests/vm/ubuntu.i386
@@ -77,7 +77,7 @@ class UbuntuX86VM(basevm.BaseVM):
# The previous update sometimes doesn't survive a reboot, so do it
again
self.ssh_root_check("apt-get update")
self.ssh_root_check("apt-get build-dep -y qemu")
-self.ssh_root_check("apt-get install -y libfdt-dev")
+self.ssh_root_check("apt-get install -y libfdt-dev flex bison")
self.ssh_root("poweroff")
self.wait()
if os.path.exists(img):
--
2.17.1
[Qemu-devel] [PULL 01/17] tests/vm: Only use -cpu 'host' if KVM is available
From: Philippe Mathieu-Daudé
If KVM is not available, then use the 'max' cpu.
This fixes:
ERROR:root:Log:
ERROR:root:qemu-system-x86_64: CPU model 'host' requires KVM
Failed to prepare guest environment
error: [Errno 104] Connection reset by peer
source/qemu/tests/vm/Makefile.include:25: recipe for target
'tests/vm/ubuntu.i386.img' failed
make: *** [tests/vm/ubuntu.i386.img] Error 2
Signed-off-by: Philippe Mathieu-Daudé
Message-Id: <20180628153535.1411-4-f4...@amsat.org>
Signed-off-by: Fam Zheng
---
tests/vm/basevm.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/vm/basevm.py b/tests/vm/basevm.py
index 3643117816..d80cc8ab85 100755
--- a/tests/vm/basevm.py
+++ b/tests/vm/basevm.py
@@ -65,7 +65,6 @@ class BaseVM(object):
self._stdout = self._devnull
self._args = [ \
"-nodefaults", "-m", "2G",
-"-cpu", "host",
"-netdev", "user,id=vnet,hostfwd=:127.0.0.1:0-:22",
"-device", "virtio-net-pci,netdev=vnet",
"-vnc", "127.0.0.1:0,to=20",
@@ -73,9 +72,11 @@ class BaseVM(object):
if vcpus:
self._args += ["-smp", str(vcpus)]
if os.access("/dev/kvm", os.R_OK | os.W_OK):
+self._args += ["-cpu", "host"]
self._args += ["-enable-kvm"]
else:
logging.info("KVM not available, not using -enable-kvm")
+self._args += ["-cpu", "max"]
self._data_args = []
def _download_with_cache(self, url, sha256sum=None):
--
2.17.1
[Qemu-devel] [PULL 00/17] Block and testing patches
The following changes since commit 38441756b70eec5807b5f60dad11a93a91199866: Update version for v3.0.0 release (2018-08-14 16:38:43 +0100) are available in the Git repository at: git://github.com/famz/qemu.git tags/block-and-testing-pull-request for you to fetch changes up to 37a81812f7b8367422a039eb09d915df543983ee: aio-posix: Improve comment around marking node deleted (2018-08-15 10:12:35 +0800) Block and testing patches for 3.1 - aio fixes by me - nvme fixes by Paolo and me - test improvements by Peter, Phil and me Fam Zheng (10): nvme: Fix nvme_init error handling aio-posix: Don't count ctx->notifier as progress when polling aio: Do aio_notify_accept only during blocking aio_poll docker: Install more packages in centos7 tests: Add an option for snapshot (default: off) tests: Allow overriding archive path with SRC_ARCHIVE tests: Add centos VM testing tests: vm: Add vm-clean-all tests/vm: Add vm-build-all/vm-clean-all in help text aio-posix: Improve comment around marking node deleted Paolo Bonzini (1): nvme: simplify plug/unplug Peter Maydell (4): tests/vm: Pass the jobs parallelism setting to 'make check' tests/vm: Propagate V=1 down into the make inside the VM tests/vm: Bump guest RAM up from 2G to 4G tests/vm: Use make's --output-sync option Philippe Mathieu-Daudé (2): tests/vm: Only use -cpu 'host' if KVM is available tests/vm: Add flex and bison to the vm image block/nvme.c| 57 +++-- docs/devel/testing.rst | 1 + tests/docker/Makefile.include | 7 ++- tests/docker/dockerfiles/centos7.docker | 3 + tests/vm/Makefile.include | 12 +++- tests/vm/basevm.py | 17 +++-- tests/vm/centos | 84 + tests/vm/freebsd| 4 +- tests/vm/netbsd | 4 +- tests/vm/openbsd| 4 +- tests/vm/ubuntu.i386| 6 +- util/aio-posix.c| 9 +-- util/aio-win32.c| 3 +- 13 files changed, 154 insertions(+), 57 deletions(-) create mode 100755 tests/vm/centos -- 2.17.1
Re: [Qemu-devel] [PATCH 1/3] qsp: QEMU's Synchronization Profiler
On Mon, 08/13 13:11, Emilio G. Cota wrote:
> + --enable-sync-profiler) sync_profiler="yes"
> + ;;
Curious, not asking for a change: can this be made a runtime option instead of
compile time, since there's no library dependencies? That should make this
somewhat easier to use.
> +
> +#define QSP_GEN_VOID(type_, qsp_t_, func_, impl_) \
> +void func_(type_ *obj, const char *file, unsigned line) \
> +{ \
> +struct qsp_entry *e = qsp_entry_get(obj, file, line, qsp_t_); \
> +int64_t t; \
> +\
No qsp_init()?
> +t = get_clock();\
> +impl_(obj, file, line); \
> +atomic_set(>ns, e->ns + get_clock() - t);\
> +atomic_set(>n_acqs, e->n_acqs + 1); \
> +}
> +
> +#define QSP_GEN_RET1(type_, qsp_t_, func_, impl_) \
> +int func_(type_ *obj, const char *file, unsigned line) \
> +{ \
> +struct qsp_entry *e = qsp_entry_get(obj, file, line, qsp_t_); \
> +int64_t t; \
> +int err;\
> +\
Same here.
> +t = get_clock();\
> +err = impl_(obj, file, line); \
> +atomic_set(>ns, e->ns + get_clock() - t);\
> +if (!err) { \
> +atomic_set(>n_acqs, e->n_acqs + 1); \
> +} \
> +return err; \
> +}
> +
> +QSP_GEN_VOID(QemuMutex, QSP_MUTEX, qsp_mutex_lock, qemu_mutex_lock_impl)
> +QSP_GEN_RET1(QemuMutex, QSP_MUTEX, qsp_mutex_trylock,
> qemu_mutex_trylock_impl)
> +
> +QSP_GEN_VOID(QemuRecMutex, QSP_REC_MUTEX, qsp_rec_mutex_lock,
> + qemu_rec_mutex_lock_impl)
> +QSP_GEN_RET1(QemuRecMutex, QSP_REC_MUTEX, qsp_rec_mutex_trylock,
> + qemu_rec_mutex_trylock_impl)
> +
> +void qsp_cond_wait(QemuCond *cond, QemuMutex *mutex, const char *file,
> + unsigned line)
> +{
> +struct qsp_entry *e;
> +int64_t t;
> +
> +qsp_init();
> +
> +e = qsp_entry_get(cond, file, line, QSP_CONDVAR);
> +t = get_clock();
> +qemu_cond_wait_impl(cond, mutex, file, line);
> +atomic_set(>ns, e->ns + get_clock() - t);
> +atomic_set(>n_acqs, e->n_acqs + 1);
Why not atomic_add (both here and in above macros)? Because fetching e->ns and
then updating it is not "atomic" this way.
Fam
Re: [Qemu-devel] [PATCH] qemu-options: Fix bad "macaddr" property in the documentation
On 2018年08月13日 20:31, Markus Armbruster wrote:
Thomas Huth writes:
When using the "-device" option, the property is called "mac".
"macaddr" is only used for the legacy "-net nic" option.
Indeed:
#define DEFINE_NIC_PROPERTIES(_state, _conf)\
--->DEFINE_PROP_MACADDR("mac", _state, _conf.macaddr),\
DEFINE_PROP_NETDEV("netdev", _state, _conf.peers)
Reported-by: Harald Hoyer
Signed-off-by: Thomas Huth
---
qemu-options.hx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu-options.hx b/qemu-options.hx
index b1bf0f4..3495531 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -2345,7 +2345,7 @@ qemu-system-i386 linux.img \
-netdev socket,id=n2,mcast=230.0.0.1:1234
# launch yet another QEMU instance on same "bus"
qemu-system-i386 linux.img \
- -device e1000,netdev=n3,macaddr=52:54:00:12:34:58 \
+ -device e1000,netdev=n3,mac=52:54:00:12:34:58 \
-netdev socket,id=n3,mcast=230.0.0.1:1234
@end example
Reviewed-by: Markus Armbruster
Applied.
Thanks
[Qemu-devel] [PATCH 2/2] qemu-img: Add dd seek= option
For feature parity with dd, we want to be able to specify
the offset within the output file, just as we can specify
the offset for the input (in particular, this makes copying
a subset range of guest-visible bytes from one file to
another much easier).
The code style for 'qemu-img dd' was pretty hard to read;
unfortunately this patch focuses only on adding the new
feature in the existing style rather than trying to improve
the overall flow, other than switching octal constants to
hex. Oh well.
Also, switch the test to use an offset of 0 instead of 1,
to test skip= and seek= on their own; as it is, this is
effectively quadrupling the test runtime, which starts
to make this test borderline on whether it should still
belong to './check -g quick'. And I didn't bother to
reindent the test shell code for the new nested loop.
Signed-off-by: Eric Blake
---
qemu-img.c | 41 --
tests/qemu-iotests/160 | 12 +-
tests/qemu-iotests/160.out | 304 +++--
3 files changed, 336 insertions(+), 21 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index d72f0f0ec94..ee01a18f331 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -195,7 +195,8 @@ static void QEMU_NORETURN help(void)
" 'count=N' copy only N input blocks\n"
" 'if=FILE' read from FILE\n"
" 'of=FILE' write to FILE\n"
- " 'skip=N' skip N bs-sized blocks at the start of input\n";
+ " 'skip=N' skip N bs-sized blocks at the start of input\n"
+ " 'seek=N' skip N bs-sized blocks at the start of output\n";
printf("%s\nSupported formats:", help_msg);
bdrv_iterate_format(format_print, NULL);
@@ -4296,11 +4297,12 @@ out:
return 0;
}
-#define C_BS 01
-#define C_COUNT 02
-#define C_IF 04
-#define C_OF 010
-#define C_SKIP020
+#define C_BS 0x1
+#define C_COUNT 0x2
+#define C_IF 0x4
+#define C_OF 0x8
+#define C_SKIP0x10
+#define C_SEEK0x20
struct DdInfo {
unsigned int flags;
@@ -4383,6 +4385,20 @@ static int img_dd_skip(const char *arg,
return 0;
}
+static int img_dd_seek(const char *arg,
+ struct DdIo *in, struct DdIo *out,
+ struct DdInfo *dd)
+{
+out->offset = cvtnum(arg);
+
+if (out->offset < 0) {
+error_report("invalid number: '%s'", arg);
+return 1;
+}
+
+return 0;
+}
+
static int img_dd(int argc, char **argv)
{
int ret = 0;
@@ -4399,6 +4415,7 @@ static int img_dd(int argc, char **argv)
const char *fmt = NULL;
int64_t size = 0;
int64_t block_count = 0, out_pos, in_pos, end;
+int64_t seek = 0;
bool force_share = false;
struct DdInfo dd = {
.flags = 0,
@@ -4423,6 +4440,7 @@ static int img_dd(int argc, char **argv)
{ "if", img_dd_if, C_IF },
{ "of", img_dd_of, C_OF },
{ "skip", img_dd_skip, C_SKIP },
+{ "seek", img_dd_seek, C_SEEK },
{ NULL, NULL, 0 }
};
const struct option long_options[] = {
@@ -4574,7 +4592,14 @@ static int img_dd(int argc, char **argv)
size = dd.count * in.bsz;
}
-qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, _abort);
+if (dd.flags & C_SEEK && out.offset * out.bsz > INT64_MAX - size) {
+error_report("Seek too large for '%s'", out.filename);
+ret = -1;
+goto out;
+}
+seek = out.offset * out.bsz;
+
+qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size + seek, _abort);
end = size + in_pos;
ret = bdrv_create(drv, out.filename, opts, _err);
@@ -4617,7 +4642,7 @@ static int img_dd(int argc, char **argv)
}
in_pos += in_ret;
-out_ret = blk_pwrite(blk2, out_pos, in.buf, in_ret, 0);
+out_ret = blk_pwrite(blk2, out_pos + seek, in.buf, in_ret, 0);
if (out_ret < 0) {
error_report("error while writing to output image file: %s",
diff --git a/tests/qemu-iotests/160 b/tests/qemu-iotests/160
index 48380a3aafc..0096911e75e 100755
--- a/tests/qemu-iotests/160
+++ b/tests/qemu-iotests/160
@@ -1,6 +1,6 @@
#! /bin/bash
#
-# qemu-img dd test for the skip option
+# qemu-img dd test for the skip/seek option
#
# Copyright (C) 2016 Reda Sallahi
#
@@ -41,10 +41,11 @@ _supported_fmt raw
_supported_proto file
_supported_os Linux
-TEST_SKIP_BLOCKS="1 2 30 30K"
+TEST_SKIP_BLOCKS="0 2 30 30K"
for skip in $TEST_SKIP_BLOCKS; do
for count in '' 'count=1 '; do
+ for seek in $TEST_SKIP_BLOCKS; do
echo
echo "== Creating image =="
@@ -54,18 +55,19 @@ for skip in $TEST_SKIP_BLOCKS; do
$QEMU_IO -c "write -P 0xa 24 512k" "$TEST_IMG" | _filter_qemu_io
echo
-echo "== Converting the image with dd with ${count}skip=$skip =="
+echo "== Converting the image with dd with ${count}skip=$skip seek=$seek
=="
-$QEMU_IMG dd if="$TEST_IMG" of="$TEST_IMG.out" $count skip="$skip" -O
"$IMGFMT" \
+$QEMU_IMG dd if="$TEST_IMG" of="$TEST_IMG.out" $count
[Qemu-devel] [PATCH 0/2] Improve qemu-img dd
I was trying to test NBD fleecing by copying subsets of one file to another, and had the idea to use: $ export NBD drive to be fleeced on port 10809 $ qemu-img create -f qcow2 copy $size $ qemu-nbd -f qcow2 -p 10810 copy $ qemu-img dd -f raw -O raw if=nbd://localhost:10809 of=nbd://localhost:10810 \ skip=$offset seek=$offset count=$((len/cluster)) bs=$cluster except that seek= wasn't implemented. And in implementing that, I learned that skip= is broken when combined with count=. [In the meantime, I had to use: $ export NBD drive to be fleeced on port 10809 $ modprobe nbd $ qemu-nbd -c /dev/nbd0 -f raw nbd://localhost:10809 $ qemu-nbd -c /dev/nbd1 -f qcow2 copy $ dd if=/dev/nbd0 of/dev/nbd1 \ skip=$offset seek=$offset count=$((len/cluster)) bs=$cluster to get the behavior I needed (basically, create an empty qcow2 destination file, then plug in the guest-visible data based on the subsets of the disk of my choosing, by reading the block status/dirty bitmap over NBD). But bouncing through three NBD client/server pairs just so I can use plain 'dd' instead of just two pairs with 'qemu-img dd' feels dirty. ] Eric Blake (2): qemu-img: Fix dd with skip= and count= qemu-img: Add dd seek= option qemu-img.c | 76 ++ tests/qemu-iotests/160 | 15 +- tests/qemu-iotests/160.out | 344 - 3 files changed, 397 insertions(+), 38 deletions(-) -- 2.14.4
[Qemu-devel] [PATCH 1/2] qemu-img: Fix dd with skip= and count=
When both skip= and count= are active, qemu-img dd was not copying
enough data. It didn't help that the code made the same check for
dd.flags & C_SKIP in two separate places. Compute 'size' as the
amount of bytes to be read, and 'end' as the offset to end at,
rather than trying to cram both meanings into a single variable
(which only worked as long as we had at most one of those two
limiting factors to worry about, but not both).
Enhance the test to cover more combinations, and expose the problem.
Signed-off-by: Eric Blake
CC: qemu-sta...@nongnu.org
---
qemu-img.c | 39 -
tests/qemu-iotests/160 | 9 ++---
tests/qemu-iotests/160.out | 48 ++
3 files changed, 70 insertions(+), 26 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index 1acddf693c6..d72f0f0ec94 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -4398,7 +4398,7 @@ static int img_dd(int argc, char **argv)
const char *out_fmt = "raw";
const char *fmt = NULL;
int64_t size = 0;
-int64_t block_count = 0, out_pos, in_pos;
+int64_t block_count = 0, out_pos, in_pos, end;
bool force_share = false;
struct DdInfo dd = {
.flags = 0,
@@ -4559,19 +4559,23 @@ static int img_dd(int argc, char **argv)
goto out;
}
+/* Overflow means the specified offset is beyond input image's size */
+if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
+ size < in.bsz * in.offset)) {
+size = 0;
+error_report("%s: cannot skip to specified offset", in.filename);
+} else {
+size -= in.offset * in.bsz;
+in_pos = in.offset * in.bsz;
+}
+
if (dd.flags & C_COUNT && dd.count <= INT64_MAX / in.bsz &&
dd.count * in.bsz < size) {
size = dd.count * in.bsz;
}
-/* Overflow means the specified offset is beyond input image's size */
-if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
- size < in.bsz * in.offset)) {
-qemu_opt_set_number(opts, BLOCK_OPT_SIZE, 0, _abort);
-} else {
-qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
-size - in.bsz * in.offset, _abort);
-}
+qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, _abort);
+end = size + in_pos;
ret = bdrv_create(drv, out.filename, opts, _err);
if (ret < 0) {
@@ -4595,24 +4599,13 @@ static int img_dd(int argc, char **argv)
goto out;
}
-if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
- size < in.offset * in.bsz)) {
-/* We give a warning if the skip option is bigger than the input
- * size and create an empty output disk image (i.e. like dd(1)).
- */
-error_report("%s: cannot skip to specified offset", in.filename);
-in_pos = size;
-} else {
-in_pos = in.offset * in.bsz;
-}
-
in.buf = g_new(uint8_t, in.bsz);
-for (out_pos = 0; in_pos < size; block_count++) {
+for (out_pos = 0; in_pos < end; block_count++) {
int in_ret, out_ret;
-if (in_pos + in.bsz > size) {
-in_ret = blk_pread(blk1, in_pos, in.buf, size - in_pos);
+if (in_pos + in.bsz > end) {
+in_ret = blk_pread(blk1, in_pos, in.buf, end - in_pos);
} else {
in_ret = blk_pread(blk1, in_pos, in.buf, in.bsz);
}
diff --git a/tests/qemu-iotests/160 b/tests/qemu-iotests/160
index 5c910e5bfc1..48380a3aafc 100755
--- a/tests/qemu-iotests/160
+++ b/tests/qemu-iotests/160
@@ -44,6 +44,7 @@ _supported_os Linux
TEST_SKIP_BLOCKS="1 2 30 30K"
for skip in $TEST_SKIP_BLOCKS; do
+ for count in '' 'count=1 '; do
echo
echo "== Creating image =="
@@ -53,17 +54,19 @@ for skip in $TEST_SKIP_BLOCKS; do
$QEMU_IO -c "write -P 0xa 24 512k" "$TEST_IMG" | _filter_qemu_io
echo
-echo "== Converting the image with dd with skip=$skip =="
+echo "== Converting the image with dd with ${count}skip=$skip =="
-$QEMU_IMG dd if="$TEST_IMG" of="$TEST_IMG.out" skip="$skip" -O "$IMGFMT" \
+$QEMU_IMG dd if="$TEST_IMG" of="$TEST_IMG.out" $count skip="$skip" -O
"$IMGFMT" \
2> /dev/null
TEST_IMG="$TEST_IMG.out" _check_test_img
-dd if="$TEST_IMG" of="$TEST_IMG.out.dd" skip="$skip" status=none
+dd if="$TEST_IMG" of="$TEST_IMG.out.dd" $count skip="$skip" status=none
echo
echo "== Compare the images with qemu-img compare =="
$QEMU_IMG compare "$TEST_IMG.out.dd" "$TEST_IMG.out"
+rm "$TEST_IMG.out.dd"
+ done
done
echo
diff --git a/tests/qemu-iotests/160.out b/tests/qemu-iotests/160.out
index 9cedc803566..6147a8493d6 100644
--- a/tests/qemu-iotests/160.out
+++ b/tests/qemu-iotests/160.out
@@ -18,6 +18,18 @@ No errors were found on the image.
wrote 524288/524288 bytes at offset 24
512 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+== Converting the image with dd
[Qemu-devel] [PATCH v3] slirp: fix ICMP handling on macOS hosts
On Linux, SOCK_DGRAM+IPPROTO_ICMP sockets give only the ICMP packet when
read from. On macOS, however, the socket acts like a SOCK_RAW socket
and includes the IP header as well.
This change strips the extra IP header from the received packet on macOS
before sending it to the guest. SOCK_DGRAM ICMP sockets aren't
supported on other BSDs, but we enable this behavior for them as well to
treat the sockets the same as raw sockets.
Signed-off-by: Andrew Oates
---
v2: check validity of inner_hlen and update len appropriately
v3: CONFIG_DARWIN -> CONFIG_BSD; add comment explaining #ifdef
slirp/ip_icmp.c | 24 +++-
1 file changed, 23 insertions(+), 1 deletion(-)
diff --git a/slirp/ip_icmp.c b/slirp/ip_icmp.c
index 0b667a429a..0e289fd9d9 100644
--- a/slirp/ip_icmp.c
+++ b/slirp/ip_icmp.c
@@ -420,7 +420,29 @@ void icmp_receive(struct socket *so)
icp = mtod(m, struct icmp *);
id = icp->icmp_id;
-len = qemu_recv(so->s, icp, m->m_len, 0);
+len = qemu_recv(so->s, icp, M_ROOM(m), 0);
+/*
+ * The behavior of reading SOCK_DGRAM+IPPROTO_ICMP sockets is inconsistent
+ * between host OSes. On Linux, only the ICMP header and payload is
+ * included. On macOS/Darwin, the socket acts like a raw socket and
+ * includes the IP header as well. On other BSDs, SOCK_DGRAM+IPPROTO_ICMP
+ * sockets aren't supported at all, so we treat them like raw sockets. It
+ * isn't possible to detect this difference at runtime, so we must use an
+ * #ifdef to determine if we need to remove the IP header.
+ */
+#ifdef CONFIG_BSD
+if (len > 0) {
+struct ip *inner_ip = mtod(m, struct ip *);
+int inner_hlen = inner_ip->ip_hl << 2;
+if (inner_hlen > len) {
+len = -1;
+errno = -EINVAL;
+} else {
+len -= inner_hlen;
+memmove(icp, (unsigned char *)icp + inner_hlen, len);
+}
+}
+#endif
icp->icmp_id = id;
m->m_data -= hlen;
--
2.18.0.865.gffc8e1a3cd6-goog
[Qemu-devel] [Bug 1787070] [NEW] Guests using the qxl-vga are freezing
Public bug reported: I have noticed that guests using qxl-vga are freezing. They may freeze after a few minutes or after many hours. The freeze consists of the entire system hanging, except the cursor, but the cursor animation stops too. Changing to tty is not possible after this. There are three things noticed in common on the guests when they freeze: -The guest is using the QXL VGA (freezes weren't observed with other VGAs); -A new workload is starting; -The mouse cursor is the animated as the one of loading. For example, https://i.imgur.com/raQFteG.png The host is Xubuntu 18.04 amd64, QEMU version is 3.0.0-dirty. The guests tested were: -openSUSE Tumbleweed; -openSUSE Leap 15; -Xubuntu 18.04 Bionic Beaver; -CentOS 7. With openSUSE guests, the install process couldn't even be finished, as the installer would freeze. There were 2 GB of available memory (checked in a tty before the freeze) and netconsole was enabled. Unfortunately, it was impossible to obtain any information from them. This is an image of one openSUSE guest frozen: https://i.imgur.com/ZP0eQKq.png The command line used was: qemu-system-x86_64 -nodefaults -m 3072 -M pc,usb=true -accel kvm -cpu host -smp cores=2,threads=2 -device qemu-xhci -drive id=centusb,if=none,file=leap.qcow2 -device usb- storage,id=centusb,drive=centusb -netdev user,id=n0 -device usb- tablet,id=usbtablet -device e1000,netdev=n0 -device usb- audio,id=usbaudio -device qxl-vga,xres=1366,yres=768 -display gtk -monitor vc -serial vc -cdrom "openSUSE-Leap-15.0-DVD-x86_64.iso" -boot d With CentOS guests, the install process fail sometimes, but sometimes it's able to install. However, on the yum update, it would freeze too. In one instance it froze while updating glibc, which made the guest unbootable. https://i.imgur.com/B3WhSDX.png The command line used was: qemu-system-x86_64 -nodefaults -m 2048 -M pc,usb=true -accel kvm -cpu host -smp cores=2,threads=2 -device qemu-xhci -drive id=centusb,if=none,file=centos.qcow2 -device usb- storage,id=centusb,drive=centusb -netdev user,id=n0 -device usb- tablet,id=usbtablet -device e1000,netdev=n0 -device usb- audio,id=usbaudio -device virtio-vga,virgl=true -display gtk -monitor vc -serial vc -cdrom "CentOS-7-livecd-GNOME-x86_64.iso" -bios /usr/share/ovmf/OVMF.fd With Xubuntu 18.04 guests, the system worked for many hours until the freeze happened. On this case it happened when opening Audacious. Fortunately, the logging services worked for some time, which allowed me to get a relevant message which can be seen at http://termbin.com/nuof . It repeated a few times, but then the logging stopped. https://i.imgur.com/2zckqj5.png shows the guest screen in the moment it froze. The command line used was: qemu-system-x86_64 -nodefaults -m 1024 -M pc,usb=true -accel kvm -cpu host -smp cores=2,threads=2 -device qemu-xhci -drive id=centusb,if=none,file=xubmini -device usb- storage,id=centusb,drive=centusb -netdev user,id=n0 -device usb- tablet,id=usbtablet -device e1000,netdev=n0 -device usb- audio,id=usbaudio -device qxl-vga,xres=1366,yres=768 -display gtk -monitor vc -serial vc I'm sorry for not having more detailed information but, even setting netconsole, openSUSE and CentOS guests were unable to print any information. ** Affects: qemu Importance: Undecided Status: New -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1787070 Title: Guests using the qxl-vga are freezing Status in QEMU: New Bug description: I have noticed that guests using qxl-vga are freezing. They may freeze after a few minutes or after many hours. The freeze consists of the entire system hanging, except the cursor, but the cursor animation stops too. Changing to tty is not possible after this. There are three things noticed in common on the guests when they freeze: -The guest is using the QXL VGA (freezes weren't observed with other VGAs); -A new workload is starting; -The mouse cursor is the animated as the one of loading. For example, https://i.imgur.com/raQFteG.png The host is Xubuntu 18.04 amd64, QEMU version is 3.0.0-dirty. The guests tested were: -openSUSE Tumbleweed; -openSUSE Leap 15; -Xubuntu 18.04 Bionic Beaver; -CentOS 7. With openSUSE guests, the install process couldn't even be finished, as the installer would freeze. There were 2 GB of available memory (checked in a tty before the freeze) and netconsole was enabled. Unfortunately, it was impossible to obtain any information from them. This is an image of one openSUSE guest frozen: https://i.imgur.com/ZP0eQKq.png The command line used was: qemu-system-x86_64 -nodefaults -m 3072 -M pc,usb=true -accel kvm -cpu host -smp cores=2,threads=2 -device qemu-xhci -drive id=centusb,if=none,file=leap.qcow2 -device usb- storage,id=centusb,drive=centusb -netdev user,id=n0 -device usb- tablet,id=usbtablet -device e1000,netdev=n0
Re: [Qemu-devel] [PATCH 2/3] monitor: show sync profiling info with 'info sync'
On Tue, Aug 14, 2018 at 10:43:47 +0100, Dr. David Alan Gilbert wrote: > * Emilio G. Cota (c...@braap.org) wrote: > > +@item info sync > > As long as this is just for devs I'm OK with this from the HMP side; > however, if you want to automate the display or wire it to other > tools then you should probably wire it up via QMP. On Tue, Aug 14, 2018 at 18:03:32 +0200, Markus Armbruster wrote: > "Emilio G. Cota" writes: > > +@item info sync > > Please explain briefly why you think this command is not going to be > useful in QMP. Recommend to do that right in your commit message. For > instance, you could argue that the information provided is useful only > to developers, and developers are just fine with getting it from HMP > "info sync". > > However, if we expect developers to further process the data, providing > it as JSON (via QMP) makes sense, because is saves them the trouble of > parsing your (undocumented) HMP output format. > > If we decide we want to provide the functionality in QMP, I can help you > with the necessary code changes. Thanks Dave and Markus for taking a look. This is just for developers. This means (1) the info displayed and the output format could change in the future, and (2) it is only meant to be used from HMP "info sync-profile". I'll include the above in the commit log, as Markus suggested. > > +.name = "sync", > > I think "info sync-profile" would be clearer. Done. Thanks, Emilio
Re: [Qemu-devel] [PATCH 2/3] monitor: show sync profiling info with 'info sync'
On Tue, Aug 14, 2018 at 10:14:01 +0200, Paolo Bonzini wrote: > On 13/08/2018 19:11, Emilio G. Cota wrote: > Would it make sense to add a flag to sort by average wait time Done: (qemu) help info sync-profile info sync-profile [-m] [max] -- show sync profiling info \ for up to max entries (default: 10). By default, entries \ are sorted by total wait time; -m sorts by mean wait time. (qemu) info sync-profile 3 Type Object Call site Wait Time (s) Count Average (us) condvar0x560cc9909e50 cpus.c:1165 63.63428 16081 3957.11 condvar0x560cc9909e50 cpus.c:1415 0.21074 2 105371.07 BQL mutex 0x560cc85a3fa0 util/rcu.c:2690.2022720 10113.60 (qemu) info sync-profile -m 3 Type Object Call site Wait Time (s) Count Average (us) condvar0x560cc9909e50 cpus.c:1415 0.21074 2 105371.07 BQL mutex 0x560cc85a3fa0 util/rcu.c:2690.2022721 9632.00 condvar0x560cc9909e50 cpus.c:1165 71.92799 18167 3959.27 >, and one to coalesce all mutexes for the same call site? I am not sure I understand. Do you mean to pass a specific call site, so that we coalesce all entries related to the call site's object? Or to keep the call sites separate, but only report entries related to that specific call site's object? Thanks, Emilio
[Qemu-devel] [Bug 1785698] Did this work?
Here's a mystery. It looks like I finally have a clean compile - there
are no error messages but I don't see an executable. Is there supposed
to be something called "qemu" somewhere now? I looked in build/, the
top level, and /usr/local/bin/.
# gmake V=1
(cd /export/home/denber/qemu-2.12.0; if test -n ""; then pkgvers="";
else if test -d .git; then pkgvers=$(git describe --match 'v*'
2>/dev/null | tr -d '\n'); if ! git diff-index --quiet HEAD &>/dev/null;
then pkgvers="${pkgvers}-dirty"; fi; fi; fi; printf "#define
QEMU_PKGVERSION \"${pkgvers}\"\n"; if test -n "${pkgvers}"; then printf
'#define QEMU_FULL_VERSION QEMU_VERSION " (" QEMU_PKGVERSION ")"\n';
else printf '#define QEMU_FULL_VERSION QEMU_VERSION\n'; fi; ) >
qemu-version.h.tmp
if ! cmp -s qemu-version.h qemu-version.h.tmp; then mv
qemu-version.h.tmp qemu-version.h; else rm qemu-version.h.tmp; fi
mkdir -p dtc/libfdt
mkdir -p dtc/tests
gmake -I/export/home/denber/qemu-2.12.0/dtc
VPATH=/export/home/denber/qemu-2.12.0/dtc -C dtc V="1"
LIBFDT_srcdir=/export/home/denber/qemu-2.12.0/dtc/libfdt
CPPFLAGS="-I/export/home/denber/qemu-2.12.0/build/dtc
-I/export/home/denber/qemu-2.12.0/dtc
-I/export/home/denber/qemu-2.12.0/dtc/libfdt" CFLAGS="-O2
-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g -I/opt/csw/include/pixman-1
-I/export/home/denber/qemu-2.12.0/dtc/libfdt -D_REENTRANT -D_PTHREADS
-I/opt/csw/include/glib-2.0 -I/opt/csw/lib/glib-2.0/include -m32
-mv8plus -mcpu=ultrasparc -std=gnu99 -D__EXTENSIONS__
-D_XOPEN_SOURCE=600 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common
-fwrapv -Wexpansion-to-defined -Wendif-labels -Wno-shift-negative-value
-Wno-missing-include-dirs -Wempty-body -Wnested-externs
-Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers
-Wold-style-declaration -Wold-style-definition -Wtype-limits
-fstack-protector-strong -I/opt/csw/include -I/usr/include/libpng12
-I/export/home/denber/qemu-2.12.0/capstone/include
-I/export/home/denber/qemu-2.12.0/tests" LDFLAGS="-m32 -mv8plus -g "
ARFLAGS="rv" CC="gcc" AR="ar" LD="ld"
BUILD_DIR=/export/home/denber/qemu-2.12.0/build libfdt/libfdt.a
gmake[1]: Entering directory '/export/home/denber/qemu-2.12.0/build/dtc'
gmake[1]: 'libfdt/libfdt.a' is up to date.
gmake[1]: Leaving directory '/export/home/denber/qemu-2.12.0/build/dtc'
gmake -C /export/home/denber/qemu-2.12.0/capstone CAPSTONE_SHARED=no
BUILDDIR="/export/home/denber/qemu-2.12.0/build/capstone" CC="gcc"
AR="ar" LD="ld" RANLIB="ranlib" CFLAGS="-O2 -U_FORTIFY_SOURCE
-D_FORTIFY_SOURCE=2 -g -I/opt/csw/include/pixman-1
-I/export/home/denber/qemu-2.12.0/dtc/libfdt -D_REENTRANT -D_PTHREADS
-I/opt/csw/include/glib-2.0 -I/opt/csw/lib/glib-2.0/include -m32
-mv8plus -mcpu=ultrasparc -std=gnu99 -D__EXTENSIONS__
-D_XOPEN_SOURCE=600 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE -fno-strict-aliasing -fno-common -fwrapv
-fstack-protector-strong -I/opt/csw/include -I/usr/include/libpng12
-I/export/home/denber/qemu-2.12.0/capstone/include
-I/export/home/denber/qemu-2.12.0/tests -DCAPSTONE_USE_SYS_DYN_MEM
-DCAPSTONE_HAS_ARM -DCAPSTONE_HAS_ARM64 -DCAPSTONE_HAS_POWERPC
-DCAPSTONE_HAS_X86" BUILD_DIR=/export/home/denber/qemu-2.12.0/build
/export/home/denber/qemu-2.12.0/build/capstone/libcapstone.a
gmake[1]: Entering directory '/export/home/denber/qemu-2.12.0/capstone'
gmake[1]: '/export/home/denber/qemu-2.12.0/build/capstone/libcapstone.a'
is up to date.
gmake[1]: Leaving directory '/export/home/denber/qemu-2.12.0/capstone'
gmake BUILD_DIR=/export/home/denber/qemu-2.12.0/build -C x86_64-softmmu
V="1" TARGET_DIR="x86_64-softmmu/" all
gmake[1]: Entering directory
'/export/home/denber/qemu-2.12.0/build/x86_64-softmmu'
gmake[1]: Leaving directory
'/export/home/denber/qemu-2.12.0/build/x86_64-softmmu'
#
I even did a gmake clean and then gmake again. No change - no errors
and no executable. ???
- Michele
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1785698
Title:
Solaris build error: unknown type name ‘gcry_error_t’
Status in QEMU:
New
Bug description:
Building qemu 2.12.0 on a Sun Oracle Enterprise M3000 SPARC64 VII,
Solaris 10 Update 11, opencsw toolchain and gcc 7.3.0, gmake fails
with a bunch of related errors all in cypher-gcrypt.c:
/export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:32: error:
‘gcry_cipher_hd_t’ undeclared (first use in this function); did you mean
‘gcry_cipher_info’?
err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src,
length);^~~~
gcry_cipher_info
/export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:49: error:
expected ‘)’ before ‘ctx’
err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst,
Re: [Qemu-devel] [PATCH 1/3] qsp: QEMU's Synchronization Profiler
On Tue, Aug 14, 2018 at 10:13:12 +0200, Paolo Bonzini wrote: > On 13/08/2018 19:11, Emilio G. Cota wrote: > > +struct qsp_report rep; > > Don't like camelcase? But that's really all that I have to remark on > this lovely series. I have a strong aversion to it :-) But if that's a deal breaker, let me know. Thanks, E.
Re: [Qemu-devel] [PATCH 3/3] qom: implement CPU list with an RCU QLIST
On Tue, Aug 14, 2018 at 08:26:54 +0200, Paolo Bonzini wrote: > On 13/08/2018 18:38, Emilio G. Cota wrote: > > Fix it by implementing the CPU list as an RCU QLIST. This requires > > a little bit of extra work to insert CPUs at the tail of > > the list and to iterate over the list in reverse order (see previous patch). > > > > One might be tempted to just insert new CPUs at the head of the list. > > However, I think this might lead to hard-to-debug issues, since it is > > possible that callers are assuming that CPUs are inserted at the tail > > (just like spapr code did in the previous patch). So instead of auditing > > all callers, this patch simply keeps the old behaviour. > > Why not add an RCU_QSIMPLEQ Because we can't atomically update both head.last and item.next. > , or even use an array since the quadratic > behavior should not be an issue? The advantage of the array is that > reverse iteration becomes trivial. I just gave this a shot. IMO implementing CPU_NEXT based on the array is too ugly to live. I think the poor man's tail insert + the CPU_FOREACH_REVERSE are a better compromise. Thanks, Emilio
Re: [Qemu-devel] [PATCH v4 00/29] vhost-user for input & GPU
On Fri, Jul 13, 2018 at 3:12 PM Marc-André Lureau
wrote:
>
> Hi,
>
> vhost-user allows to drive a virtio device in a seperate
> process. After vhost-user-net, we have seen
> vhost-user-{scsi,blk,crypto} added more recently.
>
> This series, initially proposed 2 years ago
> (https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01905.html)
> contributes with vhost-user-input and vhost-user-gpu.
>
> Additionally, to factor out common code and ease the usage, a
> vhost-user-backend is introduced as an intermediary object between the
> backend and the qemu device.
>
> You may start a vhost-user-gpu with virgl rendering in a separate
> process like this:
>
> $ ./vhost-user-gpu --virgl -s vgpu.sock &
> $ qemu...
> -chardev socket,id=chr,path=vgpu.sock
> -object vhost-user-backend,id=vug,chardev=chr
> -device vhost-user-vga,vhost-user=vug
>
> You may also specify the backend command and the arguments as part of
> vhost-user-backend qemu arguments. For example, to start a
> vhost-user-input backend on input device /dev/input/event19:
>
> -object vhost-user-backend,id=vuid,cmd="vhost-user-input /dev/input/event19"
> -device virtio-input-host-pci,vhost-user=vuid
>
> The vhost-user-gpu backend requires virgl from git.
>
> The libvirt support is on-going work:
> https://github.com/elmarco/libvirt/commits/vhost-user-gpu
>
> The GPU benchmarks are encouraging, giving up to x5 performance on
> Unigine Heaven 4.0.
>
> Feedback welcome,
ping
fwiw, there is a related series for libvirt support: "[libvirt] [RFC
PATCH 00/17] Add vhost-user-gpu support"
thanks
>
> v4:
> - move qemu_write_pidfile() in util, improve it a bit
> - add --pid and --fd arguments to vhost-user to help with libvirt support
> - various bug fixes for synchronization, and tearing down
>
> v3: deal with most comments from rfcv2 and various improvements
> - "vhost-user-backend: allow to specify binary to execute" as seperate
> patch, not for inclusion since Daniel as concerned about parsing
> shell strings with glib
> - use dmabuf to share 2d rendering result (with intel gem only atm)
> - document the vhost-user-gpu protocol
> - make vhost-user-gpu-pci and vhost-user-vga seperate devices (instead
>of adding vhost-user support to existing devices)
> - allow to specify virgl rendering, and rendernode
> - let's promote out of RFC status :)
>
> RFCv2: (addressing some of Gerd comments digged in the archives)
> - rebased, clean ups, various small fixes, update commit messages
> - teach the vhost-user-backend to take a chardev
> - add vhost-user-input-pci, instead of adding vhost code to
> virtio-input-host-pci
>
> Marc-André Lureau (29):
> chardev: avoid crash if no associated address
> chardev: remove qemu_chr_fe_read_all() counter
> chardev: unref if underlying chardev has no parent
> dmabuf: add y0_top, pass it to spice
> vhost-user: simplify vhost_user_init/vhost_user_cleanup
> libvhost-user: exit by default on VHOST_USER_NONE
> vhost-user: wrap some read/write with retry handling
> Add vhost-user-backend
> qio: add qio_channel_command_new_spawn_with_pre_exec()
> HACK: vhost-user-backend: allow to specify binary to execute
> vhost-user: split vhost_user_read()
> vhost-user: add vhost_user_input_get_config()
> libvhost-user: export vug_source_new()
> contrib: add vhost-user-input
> Add vhost-user-input-pci
> vhost-user: add vhost_user_gpu_set_socket()
> vhost-user: add vhost_user_gpu_get_num_capsets()
> virtio: add virtio-gpu bswap helpers header
> util: promote qemu_egl_rendernode_open() to libqemuutil
> util: add qemu_write_pidfile()
> util: use fcntl() for qemu_write_pidfile() locking
> contrib: add vhost-user-gpu
> virtio-gpu: remove unused qdev
> virtio-gpu: remove unused config_size
> virtio-gpu: block both 2d and 3d rendering
> virtio-gpu: remove useless 'waiting' field
> virtio-gpu: split virtio-gpu, introduce virtio-gpu-base
> virtio-gpu: split virtio-gpu-pci & virtio-vga
> hw/display: add vhost-user-vga & gpu-pci
>
> contrib/libvhost-user/libvhost-user-glib.h |3 +
> contrib/libvhost-user/libvhost-user.h |3 +
> contrib/vhost-user-gpu/drm.h | 63 ++
> contrib/vhost-user-gpu/virgl.h | 25 +
> contrib/vhost-user-gpu/vugpu.h | 168 +++
> hw/display/virtio-vga.h| 22 +
> hw/virtio/virtio-pci.h | 27 +-
> include/hw/virtio/vhost-backend.h |6 +
> include/hw/virtio/vhost-user-blk.h |2 +-
> include/hw/virtio/vhost-user-scsi.h|2 +-
> include/hw/virtio/vhost-user.h |2 +-
> include/hw/virtio/virtio-gpu-bswap.h | 61 +
> include/hw/virtio/virtio-gpu.h | 90 +-
> include/hw/virtio/virtio-input.h | 14 +
> include/io/channel-command.h | 18 +
> include/qemu/drm.h |6 +
> include/qemu/osdep.h |3 +-
>
Re: [Qemu-devel] [PATCH v0 0/7] Background snapshots
On 08/13/2018 12:00 PM, Dr. David Alan Gilbert wrote: > cc'ing in Mike*2 > * Denis Plotnikov (dplotni...@virtuozzo.com) wrote: >> >> >> On 26.07.2018 12:23, Peter Xu wrote: >>> On Thu, Jul 26, 2018 at 10:51:33AM +0200, Paolo Bonzini wrote: On 25/07/2018 22:04, Andrea Arcangeli wrote: > > It may look like the uffd-wp model is wish-feature similar to an > optimization, but without the uffd-wp model when the WP fault is > triggered by kernel code, the sigsegv model falls apart and requires > all kind of ad-hoc changes just for this single feature. Plus uffd-wp > has other benefits: it makes it all reliable in terms of not > increasing the number of vmas in use during the snapshot. Finally it > makes it faster too with no mmap_sem for reading and no sigsegv > signals. > > The non cooperative features got merged first because there was much > activity on the kernel side on that front, but this is just an ideal > time to nail down the remaining issues in uffd-wp I think. That I > believe is time better spent than trying to emulate it with sigsegv > and changing all drivers to send new events down to qemu specific to > the sigsegv handling. We considered this before doing uffd for > postcopy too but overall it's unreliable and more work (no single > change was then needed to KVM code with uffd to handle postcopy and > here it should be the same). I totally agree. The hard part in userfaultfd was the changes to the kernel get_user_pages API, but the payback was huge because _all_ kernel uses (KVM, vhost-net, syscalls, etc.) just work with userfaultfd. Going back to mprotect would be a huge mistake. >>> >>> Thanks for explaining the bits. I'd say I wasn't aware of the >>> difference before I started the investigation (and only until now I >>> noticed that major difference between mprotect and userfaultfd). I'm >>> really glad that it's much clear (at least for me) on which way we >>> should choose. >>> >>> Now I'm thinking whether we can move the userfault write protect work >>> forward. The latest discussion I saw so far is in 2016, when someone >>> from Huawei tried to use the write protect feature for that old >>> version of live snapshot but reported issue: >>> >>>https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg01127.html >>> >>> Is that the latest status for userfaultfd wr-protect? >>> >>> If so, I'm thinking whether I can try to re-verify the work (I tried >>> his QEMU repository but I failed to compile somehow, so I plan to >>> write some even simpler code to try) to see whether I can get the same >>> KVM error he encountered. >>> >>> Thoughts? >> >> Just to sum up all being said before. >> >> Using mprotect is a bad idea because VM's memory can be accessed from the >> number of places (KVM, vhost, ...) which need their own special care >> of tracking memory accesses and notifying QEMU which makes the mprotect >> using unacceptable. >> >> Protected memory accesses tracking can be done via userfaultfd's WP mode >> which isn't available right now. >> >> So, the reasonable conclusion is to wait until the WP mode is available and >> build the background snapshot on top of userfaultfd-wp. >> But, works on adding the WP-mode is pending for a quite a long time already. >> >> Is there any way to estimate when it could be available? > > I think a question is whether anyone is actively working on it; I > suspect really it's on a TODO list rather than moving at the moment. > I am not working on it, and it is not on my TODO list. However, if someone starts making progress I will jump in and work on hugetlbfs support. My intention would be to not let hugetlbfs support 'fall behind' general uffd support. -- Mike Kravetz
[Qemu-devel] [ANNOUNCE] QEMU 3.0.0 is now available
Hello, On behalf of the QEMU Team, I'd like to announce the availability of the QEMU 3.0.0 release. This release contains 2300+ commits from 169 authors. A note from the maintainer: Why 3.0? Well, we felt that our version numbers were getting a bit unwieldy, and since this year is QEMU's 15th birthday it seemed like a good excuse to roll over the major digit. Going forward we plan to increment the major version once a year, for the first release of the year. Don't read too much into it: it doesn't imply a drastic compatibility break. Rumours of our triskaidekaphobia have been greatly exaggerated :-) You can grab the tarball from our download page here: https://www.qemu.org/download/#source The full list of changes are available at: https://wiki.qemu.org/ChangeLog/3.0 Highlights include: * Support for additional x86/AMD mitigations against Speculative Store Bypass (Spectre Variant 4, CVE-2018-3639) * Improved support for nested KVM guests running on Hyper-V * Block device support for active disk-mirroring, which avoids convergence issues which may arise when doing passive/background mirroring of busy devices. * Improved support for AHCI emulation, SCSI emulation, and persistent reservations / cluster management. * OpenGL ES support for SDL front-end, additional framebuffer device options for early boot display without using legacy VGA emulation * Live migration support for TPM TIS devices, capping bandwidth usage during post-copy migration, and recovering from a failed post-copy migration * Improved latency when using user-mode networking / SLIRP * ARM: support for SMMUv3 IOMMU when using 'virt' machine type * ARM: v8M extensions for VLLDM and VLSTM floating-point instructions, and improved support for AArch64 v8.2 FP16 extensions * ARM: support for Scalable Vector Extensions in linux-user mode * Microblaze: support for 64-bit address sizes and translation bug fixes * PowerPC: PMU support for mac99 machine type and improvements for Uninorth PCI host bridge emulation for Mac machine types * PowerPC: preliminary support for emulating POWER9 hash MMU mode when using powernv machine type. * RISC-V: improvement for privileged ISA emulation * s390: support for z14 ZR1 CPU model * s390: bpb/ppa15 Spectre mitigations enabled by default for z196 and later CPU models * s390: support for configuring consoles via -serial options * and lots more... Thank you to everyone involved!
Re: [Qemu-devel] Fwd: [Bug 1785698] Re: Solaris build error: unknown type name ‘gcry_error_t’
> > > > I notice in the Makefile in dtc/ that it's calling python. My default > > python is 2.6.9. I found some discussion about qemu moving to python > > 3. Could this be the problem? > > We require either Python 2.7.x, or Python 3.x versions. Support for > 2.6.x was dropped I'm afraid. > > Thanks. I upgraded to python 3.3 though that turned out not to be the problem. I documented the solution here: https://bugs.launchpad.net/qemu/+bug/1787012 - Michele -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1785698 Title: Solaris build error: unknown type name ‘gcry_error_t’ Status in QEMU: New Bug description: Building qemu 2.12.0 on a Sun Oracle Enterprise M3000 SPARC64 VII, Solaris 10 Update 11, opencsw toolchain and gcc 7.3.0, gmake fails with a bunch of related errors all in cypher-gcrypt.c: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:32: error: ‘gcry_cipher_hd_t’ undeclared (first use in this function); did you mean ‘gcry_cipher_info’? err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length);^~~~ gcry_cipher_info /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:49: error: expected ‘)’ before ‘ctx’ err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:11: error: too few arguments to function ‘gcry_cipher_encrypt’ err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:25:0, from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153: /usr/include/gcrypt.h:566:5: note: declared here int gcry_cipher_encrypt (GcryCipherHd h, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153:0: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c: In function ‘qcrypto_gcrypt_xts_decrypt’: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:271:5: error: unknown type name ‘gcry_error_t’; did you mean ‘g_error’? gcry_error_t err; ^~~~ g_error /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:272:32: error: ‘gcry_cipher_hd_t’ undeclared (first use in this function); did you mean ‘gcry_cipher_info’? err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length);^~~~ gcry_cipher_info /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:272:49: error: expected ‘)’ before ‘ctx’ err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:272:11: error: too few arguments to function ‘gcry_cipher_decrypt’ err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:25:0, from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153: /usr/include/gcrypt.h:571:5: note: declared here int gcry_cipher_decrypt (GcryCipherHd h, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153:0: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c: In function ‘qcrypto_gcrypt_cipher_encrypt’: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:284:5: error: unknown type name ‘gcry_error_t’; did you mean ‘g_error’? gcry_error_t err; ^~~~ g_error /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:293:21: warning: passing argument 1 of ‘xts_encrypt’ makes pointer from integer without a cast [-Wint-conversion] xts_encrypt(ctx->handle, ctx->tweakhandle, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:22:0, from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153: /export/home/denber/qemu-2.12.0/include/crypto/xts.h:73:6: note: expected ‘const void *’ but argument is of type ‘int’ void xts_encrypt(const void *datactx, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153:0: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:293:34: warning: passing argument 2 of ‘xts_encrypt’ makes pointer from integer without a cast [-Wint-conversion] xts_encrypt(ctx->handle, ctx->tweakhandle, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:22:0, from
Re: [Qemu-devel] [Bug 1785698] Re: Solaris build error: unknown type name ‘gcry_error_t’
On 08-14-2018 2:17 PM, Peter Maydell wrote: > > dtc stuff really necessary? > It is necessary, but only for certain guest CPU types. You can > disable it by passing configure both "--disable-fdt" and also > "--target-list= any arm, ppc, mips, microblaze or riscv targets>" > (for instance "--target-list=x86_64-softmmu".) Thanks. Turns out I found where "Bad string" was coming from - there's a call to "uname -s | tr" in dtc/Makefile and that is known not to work in Solaris 10.. So I just replaced that with "HOSTOS=SunOS" and that took care of that. dtc compiled just fine. Now I'm getting a "ld: fatal: unrecognized option '--'" linking libfdt so I'm going to try a different linker. Onward :-) - Michele -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1785698 Title: Solaris build error: unknown type name ‘gcry_error_t’ Status in QEMU: New Bug description: Building qemu 2.12.0 on a Sun Oracle Enterprise M3000 SPARC64 VII, Solaris 10 Update 11, opencsw toolchain and gcc 7.3.0, gmake fails with a bunch of related errors all in cypher-gcrypt.c: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:32: error: ‘gcry_cipher_hd_t’ undeclared (first use in this function); did you mean ‘gcry_cipher_info’? err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length);^~~~ gcry_cipher_info /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:49: error: expected ‘)’ before ‘ctx’ err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:262:11: error: too few arguments to function ‘gcry_cipher_encrypt’ err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:25:0, from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153: /usr/include/gcrypt.h:566:5: note: declared here int gcry_cipher_encrypt (GcryCipherHd h, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153:0: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c: In function ‘qcrypto_gcrypt_xts_decrypt’: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:271:5: error: unknown type name ‘gcry_error_t’; did you mean ‘g_error’? gcry_error_t err; ^~~~ g_error /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:272:32: error: ‘gcry_cipher_hd_t’ undeclared (first use in this function); did you mean ‘gcry_cipher_info’? err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length);^~~~ gcry_cipher_info /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:272:49: error: expected ‘)’ before ‘ctx’ err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:272:11: error: too few arguments to function ‘gcry_cipher_decrypt’ err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:25:0, from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153: /usr/include/gcrypt.h:571:5: note: declared here int gcry_cipher_decrypt (GcryCipherHd h, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153:0: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c: In function ‘qcrypto_gcrypt_cipher_encrypt’: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:284:5: error: unknown type name ‘gcry_error_t’; did you mean ‘g_error’? gcry_error_t err; ^~~~ g_error /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:293:21: warning: passing argument 1 of ‘xts_encrypt’ makes pointer from integer without a cast [-Wint-conversion] xts_encrypt(ctx->handle, ctx->tweakhandle, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:22:0, from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153: /export/home/denber/qemu-2.12.0/include/crypto/xts.h:73:6: note: expected ‘const void *’ but argument is of type ‘int’ void xts_encrypt(const void *datactx, ^~~ In file included from /export/home/denber/qemu-2.12.0/crypto/cipher.c:153:0: /export/home/denber/qemu-2.12.0/crypto/cipher-gcrypt.c:293:34: warning: passing argument 2 of ‘xts_encrypt’ makes pointer from integer without a cast
Re: [Qemu-devel] [PATCH 2/4] configure: adding support to lzfse library.
Em seg, 13 de ago de 2018 às 11:10, Kevin Wolf escreveu:
>
> Am 10.08.2018 um 06:07 hat Julio Faracco geschrieben:
> > This commit includes the support to lzfse opensource library. With this
> > library dmg block driver can decompress images with this type of
> > compression inside.
> >
> > Signed-off-by: Julio Faracco
> > ---
> > block/Makefile.objs | 2 ++
> > configure | 32
> > 2 files changed, 34 insertions(+)
> >
> > diff --git a/block/Makefile.objs b/block/Makefile.objs
> > index c8337bf186..f4ddbb9c7b 100644
> > --- a/block/Makefile.objs
> > +++ b/block/Makefile.objs
> > @@ -47,6 +47,8 @@ ssh.o-cflags := $(LIBSSH2_CFLAGS)
> > ssh.o-libs := $(LIBSSH2_LIBS)
> > block-obj-$(if $(CONFIG_BZIP2),m,n) += dmg-bz2.o
> > dmg-bz2.o-libs := $(BZIP2_LIBS)
> > +block-obj-$(if $(CONFIG_LZFSE),m,n) += dmg-lzfse.o
> > +dmg-lzfse.o-libs := $(LZFSE_LIBS)
> > qcow.o-libs:= -lz
> > linux-aio.o-libs := -laio
> > parallels.o-cflags := $(LIBXML2_CFLAGS)
> > diff --git a/configure b/configure
> > index 2a7796ea80..b12a16f2bf 100755
> > --- a/configure
> > +++ b/configure
> > @@ -432,6 +432,7 @@ capstone=""
> > lzo=""
> > snappy=""
> > bzip2=""
> > +lzfse=""
> > guest_agent=""
> > guest_agent_with_vss="no"
> > guest_agent_ntddscsi="no"
> > @@ -1300,6 +1301,10 @@ for opt do
> >;;
> >--enable-bzip2) bzip2="yes"
> >;;
> > + --enable-lzfse) lzfse="yes"
> > + ;;
> > + --disable-lzfse) lzfse="no"
> > + ;;
> >--enable-guest-agent) guest_agent="yes"
> >;;
> >--disable-guest-agent) guest_agent="no"
> > @@ -1689,6 +1694,8 @@ disabled with --disable-FEATURE, default is enabled
> > if available:
> >snappy support of snappy compression library
> >bzip2 support of bzip2 compression library
> >(for reading bzip2-compressed dmg images)
> > + lzfse support of lzfse compression library
> > + (for reading lzfse-compressed dmg images)
> >seccomp seccomp support
> >coroutine-pool coroutine freelist (better performance)
> >glusterfs GlusterFS backend
> > @@ -2213,6 +2220,25 @@ EOF
> > fi
> > fi
> >
> > +##
> > +# lzfse check
> > +
> > +if test "$lzfse" != "no" ; then
> > +cat > $TMPC << EOF
> > +#include
> > +int main(void) { lzfse_decode_scratch_size(); return 0; }
> > +EOF
> > +if compile_prog "" "-llzfse" ; then
> > +libs_softmmu="$libs_softmmu -llzfse"
>
> Are you sure about libs_softmmu? I think this is only for QEMU proper,
> but not for tools like qemu-img or qemu-io, so if this were relevant,
> we'd be missing lzfse support in some tools.
It is relevant for qemu-img because it can be able to convert dmg file
into qcow2 or any other format.
Right now, I don't think we really need to implement something
specific for those tools.
Never mind, I really don't know why I included softmmu here. My final
local commit does not have it.
I probably sent the wrong file patch file. Well, I need to send a V2 anyway.
>
> > +lzfse="yes"
> > +else
> > +if test "$lzfse" = "yes"; then
> > +feature_not_found "lzfse" "Install lzfse devel"
> > +fi
> > +lzfse="no"
> > +fi
> > +fi
> > +
> > ##
> > # libseccomp check
> >
> > @@ -6001,6 +6027,7 @@ echo "Live block migration $live_block_migration"
> > echo "lzo support $lzo"
> > echo "snappy support$snappy"
> > echo "bzip2 support $bzip2"
> > +echo "lzfse support $lzfse"
> > echo "NUMA host support $numa"
> > echo "libxml2 $libxml2"
> > echo "tcmalloc support $tcmalloc"
> > @@ -6525,6 +6552,11 @@ if test "$bzip2" = "yes" ; then
> >echo "BZIP2_LIBS=-lbz2" >> $config_host_mak
> > fi
> >
> > +if test "$lzfse" = "yes" ; then
> > + echo "CONFIG_LZFSE=y" >> $config_host_mak
> > + echo "LZFSE_LIBS=-llzfse" >> $config_host_mak
>
> But since we have LZFSE_LIBS here and this is referenced in
> block/Makefile.objs, I suspect that the libs_softmmu addition is
> actually redundant and could just go away above.
>
> > +fi
> > +
> > if test "$libiscsi" = "yes" ; then
> >echo "CONFIG_LIBISCSI=m" >> $config_host_mak
> >echo "LIBISCSI_CFLAGS=$libiscsi_cflags" >> $config_host_mak
>
> Kevin
[Qemu-devel] [Bug 1787012] Re: Solaris build error: Bad string
Oh, and how I found this. From http://lists.xymon.com/archive/2012-July/035109.html: > Sorry to reply to myself. Looks like this line: > > uname -s | tr '[/]' '[_]' > > ...is not acceptable to /usr/bin/tr on Solaris 10. It worked fine > on 9. On 10, one receives this error: > > # uname -s | tr '[/]' '[_]' Bad string And indeed I get: # uname -s | tr '[/]' '[_]' Bad string # So this is a bug in the Makefile, but only for Solaris 10. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1787012 Title: Solaris build error: Bad string Status in QEMU: New Bug description: While building qemu2.12.0 on a Sun Oracle Enterprise M3000 SPARC64 VII running Solaris 10U11, opencsw toolchain, gcc 7.3.0, and python 3.3.6 I get: # gmake mkdir -p dtc/libfdt mkdir -p dtc/tests Bad string DEP /export/home/denber/qemu-2.12.0/dtc/tests/dumptrees.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/trees.S DEP /export/home/denber/qemu-2.12.0/dtc/tests/testutils.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/value-labels.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/asm_tree_dump.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/truncated_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/check_path.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/overlay_bad_fixup.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/overlay.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/subnode_iterate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/property_iterate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/integer-expressions.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/utilfdt_test.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/path_offset_aliases.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/add_subnode_with_nops.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtbs_equal_unordered.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtb_reverse.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtbs_equal_ordered.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/extra-terminating-null.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/incbin.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/boot-cpuid.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/phandle_format.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/path-references.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/references.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/string_escapes.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/propname_escapes.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/appendprop2.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/appendprop1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/del_node.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/del_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/setprop.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/set_name.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/rw_tree1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/open_pack.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nopulate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/mangle-layout.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/move_and_save.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/sw_tree1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nop_node.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nop_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/setprop_inplace.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/stringlist.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/addr_size_cells.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/notfound.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/sized_cells.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/char_literal.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_alias.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_compatible.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_check_compatible.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_phandle.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_prop_value.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/parent_offset.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/supernode_atdepth_offset.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_path.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_phandle.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/getprop.c
[Qemu-devel] [Bug 1787012] Re: Solaris build error: Bad string
[Solved] There's nothing like going public with a problem to find the answer yourself shortly after. In case it helps someone else in the future, it turns out that the Makefile in dtc/ contains the following line: HOSTOS := $(shell uname -s | tr '[:upper:]' '[:lower:]' | \ sed -e 's/\(cygwin\|msys\).*/\1/') Apparently there's something in there that gmake doesn't like which causes it to emit "Bad string" so I just replaced that line with: HOSTOS=SunOS (a call to uname -s from the command line returns SunOS) and I'm no longer getting the "Bad string" from gmake. (I'm getting soemthing else now but that's a different matter). -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1787012 Title: Solaris build error: Bad string Status in QEMU: New Bug description: While building qemu2.12.0 on a Sun Oracle Enterprise M3000 SPARC64 VII running Solaris 10U11, opencsw toolchain, gcc 7.3.0, and python 3.3.6 I get: # gmake mkdir -p dtc/libfdt mkdir -p dtc/tests Bad string DEP /export/home/denber/qemu-2.12.0/dtc/tests/dumptrees.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/trees.S DEP /export/home/denber/qemu-2.12.0/dtc/tests/testutils.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/value-labels.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/asm_tree_dump.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/truncated_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/check_path.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/overlay_bad_fixup.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/overlay.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/subnode_iterate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/property_iterate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/integer-expressions.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/utilfdt_test.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/path_offset_aliases.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/add_subnode_with_nops.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtbs_equal_unordered.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtb_reverse.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtbs_equal_ordered.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/extra-terminating-null.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/incbin.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/boot-cpuid.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/phandle_format.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/path-references.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/references.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/string_escapes.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/propname_escapes.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/appendprop2.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/appendprop1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/del_node.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/del_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/setprop.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/set_name.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/rw_tree1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/open_pack.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nopulate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/mangle-layout.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/move_and_save.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/sw_tree1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nop_node.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nop_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/setprop_inplace.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/stringlist.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/addr_size_cells.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/notfound.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/sized_cells.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/char_literal.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_alias.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_compatible.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_check_compatible.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_phandle.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_prop_value.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/parent_offset.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/supernode_atdepth_offset.c DEP
[Qemu-devel] [PATCH 2/2] linux-user: add pseudo /proc/hardware for m68k
Debian console-setup uses /proc/hardware to guess the keyboard layout.
If the file /proc/hardware cannot be opened, the installation fails.
This patch adds a pseudo /proc/hardware file to report the model of
the machine. Instead of reporting a known and fake model, it
reports "qemu-m68k", which is true, and avoids to set the configuration
for an Amiga/Apple/Atari and let the user to chose the good one.
Bug: https://github.com/vivier/qemu-m68k/issues/34
Signed-off-by: Laurent Vivier
---
linux-user/syscall.c | 13 -
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 5850aba5be..f9a6ada611 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7746,7 +7746,7 @@ static int is_proc_myself(const char *filename, const
char *entry)
}
#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN) || \
-defined(TARGET_SPARC)
+defined(TARGET_SPARC) || defined(TARGET_M68K)
static int is_proc(const char *filename, const char *entry)
{
return strcmp(filename, entry) == 0;
@@ -7800,6 +7800,14 @@ static int open_cpuinfo(void *cpu_env, int fd)
}
#endif
+#if defined(TARGET_M68K)
+static int open_hardware(void *cpu_env, int fd)
+{
+dprintf(fd, "Model:\t\tqemu-m68k\n");
+return 0;
+}
+#endif
+
static int do_openat(void *cpu_env, int dirfd, const char *pathname, int
flags, mode_t mode)
{
struct fake_open {
@@ -7818,6 +7826,9 @@ static int do_openat(void *cpu_env, int dirfd, const char
*pathname, int flags,
#endif
#if defined(TARGET_SPARC)
{ "/proc/cpuinfo", open_cpuinfo, is_proc },
+#endif
+#if defined(TARGET_M68K)
+{ "/proc/hardware", open_hardware, is_proc },
#endif
{ NULL, NULL, NULL }
};
--
2.17.1
[Qemu-devel] [PATCH 1/2] linux-user: add pseudo /proc/cpuinfo for sparc
SPARC libc6 debian package wants to check the cpu level to be
installed or not:
WARNING: This machine has a SPARC V8 or earlier class processor.
Debian lenny and later does not support such old hardware
any longer.
To avoid this, it only needs to know if the machine type is sun4u or sun4v,
for that it reads the information from /proc/cpuinfo.
Fixes: 9a93c152fcdb4ab2cd85094487b33578fd693915
("linux-user: fix UNAME_MACHINE for sparc/sparc64")
Signed-off-by: Laurent Vivier
---
linux-user/syscall.c | 16 +++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index dfc851cc35..5850aba5be 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -7745,12 +7745,15 @@ static int is_proc_myself(const char *filename, const
char *entry)
return 0;
}
-#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
+#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN) || \
+defined(TARGET_SPARC)
static int is_proc(const char *filename, const char *entry)
{
return strcmp(filename, entry) == 0;
}
+#endif
+#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
static int open_net_route(void *cpu_env, int fd)
{
FILE *fp;
@@ -7789,6 +7792,14 @@ static int open_net_route(void *cpu_env, int fd)
}
#endif
+#if defined(TARGET_SPARC)
+static int open_cpuinfo(void *cpu_env, int fd)
+{
+dprintf(fd, "type\t\t: sun4u\n");
+return 0;
+}
+#endif
+
static int do_openat(void *cpu_env, int dirfd, const char *pathname, int
flags, mode_t mode)
{
struct fake_open {
@@ -7804,6 +7815,9 @@ static int do_openat(void *cpu_env, int dirfd, const char
*pathname, int flags,
{ "cmdline", open_self_cmdline, is_proc_myself },
#if defined(HOST_WORDS_BIGENDIAN) != defined(TARGET_WORDS_BIGENDIAN)
{ "/proc/net/route", open_net_route, is_proc },
+#endif
+#if defined(TARGET_SPARC)
+{ "/proc/cpuinfo", open_cpuinfo, is_proc },
#endif
{ NULL, NULL, NULL }
};
--
2.17.1
Re: [Qemu-devel] [RFC PATCH 3/3] linux-user: add -dfilter progtext shortcut
Le 09/08/2018 à 19:55, Alex Bennée a écrit :
> When debugging you often don't care about the libraries but just the
> code in the testcase. Rather than make the user build this by hand
> offer a shortcut.
>
> Signed-off-by: Alex Bennée
> ---
> linux-user/main.c | 16 +++-
> 1 file changed, 15 insertions(+), 1 deletion(-)
>
> diff --git a/linux-user/main.c b/linux-user/main.c
> index ea00dd9057..8d4427727e 100644
> --- a/linux-user/main.c
> +++ b/linux-user/main.c
> @@ -28,6 +28,7 @@
> #include "qemu/config-file.h"
> #include "qemu/cutils.h"
> #include "qemu/help_option.h"
> +#include "qemu/range.h"
> #include "cpu.h"
> #include "exec/exec-all.h"
> #include "tcg.h"
> @@ -51,6 +52,8 @@ unsigned long mmap_min_addr;
> unsigned long guest_base;
> int have_guest_base;
>
> +static bool dfilter_progtext;
> +
> /*
> * When running 32-on-64 we should make sure we can fit all of the possible
> * guest address space into a contiguous chunk of virtual host memory.
> @@ -222,6 +225,11 @@ static void handle_arg_log(const char *arg)
>
> static void handle_arg_dfilter(const char *arg)
> {
> +if (strcmp(arg, "progtext") == 0) {
> +dfilter_progtext = true;
> +return;
> +}
> +
> qemu_set_dfilter_ranges(arg, NULL);
> }
>
> @@ -423,7 +431,7 @@ static const struct qemu_argument arg_table[] = {
> "item[,...]", "enable logging of specified items "
> "(use '-d help' for a list of items)"},
> {"dfilter","QEMU_DFILTER", true, handle_arg_dfilter,
> - "range[,...]","filter logging based on address range"},
> + "range|progtext[,...]", "filter logging based on address range"},
> {"D", "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
> "logfile", "write logs to 'logfile' (default stderr)"},
> {"p", "QEMU_PAGESIZE",true, handle_arg_pagesize,
> @@ -796,6 +804,12 @@ int main(int argc, char **argv, char **envp)
> qemu_log("auxv_start 0x" TARGET_ABI_FMT_lx "\n", info->saved_auxv);
> }
>
> +if (dfilter_progtext) {
> +Range r;
> +range_set_bounds(, info->start_code, info->end_code);
> +qemu_append_dfilter_range(r, NULL);
> +}
> +
> target_set_brk(info->brk);
> syscall_init();
> signal_init();
>
Reviewed-by: Laurent Vivier
Re: [Qemu-devel] [PATCH v4 00/14] fp-test + hardfloat
Emilio G. Cota writes: > On Tue, Aug 14, 2018 at 11:17:03 +0100, Alex Bennée wrote: >> Emilio G. Cota writes: >> > Would be great to get this in for 3.1. >> >> I would like this merged by 3.1 as well. However I think there is still >> some work to be done on the testing side. IIRC the fptest case works >> with whitelists and I'd like to understand more about why we can't use >> the whole test corpus? Is it testing features we don't have on all >> architectures or just because it wouldn't pass because of holes in our >> current softfloat? > > Some test patterns are just strange. For instance: > > d64+ =0 -1e-398 +0e-398 -> -1e-398 > > I think the IBM implementation uses 128 bits and then truncates to > whatever precision is required (64b in this case), so those tests > might make sense then. But for us, those tests don't make any sense. > > The use of whitelists is a temporary workaround to avoid those weird > test patterns. The right fix is to keep our own set of test patterns, > without needing whitelisting. > BTW with this patchset we use 76572 out of 130471 test patterns, which > isn't bad at all. The whitelist is currently only 2% of the 130K. > >> Our experience of SVE has shown that despite the fairly extensive >> testing we did there are still a bunch of corner cases we missed. >> Hopefully the last few patches have fixed that but I guess it pays to be >> exhaustive. > > Agreed. That's why I wrote fp-test (and BTW found a bug in softfloat > thanks to it.) > >> We now have the check-tcg infrastructure in place so it would be nice to >> have proper native tests in place for each architecture. My experience >> of the fcvt.c test case however is you end up using inline assembler to >> ensure you exercise the right guest opcodes which makes it hard to >> generalise for lots of architectures. > > I think testing using assembly is necessary, but not sufficient. > That's why having tests that test the FP primitives directly > (like fp-test does with `-t soft`) is valuable, since you can > trivially exercise corner cases. Then you have to test that the > ISA's decoder does the right thing, but that's a separate test. > >> I had written a bunch of patches >> against the fptest to get it built under check-tcg but it was painful: >> >> * needed a lot of boilerplate for each new operation > > That depends on the op. If you want to test anything other than 32/64b > ops, then yes, you need to add some boilerplate. But otherwise it > is quite simple, for instance see patch 2. Well half-precision is the next obvious thing that needs adding. If we ever re-factor the rest of the code for our weird 80 bit float cousins that will need adding as well. > >> * a bit hacky to build as unit test and as tcg test > > It's not clear to me what the value as a TCG test is; each ISA > would have its own set of test patterns (and this set is distinct > from the test patterns we're using here, since those are only > a subset of the 754 standard). Well nominally they are all IEEE right? But yeah I think directed tests are the answer here. > > So, my proposal for a v5: > > - Commit the test files we need, instead of downloading them from > the web. No whitelisting/exceptions except for tininess > detection, which is necessary. Sounds good to me. Perhaps we could do a one time conversion of the test files so they are a little more readable if we are going to own/extend them? > > - fp-test is added to make test. This is a unit test of softfloat, > not a TCG unit test. > > - We defer TCG unit tests of FP to a later time. Yeah mashing the two together is probably more trouble than it's worth. I was playing around trying to improve the fcvt test (horribly WIP): https://github.com/stsquad/qemu/tree/arm/more-fcvt-tests Anyway I'm coming to the conclusion that what we need for the TCG tests is a generalised op tester framework that make it easy to plug in new tests with custom inline asm with a minimal amount of fuss. I'll have a go at this tomorrow - lets see if I can have a common framework that abstracts away the 1, 2 and 3 source specifics and result size handling. -- Alex Bennée
[Qemu-devel] [Bug 1787012] [NEW] Solaris build error: Bad string
Public bug reported: While building qemu2.12.0 on a Sun Oracle Enterprise M3000 SPARC64 VII running Solaris 10U11, opencsw toolchain, gcc 7.3.0, and python 3.3.6 I get: # gmake mkdir -p dtc/libfdt mkdir -p dtc/tests Bad string DEP /export/home/denber/qemu-2.12.0/dtc/tests/dumptrees.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/trees.S DEP /export/home/denber/qemu-2.12.0/dtc/tests/testutils.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/value-labels.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/asm_tree_dump.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/truncated_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/check_path.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/overlay_bad_fixup.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/overlay.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/subnode_iterate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/property_iterate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/integer-expressions.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/utilfdt_test.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/path_offset_aliases.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/add_subnode_with_nops.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtbs_equal_unordered.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtb_reverse.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/dtbs_equal_ordered.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/extra-terminating-null.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/incbin.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/boot-cpuid.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/phandle_format.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/path-references.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/references.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/string_escapes.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/propname_escapes.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/appendprop2.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/appendprop1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/del_node.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/del_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/setprop.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/set_name.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/rw_tree1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/open_pack.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nopulate.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/mangle-layout.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/move_and_save.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/sw_tree1.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nop_node.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/nop_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/setprop_inplace.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/stringlist.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/addr_size_cells.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/notfound.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/sized_cells.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/char_literal.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_alias.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_compatible.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_check_compatible.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_phandle.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/node_offset_by_prop_value.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/parent_offset.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/supernode_atdepth_offset.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_path.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_phandle.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/getprop.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_name.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/path_offset.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/subnode_offset.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/find_property.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/root_node.c DEP /export/home/denber/qemu-2.12.0/dtc/tests/get_mem_rsv.c DEP /export/home/denber/qemu-2.12.0/dtc/libfdt/fdt_overlay.c DEP /export/home/denber/qemu-2.12.0/dtc/libfdt/fdt_addresses.c DEP /export/home/denber/qemu-2.12.0/dtc/libfdt/fdt_empty_tree.c DEP /export/home/denber/qemu-2.12.0/dtc/libfdt/fdt_strerror.c DEP /export/home/denber/qemu-2.12.0/dtc/libfdt/fdt_rw.c DEP
Re: [Qemu-devel] [PATCH v3 5/5] qmp: add pmemload command
* Simon Ruderich (si...@ruderich.org) wrote:
> On Fri, Aug 10, 2018 at 11:36:51AM +0100, Dr. David Alan Gilbert wrote:
> >> --- a/hmp-commands.hx
> >> +++ b/hmp-commands.hx
> >> @@ -822,6 +822,20 @@ STEXI
> >> @item pmemsave @var{addr} @var{size} @var{file}
> >> @findex pmemsave
> >> save to disk physical memory dump starting at @var{addr} of size
> >> @var{size}.
> >> +ETEXI
> >> +
> >> +{
> >> +.name = "pmemload",
> >> +.args_type = "val:l,size:i,offset:i,filename:s",
> >> +.params = "addr size offset file",
> >> +.help = "load from disk physical memory dump starting at
> >> 'addr' of size 'size' at file offset 'offset'",
> >> +.cmd= hmp_pmemload,
> >> +},
> >> +
> >
> > I'm guessing that size and offset should be 'l' to allow large
> > sizes and offsets, and there's an 'F' type for filenames
>
> I've copied that from "pmemsave" and "memsave" which use 'i' for
> size. I'll add patches which will adapt them to use both 'l' and
> 'F' and adapt my pmemload patch as well.
>
> qapi/misc.json seems to always use 'int' for integer types. Is
> this value large enough on 64-bit architectures?
>
> > (see monitor.c which has a big comment table near the start).
>
> Thanks.
>
> Just curious, what is the difference between 's' and 'F'. Is that
> only for documentation purposes (and maybe tab completion) or is
> the usage different? I noticed existing code uses qdict_get_str()
> for both 's' and 'F'.
>
> > Also, had you considered rearranging and making them optional,
> > for example if you do:
> >
> > val:l,filename:F,offset:i?,size:i?
> >
> > I think that would mean you can do the fairly obvious:
> > pmemload addr "myfile"
> >
> > with the assumption that loads the whole file.
>
> I tried to keep it as similar to the existing functions
> "memsave"/"pmemsave", only adding "offset". Eric Blake already
> raised this issue in the thread, here's my response for
> reference:
>
> On Mon, Apr 23, 2018 at 02:46:57PM -0500, Eric Blake wrote:
> > Back-compat in the QMP interface matters. The HMP interface, however,
> > exists to serve humans not machines, and we can break it at will to
> > something that makes more sense to humans. So don't let HMP concerns
> > hold you back from a sane interface.
>
> I see. However I don't like breaking existing interfaces unless I
> have to. In this case I think not having the optional parameters
> is fine and the consistency between the existing memsave/pmemsave
> functions is more important.
>
> > Optional parameters are listed as '*name':'type' in the .json file,
> > which tells the generator to create a 'has_name' bool parameter
> > alongside the 'name' parameter in the C code for the QMP interface. The
> > HMP interface should then call into the QMP interface.
> >
> > Recent HMP patches that I've authored may offer some inspiration: commit
> > 08fb10a added a new command, and commit dba4932 added an optional
> > parameter to an existing command.
>
> Thank you for the explanation, this looks straight-forward.
>
> Do you have strong opinions regarding the optional parameters or
> would you accept the patch as is (minus possible implementation
> issues)? I like the symmetry to the existing functions (I noticed
> that size can only be optional for pmemload because saving the
> complete memory doesn't sound useful) and having to specify
> size/offset doesn't hurt the caller too much.
No strong feeling either way; that was just a suggestion.
Dave
>
> Thanks for your review!
>
> Regards
> Simon
>
> PS: Diff between v3 and my current local version follows:
>
> diff --git a/hmp-commands.hx b/hmp-commands.hx
> index 5a43dae133..c39d745a22 100644
> --- a/hmp-commands.hx
> +++ b/hmp-commands.hx
> @@ -818,7 +818,7 @@ ETEXI
>
> {
> .name = "memsave",
> -.args_type = "val:l,size:i,filename:s",
> +.args_type = "val:l,size:l,filename:F",
> .params = "addr size file",
> .help = "save to disk virtual memory dump starting at 'addr'
> of size 'size'",
> .cmd= hmp_memsave,
> @@ -832,7 +832,7 @@ ETEXI
>
> {
> .name = "pmemsave",
> -.args_type = "val:l,size:i,filename:s",
> +.args_type = "val:l,size:l,filename:F",
> .params = "addr size file",
> .help = "save to disk physical memory dump starting at 'addr'
> of size 'size'",
> .cmd= hmp_pmemsave,
> @@ -846,7 +846,7 @@ ETEXI
>
> {
> .name = "pmemload",
> -.args_type = "val:l,size:i,offset:i,filename:s",
> +.args_type = "val:l,size:l,offset:l,filename:F",
> .params = "addr size offset file",
> .help = "load from disk physical memory dump starting at
> 'addr' of size 'size' at file offset 'offset'",
> .cmd= hmp_pmemload,
> diff --git a/qapi/misc.json b/qapi/misc.json
> index 6c34b2ff8b..becc257a76 100644
>
Re: [Qemu-devel] [PATCH] MAINTAINERS: add maintainers for qtest
On 08/14/2018 11:41 AM, Paolo Bonzini wrote: > Thomas has been doing a lot of work on qom-test and device-introspection-test, > and Laurent has ported libqos to sPAPR and co-mentored Emanuele on the > upcoming qtest device framework. They deserve recognition. :) > > Signed-off-by: Paolo Bonzini Absolutely! Thanks for polishing up some of the pieces I plopped into libqos so long ago. Reviewed-by: John Snow > --- > MAINTAINERS | 11 ++- > 1 file changed, 10 insertions(+), 1 deletion(-) > > diff --git a/MAINTAINERS b/MAINTAINERS > index 666e936812..657595e6be 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -1685,7 +1685,6 @@ F: qom/ > X: qom/cpu.c > F: tests/check-qom-interface.c > F: tests/check-qom-proplist.c > -F: tests/qom-test.c > > QMP > M: Markus Armbruster > @@ -1697,6 +1696,16 @@ F: scripts/qmp/ > F: tests/qmp-test.c > T: git git://repo.or.cz/qemu/armbru.git qapi-next > > +qtest > +M: Paolo Bonzini > +M: Thomas Huth > +M: Laurent Vivier > +S: Maintained > +F: qtest.c > +F: tests/libqtest.* > +F: tests/libqos/ > +F: tests/*-test.c > + > Register API > M: Alistair Francis > S: Maintained >
Re: [Qemu-devel] [PATCH v6 4/6] loader: add rom transaction API
On Tue, Aug 14, 2018 at 9:27 AM, Stefan Hajnoczi wrote:
> Image file loaders may add a series of roms. If an error occurs partway
> through loading there is no easy way to drop previously added roms.
>
> This patch adds a transaction mechanism that works like this:
>
> rom_transaction_begin();
> ...call rom_add_*()...
> rom_transaction_end(ok);
>
> If ok is false then roms added in this transaction are dropped.
>
> Signed-off-by: Stefan Hajnoczi
Reviewed-by: Alistair Francis
Alistair
> ---
> include/hw/loader.h | 19 +++
> hw/core/loader.c| 32
> 2 files changed, 51 insertions(+)
>
> diff --git a/include/hw/loader.h b/include/hw/loader.h
> index e98b84b8f9..5235f119a3 100644
> --- a/include/hw/loader.h
> +++ b/include/hw/loader.h
> @@ -225,6 +225,25 @@ int rom_check_and_register_reset(void);
> void rom_set_fw(FWCfgState *f);
> void rom_set_order_override(int order);
> void rom_reset_order_override(void);
> +
> +/**
> + * rom_transaction_begin:
> + *
> + * Call this before of a series of rom_add_*() calls. Call
> + * rom_transaction_end() afterwards to commit or abort. These functions are
> + * useful for undoing a series of rom_add_*() calls if image file loading
> fails
> + * partway through.
> + */
> +void rom_transaction_begin(void);
> +
> +/**
> + * rom_transaction_end:
> + * @commit: true to commit added roms, false to drop added roms
> + *
> + * Call this after a series of rom_add_*() calls. See
> rom_transaction_begin().
> + */
> +void rom_transaction_end(bool commit);
> +
> int rom_copy(uint8_t *dest, hwaddr addr, size_t size);
> void *rom_ptr(hwaddr addr, size_t size);
> void hmp_info_roms(Monitor *mon, const QDict *qdict);
> diff --git a/hw/core/loader.c b/hw/core/loader.c
> index 0c72e7c05a..612420b870 100644
> --- a/hw/core/loader.c
> +++ b/hw/core/loader.c
> @@ -840,6 +840,8 @@ struct Rom {
> char *fw_dir;
> char *fw_file;
>
> +bool committed;
> +
> hwaddr addr;
> QTAILQ_ENTRY(Rom) next;
> };
> @@ -877,6 +879,8 @@ static void rom_insert(Rom *rom)
> rom->as = _space_memory;
> }
>
> +rom->committed = false;
> +
> /* List is ordered by load address in the same address space */
> QTAILQ_FOREACH(item, , next) {
> if (rom_order_compare(rom, item)) {
> @@ -1168,6 +1172,34 @@ void rom_reset_order_override(void)
> fw_cfg_reset_order_override(fw_cfg);
> }
>
> +void rom_transaction_begin(void)
> +{
> +Rom *rom;
> +
> +/* Ignore ROMs added without the transaction API */
> +QTAILQ_FOREACH(rom, , next) {
> +rom->committed = true;
> +}
> +}
> +
> +void rom_transaction_end(bool commit)
> +{
> +Rom *rom;
> +Rom *tmp;
> +
> +QTAILQ_FOREACH_SAFE(rom, , next, tmp) {
> +if (rom->committed) {
> +continue;
> +}
> +if (commit) {
> +rom->committed = true;
> +} else {
> +QTAILQ_REMOVE(, rom, next);
> +rom_free(rom);
> +}
> +}
> +}
> +
> static Rom *find_rom(hwaddr addr, size_t size)
> {
> Rom *rom;
> --
> 2.17.1
>
>
[Qemu-devel] [PULL 36/45] target/arm: Provide accessor functions for HCR_EL2.{IMO, FMO, AMO}
The IMO, FMO and AMO bits in HCR_EL2 are defined to "behave as
1 for all purposes other than direct reads" if HCR_EL2.TGE
is set and HCR_EL2.E2H is 0, and to "behave as 0 for all
purposes other than direct reads" if HCR_EL2.TGE is set
and HRC_EL2.E2H is 1.
To avoid having to check E2H and TGE everywhere where we test IMO and
FMO, provide accessors arm_hcr_el2_imo(), arm_hcr_el2_fmo()and
arm_hcr_el2_amo(). We don't implement ARMv8.1-VHE yet, so the E2H
case will never be true, but we include the logic to save effort when
we eventually do get to that.
(Note that in several of these callsites the change doesn't
actually make a difference as either the callsite is handling
TGE specially anyway, or the CPU can't get into that situation
with TGE set; we change everywhere for consistency.)
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20180724115950.17316-5-peter.mayd...@linaro.org
---
target/arm/cpu.h | 64 +++
hw/intc/arm_gicv3_cpuif.c | 19 ++--
target/arm/helper.c | 6 ++--
3 files changed, 71 insertions(+), 18 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index efb2a8d3f3d..4289c33ef4c 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1229,6 +1229,12 @@ static inline void xpsr_write(CPUARMState *env, uint32_t
val, uint32_t mask)
#define HCR_RW(1ULL << 31)
#define HCR_CD(1ULL << 32)
#define HCR_ID(1ULL << 33)
+#define HCR_E2H (1ULL << 34)
+/*
+ * When we actually implement ARMv8.1-VHE we should add HCR_E2H to
+ * HCR_MASK and then clear it again if the feature bit is not set in
+ * hcr_write().
+ */
#define HCR_MASK ((1ULL << 34) - 1)
#define SCR_NS(1U << 0)
@@ -2234,6 +2240,54 @@ bool write_cpustate_to_list(ARMCPU *cpu);
# define TARGET_VIRT_ADDR_SPACE_BITS 32
#endif
+/**
+ * arm_hcr_el2_imo(): Return the effective value of HCR_EL2.IMO.
+ * Depending on the values of HCR_EL2.E2H and TGE, this may be
+ * "behaves as 1 for all purposes other than direct read/write" or
+ * "behaves as 0 for all purposes other than direct read/write"
+ */
+static inline bool arm_hcr_el2_imo(CPUARMState *env)
+{
+switch (env->cp15.hcr_el2 & (HCR_TGE | HCR_E2H)) {
+case HCR_TGE:
+return true;
+case HCR_TGE | HCR_E2H:
+return false;
+default:
+return env->cp15.hcr_el2 & HCR_IMO;
+}
+}
+
+/**
+ * arm_hcr_el2_fmo(): Return the effective value of HCR_EL2.FMO.
+ */
+static inline bool arm_hcr_el2_fmo(CPUARMState *env)
+{
+switch (env->cp15.hcr_el2 & (HCR_TGE | HCR_E2H)) {
+case HCR_TGE:
+return true;
+case HCR_TGE | HCR_E2H:
+return false;
+default:
+return env->cp15.hcr_el2 & HCR_FMO;
+}
+}
+
+/**
+ * arm_hcr_el2_amo(): Return the effective value of HCR_EL2.AMO.
+ */
+static inline bool arm_hcr_el2_amo(CPUARMState *env)
+{
+switch (env->cp15.hcr_el2 & (HCR_TGE | HCR_E2H)) {
+case HCR_TGE:
+return true;
+case HCR_TGE | HCR_E2H:
+return false;
+default:
+return env->cp15.hcr_el2 & HCR_AMO;
+}
+}
+
static inline bool arm_excp_unmasked(CPUState *cs, unsigned int excp_idx,
unsigned int target_el)
{
@@ -2261,15 +2315,13 @@ static inline bool arm_excp_unmasked(CPUState *cs,
unsigned int excp_idx,
break;
case EXCP_VFIQ:
-if (secure || !(env->cp15.hcr_el2 & HCR_FMO)
-|| (env->cp15.hcr_el2 & HCR_TGE)) {
+if (secure || !arm_hcr_el2_fmo(env) || (env->cp15.hcr_el2 & HCR_TGE)) {
/* VFIQs are only taken when hypervized and non-secure. */
return false;
}
return !(env->daif & PSTATE_F);
case EXCP_VIRQ:
-if (secure || !(env->cp15.hcr_el2 & HCR_IMO)
-|| (env->cp15.hcr_el2 & HCR_TGE)) {
+if (secure || !arm_hcr_el2_imo(env) || (env->cp15.hcr_el2 & HCR_TGE)) {
/* VIRQs are only taken when hypervized and non-secure. */
return false;
}
@@ -2308,7 +2360,7 @@ static inline bool arm_excp_unmasked(CPUState *cs,
unsigned int excp_idx,
* to the CPSR.F setting otherwise we further assess the state
* below.
*/
-hcr = (env->cp15.hcr_el2 & HCR_FMO);
+hcr = arm_hcr_el2_fmo(env);
scr = (env->cp15.scr_el3 & SCR_FIQ);
/* When EL3 is 32-bit, the SCR.FW bit controls whether the
@@ -2325,7 +2377,7 @@ static inline bool arm_excp_unmasked(CPUState *cs,
unsigned int excp_idx,
* when setting the target EL, so it does not have a further
* affect here.
*/
-hcr = (env->cp15.hcr_el2 & HCR_IMO);
+hcr = arm_hcr_el2_imo(env);
scr = false;
break;
default:
diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
index
Re: [Qemu-devel] [PATCH v4 00/14] fp-test + hardfloat
On Tue, Aug 14, 2018 at 11:17:03 +0100, Alex Bennée wrote: > Emilio G. Cota writes: > > Would be great to get this in for 3.1. > > I would like this merged by 3.1 as well. However I think there is still > some work to be done on the testing side. IIRC the fptest case works > with whitelists and I'd like to understand more about why we can't use > the whole test corpus? Is it testing features we don't have on all > architectures or just because it wouldn't pass because of holes in our > current softfloat? Some test patterns are just strange. For instance: d64+ =0 -1e-398 +0e-398 -> -1e-398 I think the IBM implementation uses 128 bits and then truncates to whatever precision is required (64b in this case), so those tests might make sense then. But for us, those tests don't make any sense. The use of whitelists is a temporary workaround to avoid those weird test patterns. The right fix is to keep our own set of test patterns, without needing whitelisting. BTW with this patchset we use 76572 out of 130471 test patterns, which isn't bad at all. The whitelist is currently only 2% of the 130K. > Our experience of SVE has shown that despite the fairly extensive > testing we did there are still a bunch of corner cases we missed. > Hopefully the last few patches have fixed that but I guess it pays to be > exhaustive. Agreed. That's why I wrote fp-test (and BTW found a bug in softfloat thanks to it.) > We now have the check-tcg infrastructure in place so it would be nice to > have proper native tests in place for each architecture. My experience > of the fcvt.c test case however is you end up using inline assembler to > ensure you exercise the right guest opcodes which makes it hard to > generalise for lots of architectures. I think testing using assembly is necessary, but not sufficient. That's why having tests that test the FP primitives directly (like fp-test does with `-t soft`) is valuable, since you can trivially exercise corner cases. Then you have to test that the ISA's decoder does the right thing, but that's a separate test. > I had written a bunch of patches > against the fptest to get it built under check-tcg but it was painful: > > * needed a lot of boilerplate for each new operation That depends on the op. If you want to test anything other than 32/64b ops, then yes, you need to add some boilerplate. But otherwise it is quite simple, for instance see patch 2. > * a bit hacky to build as unit test and as tcg test It's not clear to me what the value as a TCG test is; each ISA would have its own set of test patterns (and this set is distinct from the test patterns we're using here, since those are only a subset of the 754 standard). So, my proposal for a v5: - Commit the test files we need, instead of downloading them from the web. No whitelisting/exceptions except for tininess detection, which is necessary. - fp-test is added to make test. This is a unit test of softfloat, not a TCG unit test. - We defer TCG unit tests of FP to a later time. How does that sound? Emilio
[Qemu-devel] [PULL 33/45] target/arm: Mask virtual interrupts if HCR_EL2.TGE is set
If the "trap general exceptions" bit HCR_EL2.TGE is set, we
must mask all virtual interrupts (as per DDI0487C.a D1.14.3).
Implement this in arm_excp_unmasked().
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20180724115950.17316-2-peter.mayd...@linaro.org
---
target/arm/cpu.h | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index e310ffc29d2..efb2a8d3f3d 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -2261,13 +2261,15 @@ static inline bool arm_excp_unmasked(CPUState *cs,
unsigned int excp_idx,
break;
case EXCP_VFIQ:
-if (secure || !(env->cp15.hcr_el2 & HCR_FMO)) {
+if (secure || !(env->cp15.hcr_el2 & HCR_FMO)
+|| (env->cp15.hcr_el2 & HCR_TGE)) {
/* VFIQs are only taken when hypervized and non-secure. */
return false;
}
return !(env->daif & PSTATE_F);
case EXCP_VIRQ:
-if (secure || !(env->cp15.hcr_el2 & HCR_IMO)) {
+if (secure || !(env->cp15.hcr_el2 & HCR_IMO)
+|| (env->cp15.hcr_el2 & HCR_TGE)) {
/* VIRQs are only taken when hypervized and non-secure. */
return false;
}
--
2.18.0
[Qemu-devel] [Bug 1787002] [NEW] disas/i386.c compile error
Public bug reported:
QEMU Version: 2.12.1, 3.0.0-rc4
Compiling with GCC 8.2.0
System: Plop Linux, 32 bit
Error:
CC disas/i386.o
/tmp/ccK8tHRs.s: Assembler messages:
/tmp/ccK8tHRs.s:53353: Error: can't resolve `L0' {*ABS* section} - `obuf'
{.bss section}
The problematic line is in 'disas/i386.c' in the function 'INVLPG_Fixup (int
bytemode, int sizeflag)':
strcpy (obuf + strlen (obuf) - 6, alt);
If I comment out this line, then compiling works without problems.
The error comes only on 32 bit. On 64 bit, compiling works without problems.
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1787002
Title:
disas/i386.c compile error
Status in QEMU:
New
Bug description:
QEMU Version: 2.12.1, 3.0.0-rc4
Compiling with GCC 8.2.0
System: Plop Linux, 32 bit
Error:
CC disas/i386.o
/tmp/ccK8tHRs.s: Assembler messages:
/tmp/ccK8tHRs.s:53353: Error: can't resolve `L0' {*ABS* section} - `obuf'
{.bss section}
The problematic line is in 'disas/i386.c' in the function 'INVLPG_Fixup (int
bytemode, int sizeflag)':
strcpy (obuf + strlen (obuf) - 6, alt);
If I comment out this line, then compiling works without problems.
The error comes only on 32 bit. On 64 bit, compiling works without problems.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1787002/+subscriptions
[Qemu-devel] [PULL 32/45] arm: Fix return code of arm_load_elf
From: Adam Lackorzynski
Use an int64_t as a return type to restore
the negative check for arm_load_as.
Signed-off-by: Adam Lackorzynski
Message-id: 20180730173712.gg4...@os.inf.tu-dresden.de
Reviewed-by: Peter Maydell
Signed-off-by: Peter Maydell
---
hw/arm/boot.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index e09201cc97c..ca9467e583f 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -818,9 +818,9 @@ static int do_arm_linux_init(Object *obj, void *opaque)
return 0;
}
-static uint64_t arm_load_elf(struct arm_boot_info *info, uint64_t *pentry,
- uint64_t *lowaddr, uint64_t *highaddr,
- int elf_machine, AddressSpace *as)
+static int64_t arm_load_elf(struct arm_boot_info *info, uint64_t *pentry,
+uint64_t *lowaddr, uint64_t *highaddr,
+int elf_machine, AddressSpace *as)
{
bool elf_is64;
union {
@@ -829,7 +829,7 @@ static uint64_t arm_load_elf(struct arm_boot_info *info,
uint64_t *pentry,
} elf_header;
int data_swab = 0;
bool big_endian;
-uint64_t ret = -1;
+int64_t ret = -1;
Error *err = NULL;
--
2.18.0
[Qemu-devel] [PULL 45/45] target/arm: Fix typo in helper_sve_movz_d
From: Richard Henderson
Reported-by: Laurent Desnogues
Signed-off-by: Richard Henderson
Reviewed-by: Laurent Desnogues
Reviewed-by: Alex Bennée
Reviewed-by: Philippe Mathieu-Daudé
Tested-by: Alex Bennée
Tested-by: Laurent Desnogues
Message-id: 20180801123111.3595-5-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
---
target/arm/sve_helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c
index 87594a8adb4..c3cbec9cf5f 100644
--- a/target/arm/sve_helper.c
+++ b/target/arm/sve_helper.c
@@ -1042,7 +1042,7 @@ void HELPER(sve_movz_d)(void *vd, void *vn, void *vg,
uint32_t desc)
uint64_t *d = vd, *n = vn;
uint8_t *pg = vg;
for (i = 0; i < opr_sz; i += 1) {
-d[i] = n[1] & -(uint64_t)(pg[H1(i)] & 1);
+d[i] = n[i] & -(uint64_t)(pg[H1(i)] & 1);
}
}
--
2.18.0
[Qemu-devel] [PULL 31/45] arm/virt: Add support for GICv2 virtualization extensions
From: Luc Michel
Add support for GICv2 virtualization extensions by mapping the necessary
I/O regions and connecting the maintenance IRQ lines.
Declare those additions in the device tree and in the ACPI tables.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-21-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
include/hw/arm/virt.h| 4 +++-
hw/arm/virt-acpi-build.c | 6 +++--
hw/arm/virt.c| 52 +---
3 files changed, 50 insertions(+), 12 deletions(-)
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
index 9a870ccb6a5..4cc57a7ef62 100644
--- a/include/hw/arm/virt.h
+++ b/include/hw/arm/virt.h
@@ -42,7 +42,7 @@
#define NUM_VIRTIO_TRANSPORTS 32
#define NUM_SMMU_IRQS 4
-#define ARCH_GICV3_MAINT_IRQ 9
+#define ARCH_GIC_MAINT_IRQ 9
#define ARCH_TIMER_VIRT_IRQ 11
#define ARCH_TIMER_S_EL1_IRQ 13
@@ -60,6 +60,8 @@ enum {
VIRT_GIC_DIST,
VIRT_GIC_CPU,
VIRT_GIC_V2M,
+VIRT_GIC_HYP,
+VIRT_GIC_VCPU,
VIRT_GIC_ITS,
VIRT_GIC_REDIST,
VIRT_GIC_REDIST2,
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index 6ea47e25883..ce31abd62c2 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -659,6 +659,8 @@ build_madt(GArray *table_data, BIOSLinker *linker,
VirtMachineState *vms)
gicc->length = sizeof(*gicc);
if (vms->gic_version == 2) {
gicc->base_address = cpu_to_le64(memmap[VIRT_GIC_CPU].base);
+gicc->gich_base_address = cpu_to_le64(memmap[VIRT_GIC_HYP].base);
+gicc->gicv_base_address = cpu_to_le64(memmap[VIRT_GIC_VCPU].base);
}
gicc->cpu_interface_number = cpu_to_le32(i);
gicc->arm_mpidr = cpu_to_le64(armcpu->mp_affinity);
@@ -668,8 +670,8 @@ build_madt(GArray *table_data, BIOSLinker *linker,
VirtMachineState *vms)
if (arm_feature(>env, ARM_FEATURE_PMU)) {
gicc->performance_interrupt = cpu_to_le32(PPI(VIRTUAL_PMU_IRQ));
}
-if (vms->virt && vms->gic_version == 3) {
-gicc->vgic_interrupt = cpu_to_le32(PPI(ARCH_GICV3_MAINT_IRQ));
+if (vms->virt) {
+gicc->vgic_interrupt = cpu_to_le32(PPI(ARCH_GIC_MAINT_IRQ));
}
}
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 281ddcdf6e2..0807be985c0 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -131,6 +131,8 @@ static const MemMapEntry a15memmap[] = {
[VIRT_GIC_DIST] = { 0x0800, 0x0001 },
[VIRT_GIC_CPU] ={ 0x0801, 0x0001 },
[VIRT_GIC_V2M] ={ 0x0802, 0x1000 },
+[VIRT_GIC_HYP] ={ 0x0803, 0x0001 },
+[VIRT_GIC_VCPU] = { 0x0804, 0x0001 },
/* The space in between here is reserved for GICv3 CPU/vCPU/HYP */
[VIRT_GIC_ITS] ={ 0x0808, 0x0002 },
/* This redistributor space allows up to 2*64kB*123 CPUs */
@@ -440,18 +442,33 @@ static void fdt_add_gic_node(VirtMachineState *vms)
if (vms->virt) {
qemu_fdt_setprop_cells(vms->fdt, nodename, "interrupts",
- GIC_FDT_IRQ_TYPE_PPI, ARCH_GICV3_MAINT_IRQ,
+ GIC_FDT_IRQ_TYPE_PPI, ARCH_GIC_MAINT_IRQ,
GIC_FDT_IRQ_FLAGS_LEVEL_HI);
}
} else {
/* 'cortex-a15-gic' means 'GIC v2' */
qemu_fdt_setprop_string(vms->fdt, nodename, "compatible",
"arm,cortex-a15-gic");
-qemu_fdt_setprop_sized_cells(vms->fdt, nodename, "reg",
- 2, vms->memmap[VIRT_GIC_DIST].base,
- 2, vms->memmap[VIRT_GIC_DIST].size,
- 2, vms->memmap[VIRT_GIC_CPU].base,
- 2, vms->memmap[VIRT_GIC_CPU].size);
+if (!vms->virt) {
+qemu_fdt_setprop_sized_cells(vms->fdt, nodename, "reg",
+ 2, vms->memmap[VIRT_GIC_DIST].base,
+ 2, vms->memmap[VIRT_GIC_DIST].size,
+ 2, vms->memmap[VIRT_GIC_CPU].base,
+ 2, vms->memmap[VIRT_GIC_CPU].size);
+} else {
+qemu_fdt_setprop_sized_cells(vms->fdt, nodename, "reg",
+ 2, vms->memmap[VIRT_GIC_DIST].base,
+ 2, vms->memmap[VIRT_GIC_DIST].size,
+ 2, vms->memmap[VIRT_GIC_CPU].base,
+ 2, vms->memmap[VIRT_GIC_CPU].size,
+ 2, vms->memmap[VIRT_GIC_HYP].base,
+ 2, vms->memmap[VIRT_GIC_HYP].size,
+ 2, vms->memmap[VIRT_GIC_VCPU].base,
+
[Qemu-devel] [PULL 43/45] target/arm: Fix typo in do_sat_addsub_64
From: Richard Henderson Used the wrong temporary in the computation of subtractive overflow. Reported-by: Laurent Desnogues Signed-off-by: Richard Henderson Reviewed-by: Laurent Desnogues Tested-by: Alex Bennée Tested-by: Laurent Desnogues Message-id: 20180801123111.3595-3-richard.hender...@linaro.org Signed-off-by: Peter Maydell --- target/arm/translate-sve.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/arm/translate-sve.c b/target/arm/translate-sve.c index 374051cd20a..9dd4c38bab7 100644 --- a/target/arm/translate-sve.c +++ b/target/arm/translate-sve.c @@ -1625,7 +1625,7 @@ static void do_sat_addsub_64(TCGv_i64 reg, TCGv_i64 val, bool u, bool d) /* Detect signed overflow for subtraction. */ tcg_gen_xor_i64(t0, reg, val); tcg_gen_sub_i64(t1, reg, val); -tcg_gen_xor_i64(reg, reg, t0); +tcg_gen_xor_i64(reg, reg, t1); tcg_gen_and_i64(t0, t0, reg); /* Bound the result. */ -- 2.18.0
[Qemu-devel] [PULL 29/45] intc/arm_gic: Improve traces
From: Luc Michel
Add some traces to the ARM GIC to catch register accesses (distributor,
(v)cpu interface and virtual interface), and to take into account
virtualization extensions (print `vcpu` instead of `cpu` when needed).
Also add some virtualization extensions specific traces: LR updating
and maintenance IRQ generation.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-19-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c| 31 +--
hw/intc/trace-events | 12 ++--
2 files changed, 35 insertions(+), 8 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 6ff7da3e5d3..c1b35fc1ee2 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -184,8 +184,10 @@ static inline void gic_update_internal(GICState *s, bool
virt)
}
if (best_irq != 1023) {
-trace_gic_update_bestirq(cpu, best_irq, best_prio,
-s->priority_mask[cpu_iface], s->running_priority[cpu_iface]);
+trace_gic_update_bestirq(virt ? "vcpu" : "cpu", cpu,
+ best_irq, best_prio,
+ s->priority_mask[cpu_iface],
+ s->running_priority[cpu_iface]);
}
irq_level = fiq_level = 0;
@@ -332,6 +334,7 @@ static void gic_update_maintenance(GICState *s)
gic_compute_misr(s, cpu);
maint_level = (s->h_hcr[cpu] & R_GICH_HCR_EN_MASK) && s->h_misr[cpu];
+trace_gic_update_maintenance_irq(cpu, maint_level);
qemu_set_irq(s->maintenance_irq[cpu], maint_level);
}
}
@@ -597,7 +600,8 @@ uint32_t gic_acknowledge_irq(GICState *s, int cpu,
MemTxAttrs attrs)
* is in the wrong group.
*/
irq = gic_get_current_pending_irq(s, cpu, attrs);
-trace_gic_acknowledge_irq(gic_get_vcpu_real_id(cpu), irq);
+trace_gic_acknowledge_irq(gic_is_vcpu(cpu) ? "vcpu" : "cpu",
+ gic_get_vcpu_real_id(cpu), irq);
if (irq >= GIC_MAXIRQ) {
DPRINTF("ACK, no pending interrupt or it is hidden: %d\n", irq);
@@ -1130,20 +1134,23 @@ static MemTxResult gic_dist_read(void *opaque, hwaddr
offset, uint64_t *data,
switch (size) {
case 1:
*data = gic_dist_readb(opaque, offset, attrs);
-return MEMTX_OK;
+break;
case 2:
*data = gic_dist_readb(opaque, offset, attrs);
*data |= gic_dist_readb(opaque, offset + 1, attrs) << 8;
-return MEMTX_OK;
+break;
case 4:
*data = gic_dist_readb(opaque, offset, attrs);
*data |= gic_dist_readb(opaque, offset + 1, attrs) << 8;
*data |= gic_dist_readb(opaque, offset + 2, attrs) << 16;
*data |= gic_dist_readb(opaque, offset + 3, attrs) << 24;
-return MEMTX_OK;
+break;
default:
return MEMTX_ERROR;
}
+
+trace_gic_dist_read(offset, size, *data);
+return MEMTX_OK;
}
static void gic_dist_writeb(void *opaque, hwaddr offset,
@@ -1482,6 +1489,8 @@ static void gic_dist_writel(void *opaque, hwaddr offset,
static MemTxResult gic_dist_write(void *opaque, hwaddr offset, uint64_t data,
unsigned size, MemTxAttrs attrs)
{
+trace_gic_dist_write(offset, size, data);
+
switch (size) {
case 1:
gic_dist_writeb(opaque, offset, data, attrs);
@@ -1638,12 +1647,18 @@ static MemTxResult gic_cpu_read(GICState *s, int cpu,
int offset,
*data = 0;
break;
}
+
+trace_gic_cpu_read(gic_is_vcpu(cpu) ? "vcpu" : "cpu",
+ gic_get_vcpu_real_id(cpu), offset, *data);
return MEMTX_OK;
}
static MemTxResult gic_cpu_write(GICState *s, int cpu, int offset,
uint32_t value, MemTxAttrs attrs)
{
+trace_gic_cpu_write(gic_is_vcpu(cpu) ? "vcpu" : "cpu",
+gic_get_vcpu_real_id(cpu), offset, value);
+
switch (offset) {
case 0x00: /* Control */
gic_set_cpu_control(s, cpu, value, attrs);
@@ -1894,6 +1909,7 @@ static MemTxResult gic_hyp_read(void *opaque, int cpu,
hwaddr addr,
return MEMTX_OK;
}
+trace_gic_hyp_read(addr, *data);
return MEMTX_OK;
}
@@ -1903,6 +1919,8 @@ static MemTxResult gic_hyp_write(void *opaque, int cpu,
hwaddr addr,
GICState *s = ARM_GIC(opaque);
int vcpu = cpu + GIC_NCPU;
+trace_gic_hyp_write(addr, value);
+
switch (addr) {
case A_GICH_HCR: /* Hypervisor Control */
s->h_hcr[cpu] = value & GICH_HCR_MASK;
@@ -1926,6 +1944,7 @@ static MemTxResult gic_hyp_write(void *opaque, int cpu,
hwaddr addr,
}
s->h_lr[lr_idx][cpu] = value & GICH_LR_MASK;
+trace_gic_lr_entry(cpu, lr_idx, s->h_lr[lr_idx][cpu]);
break;
}
diff --git a/hw/intc/trace-events b/hw/intc/trace-events
index 5fb18e65c97..81c7c399f7d 100644
---
[Qemu-devel] [PULL 38/45] target/arm: Improve exception-taken logging
Improve the exception-taken logging by logging in
v7m_exception_taken() the exception we're going to take
and whether it is secure/nonsecure.
This requires us to move logging at many callsites from after the
call to before it, so that the logging appears in a sensible order.
(This will make tail-chaining produce more useful logs; for the
current callers of v7m_exception_taken() we know which exception
we're going to take, so custom log messages at the callsite sufficed;
for tail-chaining only v7m_exception_taken() knows the exception
number that we're going to tail-chain to.)
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Reviewed-by: Philippe Mathieu-Daudé
Message-id: 20180720145647.8810-2-peter.mayd...@linaro.org
---
target/arm/helper.c | 17 +++--
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 62f63e4e5b9..1b60c8d66c9 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -6840,6 +6840,8 @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr,
bool dotailchain,
bool push_failed = false;
armv7m_nvic_get_pending_irq_info(env->nvic, , _secure);
+qemu_log_mask(CPU_LOG_INT, "...taking pending %s exception %d\n",
+ targets_secure ? "secure" : "nonsecure", exc);
if (arm_feature(env, ARM_FEATURE_V8)) {
if (arm_feature(env, ARM_FEATURE_M_SECURITY) &&
@@ -6913,12 +6915,15 @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t
lr, bool dotailchain,
* we might now want to take a different exception which
* targets a different security state, so try again from the top.
*/
+qemu_log_mask(CPU_LOG_INT,
+ "...derived exception on callee-saves register
stacking");
v7m_exception_taken(cpu, lr, true, true);
return;
}
if (!arm_v7m_load_vector(cpu, exc, targets_secure, )) {
/* Vector load failed: derived exception */
+qemu_log_mask(CPU_LOG_INT, "...derived exception on vector table
load");
v7m_exception_taken(cpu, lr, true, true);
return;
}
@@ -7129,9 +7134,9 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
if (sfault) {
env->v7m.sfsr |= R_V7M_SFSR_INVER_MASK;
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SECURE, false);
-v7m_exception_taken(cpu, excret, true, false);
qemu_log_mask(CPU_LOG_INT, "...taking SecureFault on existing "
"stackframe: failed EXC_RETURN.ES validity check\n");
+v7m_exception_taken(cpu, excret, true, false);
return;
}
@@ -7141,9 +7146,9 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
*/
env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_INVPC_MASK;
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, env->v7m.secure);
-v7m_exception_taken(cpu, excret, true, false);
qemu_log_mask(CPU_LOG_INT, "...taking UsageFault on existing "
"stackframe: failed exception return integrity check\n");
+v7m_exception_taken(cpu, excret, true, false);
return;
}
@@ -7198,10 +7203,10 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
/* Take a SecureFault on the current stack */
env->v7m.sfsr |= R_V7M_SFSR_INVIS_MASK;
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SECURE, false);
-v7m_exception_taken(cpu, excret, true, false);
qemu_log_mask(CPU_LOG_INT, "...taking SecureFault on existing "
"stackframe: failed exception return integrity "
"signature check\n");
+v7m_exception_taken(cpu, excret, true, false);
return;
}
@@ -7234,6 +7239,7 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
/* v7m_stack_read() pended a fault, so take it (as a tail
* chained exception on the same stack frame)
*/
+qemu_log_mask(CPU_LOG_INT, "...derived exception on unstacking\n");
v7m_exception_taken(cpu, excret, true, false);
return;
}
@@ -7270,10 +7276,10 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE,
env->v7m.secure);
env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_INVPC_MASK;
-v7m_exception_taken(cpu, excret, true, false);
qemu_log_mask(CPU_LOG_INT, "...taking UsageFault on existing "
"stackframe: failed exception return integrity "
"check\n");
+v7m_exception_taken(cpu, excret, true, false);
return;
}
}
@@ -7309,9 +7315,9 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE,
[Qemu-devel] [PULL 35/45] target/arm: Honour HCR_EL2.TGE when raising synchronous exceptions
Whene we raise a synchronous exception, if HCR_EL2.TGE is set then
exceptions targeting NS EL1 must be redirected to EL2. Implement
this in raise_exception() -- all synchronous exceptions go through
this function.
(Asynchronous exceptions go via arm_cpu_exec_interrupt(), which
already honours HCR_EL2.TGE when it determines the target EL
in arm_phys_excp_target_el().)
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20180724115950.17316-4-peter.mayd...@linaro.org
---
target/arm/op_helper.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index f728f25e4bf..d550978b5b9 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -33,6 +33,20 @@ static void raise_exception(CPUARMState *env, uint32_t excp,
{
CPUState *cs = CPU(arm_env_get_cpu(env));
+if ((env->cp15.hcr_el2 & HCR_TGE) &&
+target_el == 1 && !arm_is_secure(env)) {
+/*
+ * Redirect NS EL1 exceptions to NS EL2. These are reported with
+ * their original syndrome register value, with the exception of
+ * SIMD/FP access traps, which are reported as uncategorized
+ * (see DDI0478C.a D1.10.4)
+ */
+target_el = 2;
+if (syndrome >> ARM_EL_EC_SHIFT == EC_ADVSIMDFPACCESSTRAP) {
+syndrome = syn_uncategorized();
+}
+}
+
assert(!excp_is_internal(excp));
cs->exception_index = excp;
env->exception.syndrome = syndrome;
--
2.18.0
Re: [Qemu-devel] [PATCH v3 5/5] qmp: add pmemload command
On Tue, Aug 14, 2018 at 05:49:12PM +0200, Markus Armbruster wrote: >> On Fri, Aug 10, 2018 at 11:36:51AM +0100, Dr. David Alan Gilbert wrote: --- a/hmp-commands.hx +++ b/hmp-commands.hx > > Subject claims "qmp: add", but the patch also adds to hmp. Recommend to > split the patch into QMP and HMP part. Hello, Sure, I can do that. >> qapi/misc.json seems to always use 'int' for integer types. Is >> this value large enough on 64-bit architectures? > > Yes. QAPI's int translates to int64_t. Thanks. >> Just curious, what is the difference between 's' and 'F'. Is that >> only for documentation purposes (and maybe tab completion) or is >> the usage different? I noticed existing code uses qdict_get_str() >> for both 's' and 'F'. > > The main behavioral difference is completion. Good to know, thanks. > I recommend to start with the QMP interface. Parameters are unordered > there. memsave and pmemsave both take mandatory @val, @size, @filename. > memsave additionally takes optional @cpu-index. Yes. > Your pmemload has pmemsave's arguments plus and mandatory @offset. > Rationale for adding @offset? You may have answered this question > already; pointer to that answer would be fine. My initial patch didn't have the offset. It was suggested by Eric Blake in <0a960aa8-2a3f-8667-3d46-cecf8e65e...@redhat.com>: On Tue, Apr 10, 2018 at 04:33:03PM -0500, Eric Blake wrote: > Do you additionally need an offset where to start reading from within > the file (that is, since you already have the 'size' parameter to avoid > reading the entire file, and the 'val' parameter to target anywhere in > physical memory, how do I start reading anywhere from the file)? It sounded useful to me so I added it. > Once we got the QMP interface nailed down, we can move to the HMP > interface. Good point. > These two should become a separate bug fix patch. The bug being fixed > is completion. Sure, they are in separate patches. Just wanted to show the general changes I applied from the reviews. Thanks for the review. Regards Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9 signature.asc Description: PGP signature
[Qemu-devel] [PULL 30/45] xlnx-zynqmp: Improve GIC wiring and MMIO mapping
From: Luc Michel
This commit improve the way the GIC is realized and connected in the
ZynqMP SoC. The security extensions are enabled only if requested in the
machine state. The same goes for the virtualization extensions.
All the GIC to APU CPU(s) IRQ lines are now connected, including FIQ,
vIRQ and vFIQ. The missing CPU to GIC timers IRQ connections are also
added (HYP and SEC timers).
The GIC maintenance IRQs are back-wired to the correct GIC PPIs.
Finally, the MMIO mappings are reworked to take into account the ZynqMP
specifics. The GIC (v)CPU interface is aliased 16 times:
* for the first 0x1000 bytes from 0xf901 to 0xf901f000
* for the second 0x1000 bytes from 0xf902 to 0xf902f000
Mappings of the virtual interface and virtual CPU interface are mapped
only when virtualization extensions are requested. The
XlnxZynqMPGICRegion struct has been enhanced to be able to catch all
this information.
Signed-off-by: Luc Michel
Reviewed-by: Edgar E. Iglesias
Message-id: 20180727095421.386-20-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
include/hw/arm/xlnx-zynqmp.h | 4 +-
hw/arm/xlnx-zynqmp.c | 92
2 files changed, 86 insertions(+), 10 deletions(-)
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
index 82b6ec2486b..98f925ab84a 100644
--- a/include/hw/arm/xlnx-zynqmp.h
+++ b/include/hw/arm/xlnx-zynqmp.h
@@ -53,7 +53,7 @@
#define XLNX_ZYNQMP_OCM_RAM_0_ADDRESS 0xFFFC
#define XLNX_ZYNQMP_OCM_RAM_SIZE 0x1
-#define XLNX_ZYNQMP_GIC_REGIONS 2
+#define XLNX_ZYNQMP_GIC_REGIONS 6
/* ZynqMP maps the ARM GIC regions (GICC, GICD ...) at consecutive 64k offsets
* and under-decodes the 64k region. This mirrors the 4k regions to every 4k
@@ -62,7 +62,7 @@
*/
#define XLNX_ZYNQMP_GIC_REGION_SIZE 0x1000
-#define XLNX_ZYNQMP_GIC_ALIASES (0x1 / XLNX_ZYNQMP_GIC_REGION_SIZE - 1)
+#define XLNX_ZYNQMP_GIC_ALIASES (0x1 / XLNX_ZYNQMP_GIC_REGION_SIZE)
#define XLNX_ZYNQMP_MAX_LOW_RAM_SIZE0x8000ull
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
index 8de4868eb95..c1950403505 100644
--- a/hw/arm/xlnx-zynqmp.c
+++ b/hw/arm/xlnx-zynqmp.c
@@ -29,12 +29,17 @@
#define ARM_PHYS_TIMER_PPI 30
#define ARM_VIRT_TIMER_PPI 27
+#define ARM_HYP_TIMER_PPI 26
+#define ARM_SEC_TIMER_PPI 29
+#define GIC_MAINTENANCE_PPI 25
#define GEM_REVISION0x40070106
#define GIC_BASE_ADDR 0xf900
#define GIC_DIST_ADDR 0xf901
#define GIC_CPU_ADDR0xf902
+#define GIC_VIFACE_ADDR 0xf904
+#define GIC_VCPU_ADDR 0xf906
#define SATA_INTR 133
#define SATA_ADDR 0xFD0C
@@ -111,11 +116,54 @@ static const int adma_ch_intr[XLNX_ZYNQMP_NUM_ADMA_CH] = {
typedef struct XlnxZynqMPGICRegion {
int region_index;
uint32_t address;
+uint32_t offset;
+bool virt;
} XlnxZynqMPGICRegion;
static const XlnxZynqMPGICRegion xlnx_zynqmp_gic_regions[] = {
-{ .region_index = 0, .address = GIC_DIST_ADDR, },
-{ .region_index = 1, .address = GIC_CPU_ADDR, },
+/* Distributor */
+{
+.region_index = 0,
+.address = GIC_DIST_ADDR,
+.offset = 0,
+.virt = false
+},
+
+/* CPU interface */
+{
+.region_index = 1,
+.address = GIC_CPU_ADDR,
+.offset = 0,
+.virt = false
+},
+{
+.region_index = 1,
+.address = GIC_CPU_ADDR + 0x1,
+.offset = 0x1000,
+.virt = false
+},
+
+/* Virtual interface */
+{
+.region_index = 2,
+.address = GIC_VIFACE_ADDR,
+.offset = 0,
+.virt = true
+},
+
+/* Virtual CPU interface */
+{
+.region_index = 3,
+.address = GIC_VCPU_ADDR,
+.offset = 0,
+.virt = true
+},
+{
+.region_index = 3,
+.address = GIC_VCPU_ADDR + 0x1,
+.offset = 0x1000,
+.virt = true
+},
};
static inline int arm_gic_ppi_index(int cpu_nr, int ppi_index)
@@ -281,6 +329,9 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error
**errp)
qdev_prop_set_uint32(DEVICE(>gic), "num-irq", GIC_NUM_SPI_INTR + 32);
qdev_prop_set_uint32(DEVICE(>gic), "revision", 2);
qdev_prop_set_uint32(DEVICE(>gic), "num-cpu", num_apus);
+qdev_prop_set_bit(DEVICE(>gic), "has-security-extensions", s->secure);
+qdev_prop_set_bit(DEVICE(>gic),
+ "has-virtualization-extensions", s->virt);
/* Realize APUs before realizing the GIC. KVM requires this. */
for (i = 0; i < num_apus; i++) {
@@ -325,19 +376,23 @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error
**errp)
for (i = 0; i < XLNX_ZYNQMP_GIC_REGIONS; i++) {
SysBusDevice *gic = SYS_BUS_DEVICE(>gic);
const XlnxZynqMPGICRegion *r = _zynqmp_gic_regions[i];
-MemoryRegion *mr = sysbus_mmio_get_region(gic, r->region_index);
+MemoryRegion *mr;
uint32_t
[Qemu-devel] [PULL 12/45] intc/arm_gic: Refactor operations on the distributor
From: Luc Michel
In preparation for the virtualization extensions implementation,
refactor the name of the functions and macros that act on the GIC
distributor to make that fact explicit. It will be useful to
differentiate them from the ones that will act on the virtual
interfaces.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Sai Pavan Boddu
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-2-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/gic_internal.h | 51 ++--
hw/intc/arm_gic.c| 163 +--
hw/intc/arm_gic_common.c | 6 +-
hw/intc/arm_gic_kvm.c| 23 +++---
4 files changed, 127 insertions(+), 116 deletions(-)
diff --git a/hw/intc/gic_internal.h b/hw/intc/gic_internal.h
index 7fe87b13de0..6f8d242904b 100644
--- a/hw/intc/gic_internal.h
+++ b/hw/intc/gic_internal.h
@@ -27,30 +27,31 @@
#define GIC_BASE_IRQ 0
-#define GIC_SET_ENABLED(irq, cm) s->irq_state[irq].enabled |= (cm)
-#define GIC_CLEAR_ENABLED(irq, cm) s->irq_state[irq].enabled &= ~(cm)
-#define GIC_TEST_ENABLED(irq, cm) ((s->irq_state[irq].enabled & (cm)) != 0)
-#define GIC_SET_PENDING(irq, cm) s->irq_state[irq].pending |= (cm)
-#define GIC_CLEAR_PENDING(irq, cm) s->irq_state[irq].pending &= ~(cm)
-#define GIC_SET_ACTIVE(irq, cm) s->irq_state[irq].active |= (cm)
-#define GIC_CLEAR_ACTIVE(irq, cm) s->irq_state[irq].active &= ~(cm)
-#define GIC_TEST_ACTIVE(irq, cm) ((s->irq_state[irq].active & (cm)) != 0)
-#define GIC_SET_MODEL(irq) s->irq_state[irq].model = true
-#define GIC_CLEAR_MODEL(irq) s->irq_state[irq].model = false
-#define GIC_TEST_MODEL(irq) s->irq_state[irq].model
-#define GIC_SET_LEVEL(irq, cm) s->irq_state[irq].level |= (cm)
-#define GIC_CLEAR_LEVEL(irq, cm) s->irq_state[irq].level &= ~(cm)
-#define GIC_TEST_LEVEL(irq, cm) ((s->irq_state[irq].level & (cm)) != 0)
-#define GIC_SET_EDGE_TRIGGER(irq) s->irq_state[irq].edge_trigger = true
-#define GIC_CLEAR_EDGE_TRIGGER(irq) s->irq_state[irq].edge_trigger = false
-#define GIC_TEST_EDGE_TRIGGER(irq) (s->irq_state[irq].edge_trigger)
-#define GIC_GET_PRIORITY(irq, cpu) (((irq) < GIC_INTERNAL) ?\
+#define GIC_DIST_SET_ENABLED(irq, cm) (s->irq_state[irq].enabled |= (cm))
+#define GIC_DIST_CLEAR_ENABLED(irq, cm) (s->irq_state[irq].enabled &= ~(cm))
+#define GIC_DIST_TEST_ENABLED(irq, cm) ((s->irq_state[irq].enabled & (cm)) !=
0)
+#define GIC_DIST_SET_PENDING(irq, cm) (s->irq_state[irq].pending |= (cm))
+#define GIC_DIST_CLEAR_PENDING(irq, cm) (s->irq_state[irq].pending &= ~(cm))
+#define GIC_DIST_SET_ACTIVE(irq, cm) (s->irq_state[irq].active |= (cm))
+#define GIC_DIST_CLEAR_ACTIVE(irq, cm) (s->irq_state[irq].active &= ~(cm))
+#define GIC_DIST_TEST_ACTIVE(irq, cm) ((s->irq_state[irq].active & (cm)) != 0)
+#define GIC_DIST_SET_MODEL(irq) (s->irq_state[irq].model = true)
+#define GIC_DIST_CLEAR_MODEL(irq) (s->irq_state[irq].model = false)
+#define GIC_DIST_TEST_MODEL(irq) (s->irq_state[irq].model)
+#define GIC_DIST_SET_LEVEL(irq, cm) (s->irq_state[irq].level |= (cm))
+#define GIC_DIST_CLEAR_LEVEL(irq, cm) (s->irq_state[irq].level &= ~(cm))
+#define GIC_DIST_TEST_LEVEL(irq, cm) ((s->irq_state[irq].level & (cm)) != 0)
+#define GIC_DIST_SET_EDGE_TRIGGER(irq) (s->irq_state[irq].edge_trigger = true)
+#define GIC_DIST_CLEAR_EDGE_TRIGGER(irq) \
+(s->irq_state[irq].edge_trigger = false)
+#define GIC_DIST_TEST_EDGE_TRIGGER(irq) (s->irq_state[irq].edge_trigger)
+#define GIC_DIST_GET_PRIORITY(irq, cpu) (((irq) < GIC_INTERNAL) ?\
s->priority1[irq][cpu] :\
s->priority2[(irq) - GIC_INTERNAL])
-#define GIC_TARGET(irq) s->irq_target[irq]
-#define GIC_CLEAR_GROUP(irq, cm) (s->irq_state[irq].group &= ~(cm))
-#define GIC_SET_GROUP(irq, cm) (s->irq_state[irq].group |= (cm))
-#define GIC_TEST_GROUP(irq, cm) ((s->irq_state[irq].group & (cm)) != 0)
+#define GIC_DIST_TARGET(irq) (s->irq_target[irq])
+#define GIC_DIST_CLEAR_GROUP(irq, cm) (s->irq_state[irq].group &= ~(cm))
+#define GIC_DIST_SET_GROUP(irq, cm) (s->irq_state[irq].group |= (cm))
+#define GIC_DIST_TEST_GROUP(irq, cm) ((s->irq_state[irq].group & (cm)) != 0)
#define GICD_CTLR_EN_GRP0 (1U << 0)
#define GICD_CTLR_EN_GRP1 (1U << 1)
@@ -79,8 +80,8 @@ uint32_t gic_acknowledge_irq(GICState *s, int cpu, MemTxAttrs
attrs);
void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs);
void gic_update(GICState *s);
void gic_init_irqs_and_distributor(GICState *s);
-void gic_set_priority(GICState *s, int cpu, int irq, uint8_t val,
- MemTxAttrs attrs);
+void gic_dist_set_priority(GICState *s, int cpu, int irq, uint8_t val,
+ MemTxAttrs attrs);
static inline bool gic_test_pending(GICState *s, int irq, int cm)
{
@@ -93,7 +94,7 @@ static inline bool gic_test_pending(GICState *s, int irq, int
cm)
* GICD_ISPENDR to set the state pending.
*/
[Qemu-devel] [PULL 19/45] intc/arm_gic: Refactor secure/ns access check in the CPU interface
From: Luc Michel
An access to the CPU interface is non-secure if the current GIC instance
implements the security extensions, and the memory access is actually
non-secure. Until then, it was checked with tests such as
if (s->security_extn && !attrs.secure) { ... }
in various places of the CPU interface code.
With the implementation of the virtualization extensions, those tests
must be updated to take into account whether we are in a vCPU interface
or not. This is because the exposed vCPU interface does not implement
security extensions.
This commits replaces all those tests with a call to the
gic_cpu_ns_access() function to check if the current access to the CPU
interface is non-secure. This function takes into account whether the
current CPU is a vCPU or not.
Note that this function is used only in the (v)CPU interface code path.
The distributor code path is left unchanged, as the distributor is not
exposed to vCPUs at all.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Reviewed-by: Philippe Mathieu-Daudé
Message-id: 20180727095421.386-9-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 39 ++-
1 file changed, 22 insertions(+), 17 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 41141fee532..94d5982e2ac 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -74,6 +74,11 @@ static inline bool gic_has_groups(GICState *s)
return s->revision == 2 || s->security_extn;
}
+static inline bool gic_cpu_ns_access(GICState *s, int cpu, MemTxAttrs attrs)
+{
+return !gic_is_vcpu(cpu) && s->security_extn && !attrs.secure;
+}
+
/* TODO: Many places that call this routine could be optimized. */
/* Update interrupt status after enabled or pending bits have been changed. */
static void gic_update(GICState *s)
@@ -221,7 +226,7 @@ static uint16_t gic_get_current_pending_irq(GICState *s,
int cpu,
/* On a GIC without the security extensions, reading this register
* behaves in the same way as a secure access to a GIC with them.
*/
-bool secure = !s->security_extn || attrs.secure;
+bool secure = !gic_cpu_ns_access(s, cpu, attrs);
if (group == 0 && !secure) {
/* Group0 interrupts hidden from Non-secure access */
@@ -428,7 +433,7 @@ static uint32_t gic_dist_get_priority(GICState *s, int cpu,
int irq,
static void gic_set_priority_mask(GICState *s, int cpu, uint8_t pmask,
MemTxAttrs attrs)
{
-if (s->security_extn && !attrs.secure) {
+if (gic_cpu_ns_access(s, cpu, attrs)) {
if (s->priority_mask[cpu] & 0x80) {
/* Priority Mask in upper half */
pmask = 0x80 | (pmask >> 1);
@@ -444,7 +449,7 @@ static uint32_t gic_get_priority_mask(GICState *s, int cpu,
MemTxAttrs attrs)
{
uint32_t pmask = s->priority_mask[cpu];
-if (s->security_extn && !attrs.secure) {
+if (gic_cpu_ns_access(s, cpu, attrs)) {
if (pmask & 0x80) {
/* Priority Mask in upper half, return Non-secure view */
pmask = (pmask << 1) & 0xff;
@@ -460,7 +465,7 @@ static uint32_t gic_get_cpu_control(GICState *s, int cpu,
MemTxAttrs attrs)
{
uint32_t ret = s->cpu_ctlr[cpu];
-if (s->security_extn && !attrs.secure) {
+if (gic_cpu_ns_access(s, cpu, attrs)) {
/* Construct the NS banked view of GICC_CTLR from the correct
* bits of the S banked view. We don't need to move the bypass
* control bits because we don't implement that (IMPDEF) part
@@ -476,7 +481,7 @@ static void gic_set_cpu_control(GICState *s, int cpu,
uint32_t value,
{
uint32_t mask;
-if (s->security_extn && !attrs.secure) {
+if (gic_cpu_ns_access(s, cpu, attrs)) {
/* The NS view can only write certain bits in the register;
* the rest are unchanged
*/
@@ -507,7 +512,7 @@ static uint8_t gic_get_running_priority(GICState *s, int
cpu, MemTxAttrs attrs)
return 0xff;
}
-if (s->security_extn && !attrs.secure) {
+if (gic_cpu_ns_access(s, cpu, attrs)) {
if (s->running_priority[cpu] & 0x80) {
/* Running priority in upper half of range: return the Non-secure
* view of the priority.
@@ -531,7 +536,7 @@ static bool gic_eoi_split(GICState *s, int cpu, MemTxAttrs
attrs)
/* Before GICv2 prio-drop and deactivate are not separable */
return false;
}
-if (s->security_extn && !attrs.secure) {
+if (gic_cpu_ns_access(s, cpu, attrs)) {
return s->cpu_ctlr[cpu] & GICC_CTLR_EOIMODE_NS;
}
return s->cpu_ctlr[cpu] & GICC_CTLR_EOIMODE;
@@ -563,7 +568,7 @@ static void gic_deactivate_irq(GICState *s, int cpu, int
irq, MemTxAttrs attrs)
return;
}
-if (s->security_extn && !attrs.secure && !group) {
+if (gic_cpu_ns_access(s, cpu, attrs) && !group) {
DPRINTF("Non-secure DI for Group0 interrupt %d
Re: [Qemu-devel] [PATCH 5/6] net: Silence 'has no peer' messages in testing mode
On 14/08/2018 17:43, Thomas Huth wrote:
> On 08/14/2018 05:33 PM, Paolo Bonzini wrote:
>> On 14/08/2018 16:46, Thomas Huth wrote:
>>> When running qtests with -nodefaults, we are not interested in
>>> these 'XYZ has no peer' messages.
>>>
>>> Signed-off-by: Thomas Huth
>>> ---
>>> vl.c | 3 +--
>>> 1 file changed, 1 insertion(+), 2 deletions(-)
>>>
>>> diff --git a/vl.c b/vl.c
>>> index 16b913f..7055df3 100644
>>> --- a/vl.c
>>> +++ b/vl.c
>>> @@ -4559,11 +4559,10 @@ int main(int argc, char **argv, char **envp)
>>> * (2) CONFIG_SLIRP not set, in which case the implicit "-net nic"
>>> * sets up a nic that isn't connected to anything.
>>> */
>>> -if (!default_net) {
>>> +if (!default_net && (!qtest_enabled() || has_defaults)) {
>>> net_check_clients();
>>> }
>>>
>>
>> Why does it have no peer? Not a nack, just curiosity.
>
> The machines which emulate an embedded system often always create a NIC
> (since it is hard-wired on the board, not optional). But since there is
> no back-end on the host side with "-nodefaults", the net_check_clients()
> function complains in this case.
Ok, the has_defaults test then makes sense. Is the qtest_enabled() part
still needed, or is the message unnecessary even in normal operation?
Paolo
[Qemu-devel] [PULL 17/45] intc/arm_gic: Add virtual interface register definitions
From: Luc Michel Add the register definitions for the virtual interface of the GICv2. Signed-off-by: Luc Michel Reviewed-by: Peter Maydell Message-id: 20180727095421.386-7-luc.mic...@greensocs.com Signed-off-by: Peter Maydell --- hw/intc/gic_internal.h | 65 ++ 1 file changed, 65 insertions(+) diff --git a/hw/intc/gic_internal.h b/hw/intc/gic_internal.h index c85427c8e31..1aa888a5762 100644 --- a/hw/intc/gic_internal.h +++ b/hw/intc/gic_internal.h @@ -21,6 +21,7 @@ #ifndef QEMU_ARM_GIC_INTERNAL_H #define QEMU_ARM_GIC_INTERNAL_H +#include "hw/registerfields.h" #include "hw/intc/arm_gic.h" #define ALL_CPU_MASK ((unsigned)(((1 << GIC_NCPU) - 1))) @@ -64,6 +65,70 @@ #define GICC_CTLR_EOIMODE(1U << 9) #define GICC_CTLR_EOIMODE_NS (1U << 10) +REG32(GICH_HCR, 0x0) +FIELD(GICH_HCR, EN, 0, 1) +FIELD(GICH_HCR, UIE, 1, 1) +FIELD(GICH_HCR, LRENPIE, 2, 1) +FIELD(GICH_HCR, NPIE, 3, 1) +FIELD(GICH_HCR, VGRP0EIE, 4, 1) +FIELD(GICH_HCR, VGRP0DIE, 5, 1) +FIELD(GICH_HCR, VGRP1EIE, 6, 1) +FIELD(GICH_HCR, VGRP1DIE, 7, 1) +FIELD(GICH_HCR, EOICount, 27, 5) + +#define GICH_HCR_MASK \ +(R_GICH_HCR_EN_MASK | R_GICH_HCR_UIE_MASK | \ + R_GICH_HCR_LRENPIE_MASK | R_GICH_HCR_NPIE_MASK | \ + R_GICH_HCR_VGRP0EIE_MASK | R_GICH_HCR_VGRP0DIE_MASK | \ + R_GICH_HCR_VGRP1EIE_MASK | R_GICH_HCR_VGRP1DIE_MASK | \ + R_GICH_HCR_EOICount_MASK) + +REG32(GICH_VTR, 0x4) +FIELD(GICH_VTR, ListRegs, 0, 6) +FIELD(GICH_VTR, PREbits, 26, 3) +FIELD(GICH_VTR, PRIbits, 29, 3) + +REG32(GICH_VMCR, 0x8) +FIELD(GICH_VMCR, VMCCtlr, 0, 10) +FIELD(GICH_VMCR, VMABP, 18, 3) +FIELD(GICH_VMCR, VMBP, 21, 3) +FIELD(GICH_VMCR, VMPriMask, 27, 5) + +REG32(GICH_MISR, 0x10) +FIELD(GICH_MISR, EOI, 0, 1) +FIELD(GICH_MISR, U, 1, 1) +FIELD(GICH_MISR, LRENP, 2, 1) +FIELD(GICH_MISR, NP, 3, 1) +FIELD(GICH_MISR, VGrp0E, 4, 1) +FIELD(GICH_MISR, VGrp0D, 5, 1) +FIELD(GICH_MISR, VGrp1E, 6, 1) +FIELD(GICH_MISR, VGrp1D, 7, 1) + +REG32(GICH_EISR0, 0x20) +REG32(GICH_EISR1, 0x24) +REG32(GICH_ELRSR0, 0x30) +REG32(GICH_ELRSR1, 0x34) +REG32(GICH_APR, 0xf0) + +REG32(GICH_LR0, 0x100) +FIELD(GICH_LR0, VirtualID, 0, 10) +FIELD(GICH_LR0, PhysicalID, 10, 10) +FIELD(GICH_LR0, CPUID, 10, 3) +FIELD(GICH_LR0, EOI, 19, 1) +FIELD(GICH_LR0, Priority, 23, 5) +FIELD(GICH_LR0, State, 28, 2) +FIELD(GICH_LR0, Grp1, 30, 1) +FIELD(GICH_LR0, HW, 31, 1) + +/* Last LR register */ +REG32(GICH_LR63, 0x1fc) + +#define GICH_LR_MASK \ +(R_GICH_LR0_VirtualID_MASK | R_GICH_LR0_PhysicalID_MASK | \ + R_GICH_LR0_CPUID_MASK | R_GICH_LR0_EOI_MASK | \ + R_GICH_LR0_Priority_MASK | R_GICH_LR0_State_MASK | \ + R_GICH_LR0_Grp1_MASK | R_GICH_LR0_HW_MASK) + /* Valid bits for GICC_CTLR for GICv1, v1 with security extensions, * GICv2 and GICv2 with security extensions: */ -- 2.18.0
[Qemu-devel] [PULL 41/45] target/arm: Implement tailchaining for M profile cores
Tailchaining is an optimization in handling of exception return
for M-profile cores: if we are about to pop the exception stack
for an exception return, but there is a pending exception which
is higher priority than the priority we are returning to, then
instead of unstacking and then immediately taking the exception
and stacking registers again, we can chain to the pending
exception without unstacking and stacking.
For v6M and v7M it is IMPDEF whether tailchaining happens for pending
exceptions; for v8M this is architecturally required. Implement it
in QEMU for all M-profile cores, since in practice v6M and v7M
hardware implementations generally do have it.
(We were already doing tailchaining for derived exceptions which
happened during exception return, like the validity checks and
stack access failures; these have always been required to be
tailchained for all versions of the architecture.)
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20180720145647.8810-5-peter.mayd...@linaro.org
---
target/arm/helper.c | 16
1 file changed, 16 insertions(+)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 559065131a4..8b07bf214ec 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7162,6 +7162,22 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
return;
}
+/*
+ * Tailchaining: if there is currently a pending exception that
+ * is high enough priority to preempt execution at the level we're
+ * about to return to, then just directly take that exception now,
+ * avoiding an unstack-and-then-stack. Note that now we have
+ * deactivated the previous exception by calling armv7m_nvic_complete_irq()
+ * our current execution priority is already the execution priority we are
+ * returning to -- none of the state we would unstack or set based on
+ * the EXCRET value affects it.
+ */
+if (armv7m_nvic_can_take_pending_exception(env->nvic)) {
+qemu_log_mask(CPU_LOG_INT, "...tailchaining to pending exception\n");
+v7m_exception_taken(cpu, excret, true, false);
+return;
+}
+
switch_v7m_security_state(env, return_to_secure);
{
--
2.18.0
[Qemu-devel] [PULL 24/45] intc/arm_gic: Implement virtualization extensions in gic_cpu_(read|write)
From: Luc Michel
Implement virtualization extensions in the gic_cpu_read() and
gic_cpu_write() functions. Those are the last bits missing to fully
support virtualization extensions in the CPU interface path.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-14-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 20 +++-
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 3cddf658269..0e1b23047e3 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -1401,9 +1401,12 @@ static MemTxResult gic_cpu_read(GICState *s, int cpu,
int offset,
case 0xd0: case 0xd4: case 0xd8: case 0xdc:
{
int regno = (offset - 0xd0) / 4;
+int nr_aprs = gic_is_vcpu(cpu) ? GIC_VIRT_NR_APRS : GIC_NR_APRS;
-if (regno >= GIC_NR_APRS || s->revision != 2) {
+if (regno >= nr_aprs || s->revision != 2) {
*data = 0;
+} else if (gic_is_vcpu(cpu)) {
+*data = s->h_apr[gic_get_vcpu_real_id(cpu)];
} else if (gic_cpu_ns_access(s, cpu, attrs)) {
/* NS view of GICC_APR is the top half of GIC_NSAPR */
*data = gic_apr_ns_view(s, regno, cpu);
@@ -1417,7 +1420,7 @@ static MemTxResult gic_cpu_read(GICState *s, int cpu, int
offset,
int regno = (offset - 0xe0) / 4;
if (regno >= GIC_NR_APRS || s->revision != 2 || !gic_has_groups(s) ||
-gic_cpu_ns_access(s, cpu, attrs)) {
+gic_cpu_ns_access(s, cpu, attrs) || gic_is_vcpu(cpu)) {
*data = 0;
} else {
*data = s->nsapr[regno][cpu];
@@ -1452,7 +1455,8 @@ static MemTxResult gic_cpu_write(GICState *s, int cpu,
int offset,
s->abpr[cpu] = MAX(value & 0x7, GIC_MIN_ABPR);
}
} else {
-s->bpr[cpu] = MAX(value & 0x7, GIC_MIN_BPR);
+int min_bpr = gic_is_vcpu(cpu) ? GIC_VIRT_MIN_BPR : GIC_MIN_BPR;
+s->bpr[cpu] = MAX(value & 0x7, min_bpr);
}
break;
case 0x10: /* End Of Interrupt */
@@ -1469,11 +1473,14 @@ static MemTxResult gic_cpu_write(GICState *s, int cpu,
int offset,
case 0xd0: case 0xd4: case 0xd8: case 0xdc:
{
int regno = (offset - 0xd0) / 4;
+int nr_aprs = gic_is_vcpu(cpu) ? GIC_VIRT_NR_APRS : GIC_NR_APRS;
-if (regno >= GIC_NR_APRS || s->revision != 2) {
+if (regno >= nr_aprs || s->revision != 2) {
return MEMTX_OK;
}
-if (gic_cpu_ns_access(s, cpu, attrs)) {
+if (gic_is_vcpu(cpu)) {
+s->h_apr[gic_get_vcpu_real_id(cpu)] = value;
+} else if (gic_cpu_ns_access(s, cpu, attrs)) {
/* NS view of GICC_APR is the top half of GIC_NSAPR */
gic_apr_write_ns_view(s, regno, cpu, value);
} else {
@@ -1488,6 +1495,9 @@ static MemTxResult gic_cpu_write(GICState *s, int cpu,
int offset,
if (regno >= GIC_NR_APRS || s->revision != 2) {
return MEMTX_OK;
}
+if (gic_is_vcpu(cpu)) {
+return MEMTX_OK;
+}
if (!gic_has_groups(s) || (gic_cpu_ns_access(s, cpu, attrs))) {
return MEMTX_OK;
}
--
2.18.0
[Qemu-devel] [PULL 04/45] nvic: Change NVIC to support ARMv6-M
From: Julia Suvorova
The differences from ARMv7-M NVIC are:
* ARMv6-M only supports up to 32 external interrupts
(configurable feature already). The ICTR is reserved.
* Active Bit Register is reserved.
* ARMv6-M supports 4 priority levels against 256 in ARMv7-M.
Signed-off-by: Julia Suvorova
Reviewed-by: Peter Maydell
Signed-off-by: Peter Maydell
---
include/hw/intc/armv7m_nvic.h | 1 +
hw/intc/armv7m_nvic.c | 21 ++---
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/include/hw/intc/armv7m_nvic.h b/include/hw/intc/armv7m_nvic.h
index 8bc29112e3a..a472c9b8f05 100644
--- a/include/hw/intc/armv7m_nvic.h
+++ b/include/hw/intc/armv7m_nvic.h
@@ -57,6 +57,7 @@ typedef struct NVICState {
VecInfo sec_vectors[NVIC_INTERNAL_VECTORS];
/* The PRIGROUP field in AIRCR is banked */
uint32_t prigroup[M_REG_NUM_BANKS];
+uint8_t num_prio_bits;
/* v8M NVIC_ITNS state (stored as a bool per bit) */
bool itns[NVIC_MAX_VECTORS];
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
index 49e8e2b94d4..351b69ab40b 100644
--- a/hw/intc/armv7m_nvic.c
+++ b/hw/intc/armv7m_nvic.c
@@ -420,6 +420,8 @@ static void set_prio(NVICState *s, unsigned irq, bool
secure, uint8_t prio)
assert(irq > ARMV7M_EXCP_NMI); /* only use for configurable prios */
assert(irq < s->num_irq);
+prio &= MAKE_64BIT_MASK(8 - s->num_prio_bits, s->num_prio_bits);
+
if (secure) {
assert(exc_is_banked(irq));
s->sec_vectors[irq].prio = prio;
@@ -779,6 +781,9 @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset,
MemTxAttrs attrs)
switch (offset) {
case 4: /* Interrupt Control Type. */
+if (!arm_feature(>env, ARM_FEATURE_V7)) {
+goto bad_offset;
+}
return ((s->num_irq - NVIC_FIRST_IRQ) / 32) - 1;
case 0xc: /* CPPWR */
if (!arm_feature(>env, ARM_FEATURE_V8)) {
@@ -1278,9 +1283,12 @@ static void nvic_writel(NVICState *s, uint32_t offset,
uint32_t value,
"Setting VECTRESET when not in DEBUG mode "
"is UNPREDICTABLE\n");
}
-s->prigroup[attrs.secure] = extract32(value,
- R_V7M_AIRCR_PRIGROUP_SHIFT,
- R_V7M_AIRCR_PRIGROUP_LENGTH);
+if (arm_feature(>env, ARM_FEATURE_M_MAIN)) {
+s->prigroup[attrs.secure] =
+extract32(value,
+ R_V7M_AIRCR_PRIGROUP_SHIFT,
+ R_V7M_AIRCR_PRIGROUP_LENGTH);
+}
if (attrs.secure) {
/* These bits are only writable by secure */
cpu->env.v7m.aircr = value &
@@ -1791,6 +1799,11 @@ static MemTxResult nvic_sysreg_read(void *opaque, hwaddr
addr,
break;
case 0x300 ... 0x33f: /* NVIC Active */
val = 0;
+
+if (!arm_feature(>cpu->env, ARM_FEATURE_V7)) {
+break;
+}
+
startvec = 8 * (offset - 0x300) + NVIC_FIRST_IRQ; /* vector # */
for (i = 0, end = size * 8; i < end && startvec + i < s->num_irq; i++)
{
@@ -2260,6 +2273,8 @@ static void armv7m_nvic_realize(DeviceState *dev, Error
**errp)
/* include space for internal exception vectors */
s->num_irq += NVIC_FIRST_IRQ;
+s->num_prio_bits = arm_feature(>cpu->env, ARM_FEATURE_V7) ? 8 : 2;
+
object_property_set_bool(OBJECT(>systick[M_REG_NS]), true,
"realized", );
if (err != NULL) {
--
2.18.0
[Qemu-devel] [PULL 44/45] target/arm: Reorganize SVE WHILE
From: Richard Henderson
The pseudocode for this operation is an increment + compare loop,
so comparing <= the maximum integer produces an all-true predicate.
Rather than bound in both the inline code and the helper, pass the
helper the number of predicate bits to set instead of the number
of predicate elements to set.
Reported-by: Laurent Desnogues
Signed-off-by: Richard Henderson
Reviewed-by: Laurent Desnogues
Tested-by: Alex Bennée
Tested-by: Laurent Desnogues
Message-id: 20180801123111.3595-4-richard.hender...@linaro.org
Signed-off-by: Peter Maydell
---
target/arm/sve_helper.c| 5
target/arm/translate-sve.c | 49 +-
2 files changed, 32 insertions(+), 22 deletions(-)
diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c
index 9bd0694d55e..87594a8adb4 100644
--- a/target/arm/sve_helper.c
+++ b/target/arm/sve_helper.c
@@ -2846,11 +2846,6 @@ uint32_t HELPER(sve_while)(void *vd, uint32_t count,
uint32_t pred_desc)
return flags;
}
-/* Scale from predicate element count to bits. */
-count <<= esz;
-/* Bound to the bits in the predicate. */
-count = MIN(count, oprsz * 8);
-
/* Set all of the requested bits. */
for (i = 0; i < count / 64; ++i) {
d->p[i] = esz_mask;
diff --git a/target/arm/translate-sve.c b/target/arm/translate-sve.c
index 9dd4c38bab7..89efc80ee70 100644
--- a/target/arm/translate-sve.c
+++ b/target/arm/translate-sve.c
@@ -3173,19 +3173,19 @@ static bool trans_CTERM(DisasContext *s, arg_CTERM *a,
uint32_t insn)
static bool trans_WHILE(DisasContext *s, arg_WHILE *a, uint32_t insn)
{
-if (!sve_access_check(s)) {
-return true;
-}
-
-TCGv_i64 op0 = read_cpu_reg(s, a->rn, 1);
-TCGv_i64 op1 = read_cpu_reg(s, a->rm, 1);
-TCGv_i64 t0 = tcg_temp_new_i64();
-TCGv_i64 t1 = tcg_temp_new_i64();
+TCGv_i64 op0, op1, t0, t1, tmax;
TCGv_i32 t2, t3;
TCGv_ptr ptr;
unsigned desc, vsz = vec_full_reg_size(s);
TCGCond cond;
+if (!sve_access_check(s)) {
+return true;
+}
+
+op0 = read_cpu_reg(s, a->rn, 1);
+op1 = read_cpu_reg(s, a->rm, 1);
+
if (!a->sf) {
if (a->u) {
tcg_gen_ext32u_i64(op0, op0);
@@ -3198,32 +3198,47 @@ static bool trans_WHILE(DisasContext *s, arg_WHILE *a,
uint32_t insn)
/* For the helper, compress the different conditions into a computation
* of how many iterations for which the condition is true.
- *
- * This is slightly complicated by 0 <= UINT64_MAX, which is nominally
- * 2**64 iterations, overflowing to 0. Of course, predicate registers
- * aren't that large, so any value >= predicate size is sufficient.
*/
+t0 = tcg_temp_new_i64();
+t1 = tcg_temp_new_i64();
tcg_gen_sub_i64(t0, op1, op0);
-/* t0 = MIN(op1 - op0, vsz). */
-tcg_gen_movi_i64(t1, vsz);
-tcg_gen_umin_i64(t0, t0, t1);
+tmax = tcg_const_i64(vsz >> a->esz);
if (a->eq) {
/* Equality means one more iteration. */
tcg_gen_addi_i64(t0, t0, 1);
+
+/* If op1 is max (un)signed integer (and the only time the addition
+ * above could overflow), then we produce an all-true predicate by
+ * setting the count to the vector length. This is because the
+ * pseudocode is described as an increment + compare loop, and the
+ * max integer would always compare true.
+ */
+tcg_gen_movi_i64(t1, (a->sf
+ ? (a->u ? UINT64_MAX : INT64_MAX)
+ : (a->u ? UINT32_MAX : INT32_MAX)));
+tcg_gen_movcond_i64(TCG_COND_EQ, t0, op1, t1, tmax, t0);
}
-/* t0 = (condition true ? t0 : 0). */
+/* Bound to the maximum. */
+tcg_gen_umin_i64(t0, t0, tmax);
+tcg_temp_free_i64(tmax);
+
+/* Set the count to zero if the condition is false. */
cond = (a->u
? (a->eq ? TCG_COND_LEU : TCG_COND_LTU)
: (a->eq ? TCG_COND_LE : TCG_COND_LT));
tcg_gen_movi_i64(t1, 0);
tcg_gen_movcond_i64(cond, t0, op0, op1, t0, t1);
+tcg_temp_free_i64(t1);
+/* Since we're bounded, pass as a 32-bit type. */
t2 = tcg_temp_new_i32();
tcg_gen_extrl_i64_i32(t2, t0);
tcg_temp_free_i64(t0);
-tcg_temp_free_i64(t1);
+
+/* Scale elements to bits. */
+tcg_gen_shli_i32(t2, t2, a->esz);
desc = (vsz / 8) - 2;
desc = deposit32(desc, SIMD_DATA_SHIFT, 2, a->esz);
--
2.18.0
[Qemu-devel] [PULL 40/45] target/arm: Restore M-profile CONTROL.SPSEL before any tailchaining
On exception return for M-profile, we must restore the CONTROL.SPSEL
bit from the EXCRET value before we do any kind of tailchaining,
including for the derived exceptions on integrity check failures.
Otherwise we will give the guest an incorrect EXCRET.SPSEL value on
exception entry for the tailchained exception.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20180720145647.8810-4-peter.mayd...@linaro.org
---
target/arm/helper.c | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 9d908f1c663..559065131a4 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7131,6 +7131,16 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
}
}
+/*
+ * Set CONTROL.SPSEL from excret.SPSEL. Since we're still in
+ * Handler mode (and will be until we write the new XPSR.Interrupt
+ * field) this does not switch around the current stack pointer.
+ * We must do this before we do any kind of tailchaining, including
+ * for the derived exceptions on integrity check failures, or we will
+ * give the guest an incorrect EXCRET.SPSEL value on exception entry.
+ */
+write_v7m_control_spsel_for_secstate(env, return_to_sp_process,
exc_secure);
+
if (sfault) {
env->v7m.sfsr |= R_V7M_SFSR_INVER_MASK;
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SECURE, false);
@@ -7152,12 +7162,6 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
return;
}
-/* Set CONTROL.SPSEL from excret.SPSEL. Since we're still in
- * Handler mode (and will be until we write the new XPSR.Interrupt
- * field) this does not switch around the current stack pointer.
- */
-write_v7m_control_spsel_for_secstate(env, return_to_sp_process,
exc_secure);
-
switch_v7m_security_state(env, return_to_secure);
{
--
2.18.0
[Qemu-devel] [PULL 21/45] intc/arm_gic: Implement virtualization extensions in gic_(activate_irq|drop_prio)
From: Luc Michel
Implement virtualization extensions in gic_activate_irq() and
gic_drop_prio() and in gic_get_prio_from_apr_bits() called by
gic_drop_prio().
When the current CPU is a vCPU:
- Use GIC_VIRT_MIN_BPR and GIC_VIRT_NR_APRS instead of their non-virt
counterparts,
- the vCPU APR is stored in the virtual interface, in h_apr.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-11-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 50 +++
1 file changed, 38 insertions(+), 12 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 26ed7ea58ab..de73dc9f54b 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -276,16 +276,23 @@ static void gic_activate_irq(GICState *s, int cpu, int
irq)
* and update the running priority.
*/
int prio = gic_get_group_priority(s, cpu, irq);
-int preemption_level = prio >> (GIC_MIN_BPR + 1);
+int min_bpr = gic_is_vcpu(cpu) ? GIC_VIRT_MIN_BPR : GIC_MIN_BPR;
+int preemption_level = prio >> (min_bpr + 1);
int regno = preemption_level / 32;
int bitno = preemption_level % 32;
+uint32_t *papr = NULL;
-if (gic_has_groups(s) && gic_test_group(s, irq, cpu)) {
-s->nsapr[regno][cpu] |= (1 << bitno);
+if (gic_is_vcpu(cpu)) {
+assert(regno == 0);
+papr = >h_apr[gic_get_vcpu_real_id(cpu)];
+} else if (gic_has_groups(s) && gic_test_group(s, irq, cpu)) {
+papr = >nsapr[regno][cpu];
} else {
-s->apr[regno][cpu] |= (1 << bitno);
+papr = >apr[regno][cpu];
}
+*papr |= (1 << bitno);
+
s->running_priority[cpu] = prio;
gic_set_active(s, irq, cpu);
}
@@ -296,6 +303,16 @@ static int gic_get_prio_from_apr_bits(GICState *s, int cpu)
* on the set bits in the Active Priority Registers.
*/
int i;
+
+if (gic_is_vcpu(cpu)) {
+uint32_t apr = s->h_apr[gic_get_vcpu_real_id(cpu)];
+if (apr) {
+return ctz32(apr) << (GIC_VIRT_MIN_BPR + 1);
+} else {
+return 0x100;
+}
+}
+
for (i = 0; i < GIC_NR_APRS; i++) {
uint32_t apr = s->apr[i][cpu] | s->nsapr[i][cpu];
if (!apr) {
@@ -324,16 +341,25 @@ static void gic_drop_prio(GICState *s, int cpu, int group)
* running priority will be wrong, so interrupts that should preempt
* might not do so, and interrupts that should not preempt might do so.
*/
-int i;
+if (gic_is_vcpu(cpu)) {
+int rcpu = gic_get_vcpu_real_id(cpu);
-for (i = 0; i < GIC_NR_APRS; i++) {
-uint32_t *papr = group ? >nsapr[i][cpu] : >apr[i][cpu];
-if (!*papr) {
-continue;
+if (s->h_apr[rcpu]) {
+/* Clear lowest set bit */
+s->h_apr[rcpu] &= s->h_apr[rcpu] - 1;
+}
+} else {
+int i;
+
+for (i = 0; i < GIC_NR_APRS; i++) {
+uint32_t *papr = group ? >nsapr[i][cpu] : >apr[i][cpu];
+if (!*papr) {
+continue;
+}
+/* Clear lowest set bit */
+*papr &= *papr - 1;
+break;
}
-/* Clear lowest set bit */
-*papr &= *papr - 1;
-break;
}
s->running_priority[cpu] = gic_get_prio_from_apr_bits(s, cpu);
--
2.18.0
[Qemu-devel] [PULL 17/19] linux-user: Update MIPS syscall numbers up to kernel 4.18 headers
From: Aleksandar Markovic Synchronize content of linux-user/mips/syscall_nr.h and linux-user/mips64/syscall_nr.h with Linux kernel 4.18 headers. This adds 9 new syscall numbers, the last being NR_io_pgetevents. Reviewed-by: Laurent Vivier Reviewed-by: Richard Henderson Signed-off-by: Aleksandar Markovic Signed-off-by: Stefan Markovic --- linux-user/mips/syscall_nr.h | 9 + linux-user/mips64/syscall_nr.h | 18 ++ 2 files changed, 27 insertions(+) diff --git a/linux-user/mips/syscall_nr.h b/linux-user/mips/syscall_nr.h index ced3280..e70adfc 100644 --- a/linux-user/mips/syscall_nr.h +++ b/linux-user/mips/syscall_nr.h @@ -363,3 +363,12 @@ #define TARGET_NR_userfaultfd (TARGET_NR_Linux + 357) #define TARGET_NR_membarrier(TARGET_NR_Linux + 358) #define TARGET_NR_mlock2(TARGET_NR_Linux + 359) +#define TARGET_NR_copy_file_range (TARGET_NR_Linux + 360) +#define TARGET_NR_preadv2 (TARGET_NR_Linux + 361) +#define TARGET_NR_pwritev2 (TARGET_NR_Linux + 362) +#define TARGET_NR_pkey_mprotect (TARGET_NR_Linux + 363) +#define TARGET_NR_pkey_alloc(TARGET_NR_Linux + 364) +#define TARGET_NR_pkey_free (TARGET_NR_Linux + 365) +#define TARGET_NR_statx (TARGET_NR_Linux + 366) +#define TARGET_NR_rseq (TARGET_NR_Linux + 367) +#define TARGET_NR_io_pgetevents (TARGET_NR_Linux + 368) diff --git a/linux-user/mips64/syscall_nr.h b/linux-user/mips64/syscall_nr.h index 746cc26..ff218a9 100644 --- a/linux-user/mips64/syscall_nr.h +++ b/linux-user/mips64/syscall_nr.h @@ -327,6 +327,15 @@ #define TARGET_NR_userfaultfd (TARGET_NR_Linux + 321) #define TARGET_NR_membarrier(TARGET_NR_Linux + 322) #define TARGET_NR_mlock2(TARGET_NR_Linux + 323) +#define TARGET_NR_copy_file_range (TARGET_NR_Linux + 324) +#define TARGET_NR_preadv2 (TARGET_NR_Linux + 325) +#define TARGET_NR_pwritev2 (TARGET_NR_Linux + 326) +#define TARGET_NR_pkey_mprotect (TARGET_NR_Linux + 327) +#define TARGET_NR_pkey_alloc(TARGET_NR_Linux + 328) +#define TARGET_NR_pkey_free (TARGET_NR_Linux + 329) +#define TARGET_NR_statx (TARGET_NR_Linux + 330) +#define TARGET_NR_rseq (TARGET_NR_Linux + 331) +#define TARGET_NR_io_pgetevents (TARGET_NR_Linux + 332) #else /* @@ -653,4 +662,13 @@ #define TARGET_NR_userfaultfd (TARGET_NR_Linux + 317) #define TARGET_NR_membarrier(TARGET_NR_Linux + 318) #define TARGET_NR_mlock2(TARGET_NR_Linux + 319) +#define TARGET_NR_copy_file_range (TARGET_NR_Linux + 320) +#define TARGET_NR_preadv2 (TARGET_NR_Linux + 321) +#define TARGET_NR_pwritev2 (TARGET_NR_Linux + 322) +#define TARGET_NR_pkey_mprotect (TARGET_NR_Linux + 323) +#define TARGET_NR_pkey_alloc(TARGET_NR_Linux + 324) +#define TARGET_NR_pkey_free (TARGET_NR_Linux + 325) +#define TARGET_NR_statx (TARGET_NR_Linux + 326) +#define TARGET_NR_rseq (TARGET_NR_Linux + 327) +#define TARGET_NR_io_pgetevents (TARGET_NR_Linux + 328) #endif -- 2.7.4
[Qemu-devel] [PULL 39/45] target/arm: Initialize exc_secure correctly in do_v7m_exception_exit()
In do_v7m_exception_exit(), we use the exc_secure variable to track
whether the exception we're returning from is secure or non-secure.
Unfortunately the statement initializing this was accidentally
inside an "if (env->v7m.exception != ARMV7M_EXCP_NMI)" conditional,
which meant that we were using the wrong value for NMI handlers.
Move the initialization out to the right place.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Reviewed-by: Philippe Mathieu-Daudé
Message-id: 20180720145647.8810-3-peter.mayd...@linaro.org
---
target/arm/helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 1b60c8d66c9..9d908f1c663 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7052,6 +7052,7 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
/* For all other purposes, treat ES as 0 (R_HXSR) */
excret &= ~R_V7M_EXCRET_ES_MASK;
}
+exc_secure = excret & R_V7M_EXCRET_ES_MASK;
}
if (env->v7m.exception != ARMV7M_EXCP_NMI) {
@@ -7062,7 +7063,6 @@ static void do_v7m_exception_exit(ARMCPU *cpu)
* which security state's faultmask to clear. (v8M ARM ARM R_KBNF.)
*/
if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
-exc_secure = excret & R_V7M_EXCRET_ES_MASK;
if (armv7m_nvic_raw_execution_priority(env->nvic) >= 0) {
env->v7m.faultmask[exc_secure] = 0;
}
--
2.18.0
[Qemu-devel] [PULL 42/45] target/arm: Fix sign of sve_cmpeq_ppzw/sve_cmpne_ppzw
From: Richard Henderson The normal vector element is sign-extended before comparing with the wide vector element. Reported-by: Laurent Desnogues Signed-off-by: Richard Henderson Reviewed-by: Laurent Desnogues Reviewed-by: Alex Bennée Tested-by: Alex Bennée Tested-by: Laurent Desnogues Message-id: 20180801123111.3595-2-richard.hender...@linaro.org Signed-off-by: Peter Maydell --- target/arm/sve_helper.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c index 54795c91945..9bd0694d55e 100644 --- a/target/arm/sve_helper.c +++ b/target/arm/sve_helper.c @@ -2436,13 +2436,13 @@ uint32_t HELPER(NAME)(void *vd, void *vn, void *vm, void *vg, uint32_t desc) \ #define DO_CMP_PPZW_S(NAME, TYPE, TYPEW, OP) \ DO_CMP_PPZW(NAME, TYPE, TYPEW, OP, H1_4, 0xull) -DO_CMP_PPZW_B(sve_cmpeq_ppzw_b, uint8_t, uint64_t, ==) -DO_CMP_PPZW_H(sve_cmpeq_ppzw_h, uint16_t, uint64_t, ==) -DO_CMP_PPZW_S(sve_cmpeq_ppzw_s, uint32_t, uint64_t, ==) +DO_CMP_PPZW_B(sve_cmpeq_ppzw_b, int8_t, uint64_t, ==) +DO_CMP_PPZW_H(sve_cmpeq_ppzw_h, int16_t, uint64_t, ==) +DO_CMP_PPZW_S(sve_cmpeq_ppzw_s, int32_t, uint64_t, ==) -DO_CMP_PPZW_B(sve_cmpne_ppzw_b, uint8_t, uint64_t, !=) -DO_CMP_PPZW_H(sve_cmpne_ppzw_h, uint16_t, uint64_t, !=) -DO_CMP_PPZW_S(sve_cmpne_ppzw_s, uint32_t, uint64_t, !=) +DO_CMP_PPZW_B(sve_cmpne_ppzw_b, int8_t, uint64_t, !=) +DO_CMP_PPZW_H(sve_cmpne_ppzw_h, int16_t, uint64_t, !=) +DO_CMP_PPZW_S(sve_cmpne_ppzw_s, int32_t, uint64_t, !=) DO_CMP_PPZW_B(sve_cmpgt_ppzw_b, int8_t, int64_t, >) DO_CMP_PPZW_H(sve_cmpgt_ppzw_h, int16_t, int64_t, >) -- 2.18.0
[Qemu-devel] [PULL 22/45] intc/arm_gic: Implement virtualization extensions in gic_acknowledge_irq
From: Luc Michel
Implement virtualization extensions in the gic_acknowledge_irq()
function. This function changes the state of the highest priority IRQ
from pending to active.
When the current CPU is a vCPU, modifying the state of an IRQ modifies
the corresponding LR entry. However if we clear the pending flag before
setting the active one, we lose track of the LR entry as it becomes
invalid. The next call to gic_get_lr_entry() will fail.
To overcome this issue, we call gic_activate_irq() before
gic_clear_pending(). This does not change the general behaviour of
gic_acknowledge_irq.
We also move the SGI case in gic_clear_pending_sgi() to enhance
code readability as the virtualization extensions support adds a if-else
level.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-12-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 52 ++-
1 file changed, 33 insertions(+), 19 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index de73dc9f54b..d80acde989f 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -365,17 +365,44 @@ static void gic_drop_prio(GICState *s, int cpu, int group)
s->running_priority[cpu] = gic_get_prio_from_apr_bits(s, cpu);
}
+static inline uint32_t gic_clear_pending_sgi(GICState *s, int irq, int cpu)
+{
+int src;
+uint32_t ret;
+
+if (!gic_is_vcpu(cpu)) {
+/* Lookup the source CPU for the SGI and clear this in the
+ * sgi_pending map. Return the src and clear the overall pending
+ * state on this CPU if the SGI is not pending from any CPUs.
+ */
+assert(s->sgi_pending[irq][cpu] != 0);
+src = ctz32(s->sgi_pending[irq][cpu]);
+s->sgi_pending[irq][cpu] &= ~(1 << src);
+if (s->sgi_pending[irq][cpu] == 0) {
+gic_clear_pending(s, irq, cpu);
+}
+ret = irq | ((src & 0x7) << 10);
+} else {
+uint32_t *lr_entry = gic_get_lr_entry(s, irq, cpu);
+src = GICH_LR_CPUID(*lr_entry);
+
+gic_clear_pending(s, irq, cpu);
+ret = irq | (src << 10);
+}
+
+return ret;
+}
+
uint32_t gic_acknowledge_irq(GICState *s, int cpu, MemTxAttrs attrs)
{
-int ret, irq, src;
-int cm = 1 << cpu;
+int ret, irq;
/* gic_get_current_pending_irq() will return 1022 or 1023 appropriately
* for the case where this GIC supports grouping and the pending interrupt
* is in the wrong group.
*/
irq = gic_get_current_pending_irq(s, cpu, attrs);
-trace_gic_acknowledge_irq(cpu, irq);
+trace_gic_acknowledge_irq(gic_get_vcpu_real_id(cpu), irq);
if (irq >= GIC_MAXIRQ) {
DPRINTF("ACK, no pending interrupt or it is hidden: %d\n", irq);
@@ -387,6 +414,8 @@ uint32_t gic_acknowledge_irq(GICState *s, int cpu,
MemTxAttrs attrs)
return 1023;
}
+gic_activate_irq(s, cpu, irq);
+
if (s->revision == REV_11MPCORE) {
/* Clear pending flags for both level and edge triggered interrupts.
* Level triggered IRQs will be reasserted once they become inactive.
@@ -395,28 +424,13 @@ uint32_t gic_acknowledge_irq(GICState *s, int cpu,
MemTxAttrs attrs)
ret = irq;
} else {
if (irq < GIC_NR_SGIS) {
-/* Lookup the source CPU for the SGI and clear this in the
- * sgi_pending map. Return the src and clear the overall pending
- * state on this CPU if the SGI is not pending from any CPUs.
- */
-assert(s->sgi_pending[irq][cpu] != 0);
-src = ctz32(s->sgi_pending[irq][cpu]);
-s->sgi_pending[irq][cpu] &= ~(1 << src);
-if (s->sgi_pending[irq][cpu] == 0) {
-gic_clear_pending(s, irq, cpu);
-}
-ret = irq | ((src & 0x7) << 10);
+ret = gic_clear_pending_sgi(s, irq, cpu);
} else {
-/* Clear pending state for both level and edge triggered
- * interrupts. (level triggered interrupts with an active line
- * remain pending, see gic_test_pending)
- */
gic_clear_pending(s, irq, cpu);
ret = irq;
}
}
-gic_activate_irq(s, cpu, irq);
gic_update(s);
DPRINTF("ACK %d\n", irq);
return ret;
--
2.18.0
[Qemu-devel] [PULL 37/45] target/arm: Treat SCTLR_EL1.M as if it were zero when HCR_EL2.TGE is set
One of the required effects of setting HCR_EL2.TGE is that when
SCR_EL3.NS is 1 then SCTLR_EL1.M must behave as if it is zero for
all purposes except direct reads. That is, it effectively disables
the MMU for the NS EL0/EL1 translation regime.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20180724115950.17316-6-peter.mayd...@linaro.org
---
target/arm/helper.c | 8
1 file changed, 8 insertions(+)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 7b438e43a90..62f63e4e5b9 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -8396,6 +8396,14 @@ static inline bool
regime_translation_disabled(CPUARMState *env,
if (mmu_idx == ARMMMUIdx_S2NS) {
return (env->cp15.hcr_el2 & HCR_VM) == 0;
}
+
+if (env->cp15.hcr_el2 & HCR_TGE) {
+/* TGE means that NS EL0/1 act as if SCTLR_EL1.M is zero */
+if (!regime_is_secure(env, mmu_idx) && regime_el(env, mmu_idx) == 1) {
+return true;
+}
+}
+
return (regime_sctlr(env, mmu_idx) & SCTLR_M) == 0;
}
--
2.18.0
[Qemu-devel] [PULL 15/19] elf: Remove duplicate preprocessor constant definition
From: Aleksandar Markovic Remove duplicate preprocessor constant definition for EF_MIPS_ARCH. The duplicate was introduced in commit 45506bdd. It placed the constant EF_MIPS_ARCH in a better place, however it did not remove the original. This patch removes the original occurrence. Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Signed-off-by: Aleksandar Markovic --- include/elf.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/elf.h b/include/elf.h index 934dbbd..60f6cbe 100644 --- a/include/elf.h +++ b/include/elf.h @@ -61,7 +61,6 @@ typedef int64_t Elf64_Sxword; #define EF_MIPS_ABI0xf000 #define EF_MIPS_FP64 0x0200 #define EF_MIPS_NAN2008 0x0400 -#define EF_MIPS_ARCH 0xf000 /* These constants define the different elf file types */ #define ET_NONE 0 -- 2.7.4
[Qemu-devel] [PULL 34/45] target/arm: Honour HCR_EL2.TGE and MDCR_EL2.TDE in debug register access checks
Some debug registers can be trapped via MDCR_EL2 bits TDRA, TDOSA,
and TDA, which we implement in the functions access_tdra(),
access_tdosa() and access_tda(). If MDCR_EL2.TDE or HCR_EL2.TGE
are 1, the TDRA, TDOSA and TDA bits should behave as if they were 1.
Implement this by having the access functions check MDCR_EL2.TDE
and HCR_EL2.TGE.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20180724115950.17316-3-peter.mayd...@linaro.org
---
target/arm/helper.c | 18 --
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 02c1c4d8404..3cd43cf7018 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -444,9 +444,11 @@ static CPAccessResult access_tdosa(CPUARMState *env, const
ARMCPRegInfo *ri,
bool isread)
{
int el = arm_current_el(env);
+bool mdcr_el2_tdosa = (env->cp15.mdcr_el2 & MDCR_TDOSA) ||
+(env->cp15.mdcr_el2 & MDCR_TDE) ||
+(env->cp15.hcr_el2 & HCR_TGE);
-if (el < 2 && (env->cp15.mdcr_el2 & MDCR_TDOSA)
-&& !arm_is_secure_below_el3(env)) {
+if (el < 2 && mdcr_el2_tdosa && !arm_is_secure_below_el3(env)) {
return CP_ACCESS_TRAP_EL2;
}
if (el < 3 && (env->cp15.mdcr_el3 & MDCR_TDOSA)) {
@@ -462,9 +464,11 @@ static CPAccessResult access_tdra(CPUARMState *env, const
ARMCPRegInfo *ri,
bool isread)
{
int el = arm_current_el(env);
+bool mdcr_el2_tdra = (env->cp15.mdcr_el2 & MDCR_TDRA) ||
+(env->cp15.mdcr_el2 & MDCR_TDE) ||
+(env->cp15.hcr_el2 & HCR_TGE);
-if (el < 2 && (env->cp15.mdcr_el2 & MDCR_TDRA)
-&& !arm_is_secure_below_el3(env)) {
+if (el < 2 && mdcr_el2_tdra && !arm_is_secure_below_el3(env)) {
return CP_ACCESS_TRAP_EL2;
}
if (el < 3 && (env->cp15.mdcr_el3 & MDCR_TDA)) {
@@ -480,9 +484,11 @@ static CPAccessResult access_tda(CPUARMState *env, const
ARMCPRegInfo *ri,
bool isread)
{
int el = arm_current_el(env);
+bool mdcr_el2_tda = (env->cp15.mdcr_el2 & MDCR_TDA) ||
+(env->cp15.mdcr_el2 & MDCR_TDE) ||
+(env->cp15.hcr_el2 & HCR_TGE);
-if (el < 2 && (env->cp15.mdcr_el2 & MDCR_TDA)
-&& !arm_is_secure_below_el3(env)) {
+if (el < 2 && mdcr_el2_tda && !arm_is_secure_below_el3(env)) {
return CP_ACCESS_TRAP_EL2;
}
if (el < 3 && (env->cp15.mdcr_el3 & MDCR_TDA)) {
--
2.18.0
[Qemu-devel] [PULL 18/45] intc/arm_gic: Add virtualization extensions helper macros and functions
From: Luc Michel
Add some helper macros and functions related to the virtualization
extensions to gic_internal.h.
The GICH_LR_* macros help extracting specific fields of a list register
value. The only tricky one is the priority field as only the MSB are
stored. The value must be shifted accordingly to obtain the correct
priority value.
gic_is_vcpu() and gic_get_vcpu_real_id() help with (v)CPU id manipulation
to abstract the fact that vCPU id are in the range
[ GIC_NCPU; (GIC_NCPU + num_cpu) [.
gic_lr_* and gic_virq_is_valid() help with the list registers.
gic_get_lr_entry() returns the LR entry for a given (vCPU, irq) pair. It
is meant to be used in contexts where we know for sure that the entry
exists, so we assert that entry is actually found, and the caller can
avoid the NULL check on the returned pointer.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-8-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/gic_internal.h | 74 ++
hw/intc/arm_gic.c | 5 +++
2 files changed, 79 insertions(+)
diff --git a/hw/intc/gic_internal.h b/hw/intc/gic_internal.h
index 1aa888a5762..cc5acc5d419 100644
--- a/hw/intc/gic_internal.h
+++ b/hw/intc/gic_internal.h
@@ -129,6 +129,20 @@ REG32(GICH_LR63, 0x1fc)
R_GICH_LR0_Priority_MASK | R_GICH_LR0_State_MASK | \
R_GICH_LR0_Grp1_MASK | R_GICH_LR0_HW_MASK)
+#define GICH_LR_STATE_INVALID 0
+#define GICH_LR_STATE_PENDING 1
+#define GICH_LR_STATE_ACTIVE 2
+#define GICH_LR_STATE_ACTIVE_PENDING 3
+
+#define GICH_LR_VIRT_ID(entry) (FIELD_EX32(entry, GICH_LR0, VirtualID))
+#define GICH_LR_PHYS_ID(entry) (FIELD_EX32(entry, GICH_LR0, PhysicalID))
+#define GICH_LR_CPUID(entry) (FIELD_EX32(entry, GICH_LR0, CPUID))
+#define GICH_LR_EOI(entry) (FIELD_EX32(entry, GICH_LR0, EOI))
+#define GICH_LR_PRIORITY(entry) (FIELD_EX32(entry, GICH_LR0, Priority) << 3)
+#define GICH_LR_STATE(entry) (FIELD_EX32(entry, GICH_LR0, State))
+#define GICH_LR_GROUP(entry) (FIELD_EX32(entry, GICH_LR0, Grp1))
+#define GICH_LR_HW(entry) (FIELD_EX32(entry, GICH_LR0, HW))
+
/* Valid bits for GICC_CTLR for GICv1, v1 with security extensions,
* GICv2 and GICv2 with security extensions:
*/
@@ -164,4 +178,64 @@ static inline bool gic_is_vcpu(int cpu)
return cpu >= GIC_NCPU;
}
+static inline int gic_get_vcpu_real_id(int cpu)
+{
+return (cpu >= GIC_NCPU) ? (cpu - GIC_NCPU) : cpu;
+}
+
+/* Return true if the given vIRQ state exists in a LR and is either active or
+ * pending and active.
+ *
+ * This function is used to check that a guest's `end of interrupt' or
+ * `interrupts deactivation' request is valid, and matches with a LR of an
+ * already acknowledged vIRQ (i.e. has the active bit set in its state).
+ */
+static inline bool gic_virq_is_valid(GICState *s, int irq, int vcpu)
+{
+int cpu = gic_get_vcpu_real_id(vcpu);
+int lr_idx;
+
+for (lr_idx = 0; lr_idx < s->num_lrs; lr_idx++) {
+uint32_t *entry = >h_lr[lr_idx][cpu];
+
+if ((GICH_LR_VIRT_ID(*entry) == irq) &&
+(GICH_LR_STATE(*entry) & GICH_LR_STATE_ACTIVE)) {
+return true;
+}
+}
+
+return false;
+}
+
+/* Return a pointer on the LR entry matching the given vIRQ.
+ *
+ * This function is used to retrieve an LR for which we know for sure that the
+ * corresponding vIRQ exists in the current context (i.e. its current state is
+ * not `invalid'):
+ * - Either the corresponding vIRQ has been validated with
gic_virq_is_valid()
+ * so it is `active' or `active and pending',
+ * - Or it was pending and has been selected by gic_get_best_virq(). It is
now
+ * `pending', `active' or `active and pending', depending on what the guest
+ * already did with this vIRQ.
+ *
+ * Having multiple LRs with the same VirtualID leads to UNPREDICTABLE
+ * behaviour in the GIC. We choose to return the first one that matches.
+ */
+static inline uint32_t *gic_get_lr_entry(GICState *s, int irq, int vcpu)
+{
+int cpu = gic_get_vcpu_real_id(vcpu);
+int lr_idx;
+
+for (lr_idx = 0; lr_idx < s->num_lrs; lr_idx++) {
+uint32_t *entry = >h_lr[lr_idx][cpu];
+
+if ((GICH_LR_VIRT_ID(*entry) == irq) &&
+(GICH_LR_STATE(*entry) != GICH_LR_STATE_INVALID)) {
+return entry;
+}
+}
+
+g_assert_not_reached();
+}
+
#endif /* QEMU_ARM_GIC_INTERNAL_H */
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 5231579985f..41141fee532 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -61,6 +61,11 @@ static inline int gic_get_current_cpu(GICState *s)
return 0;
}
+static inline int gic_get_current_vcpu(GICState *s)
+{
+return gic_get_current_cpu(s) + GIC_NCPU;
+}
+
/* Return true if this GIC config has interrupt groups, which is
* true if we're a GICv2, or a GICv1 with the security extensions.
*/
--
2.18.0
[Qemu-devel] [PULL 12/19] target/mips: Don't update BadVAddr register in Debug Mode
From: Yongbok Kim
BadVAddr should not be updated if (env->hflags & MIPS_HFLAG_DM) is
set.
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Signed-off-by: Yongbok Kim
Signed-off-by: Aleksandar Markovic
---
target/mips/helper.c| 4 +++-
target/mips/op_helper.c | 12 +---
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/target/mips/helper.c b/target/mips/helper.c
index 8cf91ce..e215af9 100644
--- a/target/mips/helper.c
+++ b/target/mips/helper.c
@@ -502,7 +502,9 @@ static void raise_mmu_exception(CPUMIPSState *env,
target_ulong address,
break;
}
/* Raise exception */
-env->CP0_BadVAddr = address;
+if (!(env->hflags & MIPS_HFLAG_DM)) {
+env->CP0_BadVAddr = address;
+}
env->CP0_Context = (env->CP0_Context & ~0x007f) |
((address >> 9) & 0x0070);
env->CP0_EntryHi = (env->CP0_EntryHi & env->CP0_EntryHi_ASID_mask) |
diff --git a/target/mips/op_helper.c b/target/mips/op_helper.c
index 41d3634..0b2663b 100644
--- a/target/mips/op_helper.c
+++ b/target/mips/op_helper.c
@@ -271,7 +271,9 @@ static inline hwaddr do_translate_address(CPUMIPSState *env,
target_ulong helper_##name(CPUMIPSState *env, target_ulong arg, int mem_idx) \
{ \
if (arg & almask) { \
-env->CP0_BadVAddr = arg; \
+if (!(env->hflags & MIPS_HFLAG_DM)) { \
+env->CP0_BadVAddr = arg; \
+} \
do_raise_exception(env, EXCP_AdEL, GETPC()); \
} \
env->lladdr = do_translate_address(env, arg, 0, GETPC()); \
@@ -291,7 +293,9 @@ target_ulong helper_##name(CPUMIPSState *env, target_ulong
arg1, \
target_long tmp; \
\
if (arg2 & almask) { \
-env->CP0_BadVAddr = arg2; \
+if (!(env->hflags & MIPS_HFLAG_DM)) { \
+env->CP0_BadVAddr = arg2; \
+} \
do_raise_exception(env, EXCP_AdES, GETPC()); \
} \
if (do_translate_address(env, arg2, 1, GETPC()) == env->lladdr) { \
@@ -2437,7 +2441,9 @@ void mips_cpu_do_unaligned_access(CPUState *cs, vaddr
addr,
int error_code = 0;
int excp;
-env->CP0_BadVAddr = addr;
+if (!(env->hflags & MIPS_HFLAG_DM)) {
+env->CP0_BadVAddr = addr;
+}
if (access_type == MMU_DATA_STORE) {
excp = EXCP_AdES;
--
2.7.4
[Qemu-devel] [PULL 27/45] intc/arm_gic: Implement gic_update_virt() function
From: Luc Michel
Add the gic_update_virt() function to update the vCPU interface states
and raise vIRQ and vFIQ as needed. This commit renames gic_update() to
gic_update_internal() and generalizes it to handle both cases, with a
`virt' parameter to track whether we are updating the CPU or vCPU
interfaces.
The main difference between CPU and vCPU is the way we select the best
IRQ. This part has been split into the gic_get_best_(v)irq functions.
For the virt case, the LRs are iterated to find the best candidate.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-17-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 175 +++---
1 file changed, 136 insertions(+), 39 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 60631964876..6b97e197966 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -79,74 +79,149 @@ static inline bool gic_cpu_ns_access(GICState *s, int cpu,
MemTxAttrs attrs)
return !gic_is_vcpu(cpu) && s->security_extn && !attrs.secure;
}
+static inline void gic_get_best_irq(GICState *s, int cpu,
+int *best_irq, int *best_prio, int *group)
+{
+int irq;
+int cm = 1 << cpu;
+
+*best_irq = 1023;
+*best_prio = 0x100;
+
+for (irq = 0; irq < s->num_irq; irq++) {
+if (GIC_DIST_TEST_ENABLED(irq, cm) && gic_test_pending(s, irq, cm) &&
+(!GIC_DIST_TEST_ACTIVE(irq, cm)) &&
+(irq < GIC_INTERNAL || GIC_DIST_TARGET(irq) & cm)) {
+if (GIC_DIST_GET_PRIORITY(irq, cpu) < *best_prio) {
+*best_prio = GIC_DIST_GET_PRIORITY(irq, cpu);
+*best_irq = irq;
+}
+}
+}
+
+if (*best_irq < 1023) {
+*group = GIC_DIST_TEST_GROUP(*best_irq, cm);
+}
+}
+
+static inline void gic_get_best_virq(GICState *s, int cpu,
+ int *best_irq, int *best_prio, int *group)
+{
+int lr_idx = 0;
+
+*best_irq = 1023;
+*best_prio = 0x100;
+
+for (lr_idx = 0; lr_idx < s->num_lrs; lr_idx++) {
+uint32_t lr_entry = s->h_lr[lr_idx][cpu];
+int state = GICH_LR_STATE(lr_entry);
+
+if (state == GICH_LR_STATE_PENDING) {
+int prio = GICH_LR_PRIORITY(lr_entry);
+
+if (prio < *best_prio) {
+*best_prio = prio;
+*best_irq = GICH_LR_VIRT_ID(lr_entry);
+*group = GICH_LR_GROUP(lr_entry);
+}
+}
+}
+}
+
+/* Return true if IRQ signaling is enabled for the given cpu and at least one
+ * of the given groups:
+ * - in the non-virt case, the distributor must be enabled for one of the
+ * given groups
+ * - in the virt case, the virtual interface must be enabled.
+ * - in all cases, the (v)CPU interface must be enabled for one of the given
+ * groups.
+ */
+static inline bool gic_irq_signaling_enabled(GICState *s, int cpu, bool virt,
+int group_mask)
+{
+if (!virt && !(s->ctlr & group_mask)) {
+return false;
+}
+
+if (virt && !(s->h_hcr[cpu] & R_GICH_HCR_EN_MASK)) {
+return false;
+}
+
+if (!(s->cpu_ctlr[cpu] & group_mask)) {
+return false;
+}
+
+return true;
+}
+
/* TODO: Many places that call this routine could be optimized. */
/* Update interrupt status after enabled or pending bits have been changed. */
-static void gic_update(GICState *s)
+static inline void gic_update_internal(GICState *s, bool virt)
{
int best_irq;
int best_prio;
-int irq;
int irq_level, fiq_level;
-int cpu;
-int cm;
+int cpu, cpu_iface;
+int group = 0;
+qemu_irq *irq_lines = virt ? s->parent_virq : s->parent_irq;
+qemu_irq *fiq_lines = virt ? s->parent_vfiq : s->parent_fiq;
for (cpu = 0; cpu < s->num_cpu; cpu++) {
-cm = 1 << cpu;
-s->current_pending[cpu] = 1023;
-if (!(s->ctlr & (GICD_CTLR_EN_GRP0 | GICD_CTLR_EN_GRP1))
-|| !(s->cpu_ctlr[cpu] & (GICC_CTLR_EN_GRP0 | GICC_CTLR_EN_GRP1))) {
-qemu_irq_lower(s->parent_irq[cpu]);
-qemu_irq_lower(s->parent_fiq[cpu]);
+cpu_iface = virt ? (cpu + GIC_NCPU) : cpu;
+
+s->current_pending[cpu_iface] = 1023;
+if (!gic_irq_signaling_enabled(s, cpu, virt,
+ GICD_CTLR_EN_GRP0 | GICD_CTLR_EN_GRP1))
{
+qemu_irq_lower(irq_lines[cpu]);
+qemu_irq_lower(fiq_lines[cpu]);
continue;
}
-best_prio = 0x100;
-best_irq = 1023;
-for (irq = 0; irq < s->num_irq; irq++) {
-if (GIC_DIST_TEST_ENABLED(irq, cm) &&
-gic_test_pending(s, irq, cm) &&
-(!GIC_DIST_TEST_ACTIVE(irq, cm)) &&
-(irq < GIC_INTERNAL || GIC_DIST_TARGET(irq) & cm)) {
-if (GIC_DIST_GET_PRIORITY(irq, cpu) < best_prio) {
-
[Qemu-devel] [PULL 20/45] intc/arm_gic: Add virtualization enabled IRQ helper functions
From: Luc Michel
Add some helper functions to gic_internal.h to get or change the state
of an IRQ. When the current CPU is not a vCPU, the call is forwarded to
the GIC distributor. Otherwise, it acts on the list register matching
the IRQ in the current CPU virtual interface.
gic_clear_active can have a side effect on the distributor, even in the
vCPU case, when the correponding LR has the HW field set.
Use those functions in the CPU interface code path to prepare for the
vCPU interface implementation.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Reviewed-by: Philippe Mathieu-Daudé
Message-id: 20180727095421.386-10-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/gic_internal.h | 83 ++
hw/intc/arm_gic.c | 32 +++-
2 files changed, 97 insertions(+), 18 deletions(-)
diff --git a/hw/intc/gic_internal.h b/hw/intc/gic_internal.h
index cc5acc5d419..45c2af0bf59 100644
--- a/hw/intc/gic_internal.h
+++ b/hw/intc/gic_internal.h
@@ -143,6 +143,13 @@ REG32(GICH_LR63, 0x1fc)
#define GICH_LR_GROUP(entry) (FIELD_EX32(entry, GICH_LR0, Grp1))
#define GICH_LR_HW(entry) (FIELD_EX32(entry, GICH_LR0, HW))
+#define GICH_LR_CLEAR_PENDING(entry) \
+((entry) &= ~(GICH_LR_STATE_PENDING << R_GICH_LR0_State_SHIFT))
+#define GICH_LR_SET_ACTIVE(entry) \
+((entry) |= (GICH_LR_STATE_ACTIVE << R_GICH_LR0_State_SHIFT))
+#define GICH_LR_CLEAR_ACTIVE(entry) \
+((entry) &= ~(GICH_LR_STATE_ACTIVE << R_GICH_LR0_State_SHIFT))
+
/* Valid bits for GICC_CTLR for GICv1, v1 with security extensions,
* GICv2 and GICv2 with security extensions:
*/
@@ -238,4 +245,80 @@ static inline uint32_t *gic_get_lr_entry(GICState *s, int
irq, int vcpu)
g_assert_not_reached();
}
+static inline bool gic_test_group(GICState *s, int irq, int cpu)
+{
+if (gic_is_vcpu(cpu)) {
+uint32_t *entry = gic_get_lr_entry(s, irq, cpu);
+return GICH_LR_GROUP(*entry);
+} else {
+return GIC_DIST_TEST_GROUP(irq, 1 << cpu);
+}
+}
+
+static inline void gic_clear_pending(GICState *s, int irq, int cpu)
+{
+if (gic_is_vcpu(cpu)) {
+uint32_t *entry = gic_get_lr_entry(s, irq, cpu);
+GICH_LR_CLEAR_PENDING(*entry);
+} else {
+/* Clear pending state for both level and edge triggered
+ * interrupts. (level triggered interrupts with an active line
+ * remain pending, see gic_test_pending)
+ */
+GIC_DIST_CLEAR_PENDING(irq, GIC_DIST_TEST_MODEL(irq) ? ALL_CPU_MASK
+ : (1 << cpu));
+}
+}
+
+static inline void gic_set_active(GICState *s, int irq, int cpu)
+{
+if (gic_is_vcpu(cpu)) {
+uint32_t *entry = gic_get_lr_entry(s, irq, cpu);
+GICH_LR_SET_ACTIVE(*entry);
+} else {
+GIC_DIST_SET_ACTIVE(irq, 1 << cpu);
+}
+}
+
+static inline void gic_clear_active(GICState *s, int irq, int cpu)
+{
+if (gic_is_vcpu(cpu)) {
+uint32_t *entry = gic_get_lr_entry(s, irq, cpu);
+GICH_LR_CLEAR_ACTIVE(*entry);
+
+if (GICH_LR_HW(*entry)) {
+/* Hardware interrupt. We must forward the deactivation request to
+ * the distributor.
+ */
+int phys_irq = GICH_LR_PHYS_ID(*entry);
+int rcpu = gic_get_vcpu_real_id(cpu);
+
+if (phys_irq < GIC_NR_SGIS || phys_irq >= GIC_MAXIRQ) {
+/* UNPREDICTABLE behaviour, we choose to ignore the request */
+return;
+}
+
+/* This is equivalent to a NS write to DIR on the physical CPU
+ * interface. Hence group0 interrupt deactivation is ignored if
+ * the GIC is secure.
+ */
+if (!s->security_extn || GIC_DIST_TEST_GROUP(phys_irq, 1 << rcpu))
{
+GIC_DIST_CLEAR_ACTIVE(phys_irq, 1 << rcpu);
+}
+}
+} else {
+GIC_DIST_CLEAR_ACTIVE(irq, 1 << cpu);
+}
+}
+
+static inline int gic_get_priority(GICState *s, int irq, int cpu)
+{
+if (gic_is_vcpu(cpu)) {
+uint32_t *entry = gic_get_lr_entry(s, irq, cpu);
+return GICH_LR_PRIORITY(*entry);
+} else {
+return GIC_DIST_GET_PRIORITY(irq, cpu);
+}
+}
+
#endif /* QEMU_ARM_GIC_INTERNAL_H */
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 94d5982e2ac..26ed7ea58ab 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -222,7 +222,8 @@ static uint16_t gic_get_current_pending_irq(GICState *s,
int cpu,
uint16_t pending_irq = s->current_pending[cpu];
if (pending_irq < GIC_MAXIRQ && gic_has_groups(s)) {
-int group = GIC_DIST_TEST_GROUP(pending_irq, (1 << cpu));
+int group = gic_test_group(s, pending_irq, cpu);
+
/* On a GIC without the security extensions, reading this register
* behaves in the same way as a secure access to a GIC with them.
*/
@@ -253,7 +254,7 @@ static int
[Qemu-devel] [PULL 16/45] intc/arm_gic: Add the virtualization extensions to the GIC state
From: Luc Michel
Add the necessary parts of the virtualization extensions state to the
GIC state. We choose to increase the size of the CPU interfaces state to
add space for the vCPU interfaces (the GIC_NCPU_VCPU macro). This way,
we'll be able to reuse most of the CPU interface code for the vCPUs.
The only exception is the APR value, which is stored in h_apr in the
virtual interface state for vCPUs. This is due to some complications
with the GIC VMState, for which we don't want to break backward
compatibility. APRs being stored in 2D arrays, increasing the second
dimension would lead to some ugly VMState description. To avoid
that, we keep it in h_apr for vCPUs.
The vCPUs are numbered from GIC_NCPU to (GIC_NCPU * 2) - 1. The
`gic_is_vcpu` function help to determine if a given CPU id correspond to
a physical CPU or a virtual one.
For the in-kernel KVM VGIC, since the exposed VGIC does not implement
the virtualization extensions, we report an error if the corresponding
property is set to true.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-6-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/gic_internal.h | 5 ++
include/hw/intc/arm_gic_common.h | 43 +++--
hw/intc/arm_gic.c| 2 +-
hw/intc/arm_gic_common.c | 148 ++-
hw/intc/arm_gic_kvm.c| 8 +-
5 files changed, 173 insertions(+), 33 deletions(-)
diff --git a/hw/intc/gic_internal.h b/hw/intc/gic_internal.h
index a2075a94dbb..c85427c8e31 100644
--- a/hw/intc/gic_internal.h
+++ b/hw/intc/gic_internal.h
@@ -94,4 +94,9 @@ static inline bool gic_test_pending(GICState *s, int irq, int
cm)
}
}
+static inline bool gic_is_vcpu(int cpu)
+{
+return cpu >= GIC_NCPU;
+}
+
#endif /* QEMU_ARM_GIC_INTERNAL_H */
diff --git a/include/hw/intc/arm_gic_common.h b/include/hw/intc/arm_gic_common.h
index af3ca18e2f0..b5585fec451 100644
--- a/include/hw/intc/arm_gic_common.h
+++ b/include/hw/intc/arm_gic_common.h
@@ -30,6 +30,8 @@
#define GIC_NR_SGIS 16
/* Maximum number of possible CPU interfaces, determined by GIC architecture */
#define GIC_NCPU 8
+/* Maximum number of possible CPU interfaces with their respective vCPU */
+#define GIC_NCPU_VCPU (GIC_NCPU * 2)
#define MAX_NR_GROUP_PRIO 128
#define GIC_NR_APRS (MAX_NR_GROUP_PRIO / 32)
@@ -37,6 +39,17 @@
#define GIC_MIN_BPR 0
#define GIC_MIN_ABPR (GIC_MIN_BPR + 1)
+/* Architectural maximum number of list registers in the virtual interface */
+#define GIC_MAX_LR 64
+
+/* Only 32 priority levels and 32 preemption levels in the vCPU interfaces */
+#define GIC_VIRT_MAX_GROUP_PRIO_BITS 5
+#define GIC_VIRT_MAX_NR_GROUP_PRIO (1 << GIC_VIRT_MAX_GROUP_PRIO_BITS)
+#define GIC_VIRT_NR_APRS (GIC_VIRT_MAX_NR_GROUP_PRIO / 32)
+
+#define GIC_VIRT_MIN_BPR 2
+#define GIC_VIRT_MIN_ABPR (GIC_VIRT_MIN_BPR + 1)
+
typedef struct gic_irq_state {
/* The enable bits are only banked for per-cpu interrupts. */
uint8_t enabled;
@@ -57,6 +70,8 @@ typedef struct GICState {
qemu_irq parent_fiq[GIC_NCPU];
qemu_irq parent_virq[GIC_NCPU];
qemu_irq parent_vfiq[GIC_NCPU];
+qemu_irq maintenance_irq[GIC_NCPU];
+
/* GICD_CTLR; for a GIC with the security extensions the NS banked version
* of this register is just an alias of bit 1 of the S banked version.
*/
@@ -64,7 +79,7 @@ typedef struct GICState {
/* GICC_CTLR; again, the NS banked version is just aliases of bits of
* the S banked register, so our state only needs to store the S version.
*/
-uint32_t cpu_ctlr[GIC_NCPU];
+uint32_t cpu_ctlr[GIC_NCPU_VCPU];
gic_irq_state irq_state[GIC_MAXIRQ];
uint8_t irq_target[GIC_MAXIRQ];
@@ -78,9 +93,9 @@ typedef struct GICState {
*/
uint8_t sgi_pending[GIC_NR_SGIS][GIC_NCPU];
-uint16_t priority_mask[GIC_NCPU];
-uint16_t running_priority[GIC_NCPU];
-uint16_t current_pending[GIC_NCPU];
+uint16_t priority_mask[GIC_NCPU_VCPU];
+uint16_t running_priority[GIC_NCPU_VCPU];
+uint16_t current_pending[GIC_NCPU_VCPU];
/* If we present the GICv2 without security extensions to a guest,
* the guest can configure the GICC_CTLR to configure group 1 binary point
@@ -88,8 +103,8 @@ typedef struct GICState {
* For a GIC with Security Extensions we use use bpr for the
* secure copy and abpr as storage for the non-secure copy of the register.
*/
-uint8_t bpr[GIC_NCPU];
-uint8_t abpr[GIC_NCPU];
+uint8_t bpr[GIC_NCPU_VCPU];
+uint8_t abpr[GIC_NCPU_VCPU];
/* The APR is implementation defined, so we choose a layout identical to
* the KVM ABI layout for QEMU's implementation of the gic:
@@ -100,6 +115,15 @@ typedef struct GICState {
uint32_t apr[GIC_NR_APRS][GIC_NCPU];
uint32_t nsapr[GIC_NR_APRS][GIC_NCPU];
+/* Virtual interface control registers */
+uint32_t h_hcr[GIC_NCPU];
+uint32_t h_misr[GIC_NCPU];
+uint32_t
[Qemu-devel] [PULL 26/45] intc/arm_gic: Implement the virtual interface registers
From: Luc Michel
Implement the read and write functions for the virtual interface of the
virtualization extensions in the GICv2.
One mirror region per CPU is also created, which maps to that specific
CPU id. This is required by the GIC architecture specification.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-16-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 235 +-
1 file changed, 233 insertions(+), 2 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 7ee2e6bcbb3..60631964876 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -147,6 +147,24 @@ static void gic_update(GICState *s)
}
}
+/* Return true if this LR is empty, i.e. the corresponding bit
+ * in ELRSR is set.
+ */
+static inline bool gic_lr_entry_is_free(uint32_t entry)
+{
+return (GICH_LR_STATE(entry) == GICH_LR_STATE_INVALID)
+&& (GICH_LR_HW(entry) || !GICH_LR_EOI(entry));
+}
+
+/* Return true if this LR should trigger an EOI maintenance interrupt, i.e. the
+ * corrsponding bit in EISR is set.
+ */
+static inline bool gic_lr_entry_is_eoi(uint32_t entry)
+{
+return (GICH_LR_STATE(entry) == GICH_LR_STATE_INVALID)
+&& !GICH_LR_HW(entry) && GICH_LR_EOI(entry);
+}
+
static void gic_set_irq_11mpcore(GICState *s, int irq, int level,
int cm, int target)
{
@@ -1572,6 +1590,200 @@ static MemTxResult gic_thisvcpu_write(void *opaque,
hwaddr addr,
return gic_cpu_write(s, gic_get_current_vcpu(s), addr, value, attrs);
}
+static uint32_t gic_compute_eisr(GICState *s, int cpu, int lr_start)
+{
+int lr_idx;
+uint32_t ret = 0;
+
+for (lr_idx = lr_start; lr_idx < s->num_lrs; lr_idx++) {
+uint32_t *entry = >h_lr[lr_idx][cpu];
+ret = deposit32(ret, lr_idx - lr_start, 1,
+gic_lr_entry_is_eoi(*entry));
+}
+
+return ret;
+}
+
+static uint32_t gic_compute_elrsr(GICState *s, int cpu, int lr_start)
+{
+int lr_idx;
+uint32_t ret = 0;
+
+for (lr_idx = lr_start; lr_idx < s->num_lrs; lr_idx++) {
+uint32_t *entry = >h_lr[lr_idx][cpu];
+ret = deposit32(ret, lr_idx - lr_start, 1,
+gic_lr_entry_is_free(*entry));
+}
+
+return ret;
+}
+
+static void gic_vmcr_write(GICState *s, uint32_t value, MemTxAttrs attrs)
+{
+int vcpu = gic_get_current_vcpu(s);
+uint32_t ctlr;
+uint32_t abpr;
+uint32_t bpr;
+uint32_t prio_mask;
+
+ctlr = FIELD_EX32(value, GICH_VMCR, VMCCtlr);
+abpr = FIELD_EX32(value, GICH_VMCR, VMABP);
+bpr = FIELD_EX32(value, GICH_VMCR, VMBP);
+prio_mask = FIELD_EX32(value, GICH_VMCR, VMPriMask) << 3;
+
+gic_set_cpu_control(s, vcpu, ctlr, attrs);
+s->abpr[vcpu] = MAX(abpr, GIC_VIRT_MIN_ABPR);
+s->bpr[vcpu] = MAX(bpr, GIC_VIRT_MIN_BPR);
+gic_set_priority_mask(s, vcpu, prio_mask, attrs);
+}
+
+static MemTxResult gic_hyp_read(void *opaque, int cpu, hwaddr addr,
+uint64_t *data, MemTxAttrs attrs)
+{
+GICState *s = ARM_GIC(opaque);
+int vcpu = cpu + GIC_NCPU;
+
+switch (addr) {
+case A_GICH_HCR: /* Hypervisor Control */
+*data = s->h_hcr[cpu];
+break;
+
+case A_GICH_VTR: /* VGIC Type */
+*data = FIELD_DP32(0, GICH_VTR, ListRegs, s->num_lrs - 1);
+*data = FIELD_DP32(*data, GICH_VTR, PREbits,
+ GIC_VIRT_MAX_GROUP_PRIO_BITS - 1);
+*data = FIELD_DP32(*data, GICH_VTR, PRIbits,
+ (7 - GIC_VIRT_MIN_BPR) - 1);
+break;
+
+case A_GICH_VMCR: /* Virtual Machine Control */
+*data = FIELD_DP32(0, GICH_VMCR, VMCCtlr,
+ extract32(s->cpu_ctlr[vcpu], 0, 10));
+*data = FIELD_DP32(*data, GICH_VMCR, VMABP, s->abpr[vcpu]);
+*data = FIELD_DP32(*data, GICH_VMCR, VMBP, s->bpr[vcpu]);
+*data = FIELD_DP32(*data, GICH_VMCR, VMPriMask,
+ extract32(s->priority_mask[vcpu], 3, 5));
+break;
+
+case A_GICH_MISR: /* Maintenance Interrupt Status */
+*data = s->h_misr[cpu];
+break;
+
+case A_GICH_EISR0: /* End of Interrupt Status 0 and 1 */
+case A_GICH_EISR1:
+*data = gic_compute_eisr(s, cpu, (addr - A_GICH_EISR0) * 8);
+break;
+
+case A_GICH_ELRSR0: /* Empty List Status 0 and 1 */
+case A_GICH_ELRSR1:
+*data = gic_compute_elrsr(s, cpu, (addr - A_GICH_ELRSR0) * 8);
+break;
+
+case A_GICH_APR: /* Active Priorities */
+*data = s->h_apr[cpu];
+break;
+
+case A_GICH_LR0 ... A_GICH_LR63: /* List Registers */
+{
+int lr_idx = (addr - A_GICH_LR0) / 4;
+
+if (lr_idx > s->num_lrs) {
+*data = 0;
+} else {
+*data = s->h_lr[lr_idx][cpu];
+}
+break;
+}
+
+default:
+qemu_log_mask(LOG_GUEST_ERROR,
+
[Qemu-devel] [PULL 13/19] target/mips: Check ELPA flag only in some cases of MFHC0 and MTHC0
From: Yongbok Kim
MFHC0 and MTHC0 used to handle EntryLo0 and EntryLo1 registers only,
and placing ELPA flag checks before switch statement were technically
correct. However, after adding handling more registers, these checks
should be moved to act only in cases of handling EntryLo0 and
EntryLo1.
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Aleksandar Markovic
Reviewed-by: Richard Henderson
Signed-off-by: Yongbok Kim
Signed-off-by: Aleksandar Markovic
Signed-off-by: Stefan Markovic
---
target/mips/translate.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/mips/translate.c b/target/mips/translate.c
index 6f4bdc9..420f1df 100644
--- a/target/mips/translate.c
+++ b/target/mips/translate.c
@@ -4938,12 +4938,11 @@ static void gen_mfhc0(DisasContext *ctx, TCGv arg, int
reg, int sel)
{
const char *rn = "invalid";
-CP0_CHECK(ctx->hflags & MIPS_HFLAG_ELPA);
-
switch (reg) {
case 2:
switch (sel) {
case 0:
+CP0_CHECK(ctx->hflags & MIPS_HFLAG_ELPA);
gen_mfhc0_entrylo(arg, offsetof(CPUMIPSState, CP0_EntryLo0));
rn = "EntryLo0";
break;
@@ -4954,6 +4953,7 @@ static void gen_mfhc0(DisasContext *ctx, TCGv arg, int
reg, int sel)
case 3:
switch (sel) {
case 0:
+CP0_CHECK(ctx->hflags & MIPS_HFLAG_ELPA);
gen_mfhc0_entrylo(arg, offsetof(CPUMIPSState, CP0_EntryLo1));
rn = "EntryLo1";
break;
@@ -5006,12 +5006,11 @@ static void gen_mthc0(DisasContext *ctx, TCGv arg, int
reg, int sel)
const char *rn = "invalid";
uint64_t mask = ctx->PAMask >> 36;
-CP0_CHECK(ctx->hflags & MIPS_HFLAG_ELPA);
-
switch (reg) {
case 2:
switch (sel) {
case 0:
+CP0_CHECK(ctx->hflags & MIPS_HFLAG_ELPA);
tcg_gen_andi_tl(arg, arg, mask);
gen_mthc0_entrylo(arg, offsetof(CPUMIPSState, CP0_EntryLo0));
rn = "EntryLo0";
@@ -5023,6 +5022,7 @@ static void gen_mthc0(DisasContext *ctx, TCGv arg, int
reg, int sel)
case 3:
switch (sel) {
case 0:
+CP0_CHECK(ctx->hflags & MIPS_HFLAG_ELPA);
tcg_gen_andi_tl(arg, arg, mask);
gen_mthc0_entrylo(arg, offsetof(CPUMIPSState, CP0_EntryLo1));
rn = "EntryLo1";
--
2.7.4
[Qemu-devel] [PULL 13/45] intc/arm_gic: Implement GICD_ISACTIVERn and GICD_ICACTIVERn registers
From: Luc Michel
Implement GICD_ISACTIVERn and GICD_ICACTIVERn registers in the GICv2.
Those registers allow to set or clear the active state of an IRQ in the
distributor.
Signed-off-by: Luc Michel
Reviewed-by: Peter Maydell
Message-id: 20180727095421.386-3-luc.mic...@greensocs.com
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 61 +++
1 file changed, 57 insertions(+), 4 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 9286236d86b..53b749d2167 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -725,8 +725,16 @@ static uint32_t gic_dist_readb(void *opaque, hwaddr
offset, MemTxAttrs attrs)
}
}
} else if (offset < 0x400) {
-/* Interrupt Active. */
-irq = (offset - 0x300) * 8 + GIC_BASE_IRQ;
+/* Interrupt Set/Clear Active. */
+if (offset < 0x380) {
+irq = (offset - 0x300) * 8;
+} else if (s->revision == 2) {
+irq = (offset - 0x380) * 8;
+} else {
+goto bad_reg;
+}
+
+irq += GIC_BASE_IRQ;
if (irq >= s->num_irq)
goto bad_reg;
res = 0;
@@ -1007,9 +1015,54 @@ static void gic_dist_writeb(void *opaque, hwaddr offset,
GIC_DIST_CLEAR_PENDING(irq + i, ALL_CPU_MASK);
}
}
+} else if (offset < 0x380) {
+/* Interrupt Set Active. */
+if (s->revision != 2) {
+goto bad_reg;
+}
+
+irq = (offset - 0x300) * 8 + GIC_BASE_IRQ;
+if (irq >= s->num_irq) {
+goto bad_reg;
+}
+
+/* This register is banked per-cpu for PPIs */
+int cm = irq < GIC_INTERNAL ? (1 << cpu) : ALL_CPU_MASK;
+
+for (i = 0; i < 8; i++) {
+if (s->security_extn && !attrs.secure &&
+!GIC_DIST_TEST_GROUP(irq + i, 1 << cpu)) {
+continue; /* Ignore Non-secure access of Group0 IRQ */
+}
+
+if (value & (1 << i)) {
+GIC_DIST_SET_ACTIVE(irq + i, cm);
+}
+}
} else if (offset < 0x400) {
-/* Interrupt Active. */
-goto bad_reg;
+/* Interrupt Clear Active. */
+if (s->revision != 2) {
+goto bad_reg;
+}
+
+irq = (offset - 0x380) * 8 + GIC_BASE_IRQ;
+if (irq >= s->num_irq) {
+goto bad_reg;
+}
+
+/* This register is banked per-cpu for PPIs */
+int cm = irq < GIC_INTERNAL ? (1 << cpu) : ALL_CPU_MASK;
+
+for (i = 0; i < 8; i++) {
+if (s->security_extn && !attrs.secure &&
+!GIC_DIST_TEST_GROUP(irq + i, 1 << cpu)) {
+continue; /* Ignore Non-secure access of Group0 IRQ */
+}
+
+if (value & (1 << i)) {
+GIC_DIST_CLEAR_ACTIVE(irq + i, cm);
+}
+}
} else if (offset < 0x800) {
/* Interrupt Priority. */
irq = (offset - 0x400) + GIC_BASE_IRQ;
--
2.18.0
[Qemu-devel] [PULL 15/45] vmstate.h: Provide VMSTATE_UINT16_SUB_ARRAY
From: Luc Michel Provide a VMSTATE_UINT16_SUB_ARRAY macro to save a uint16_t sub-array in a VMState. Signed-off-by: Luc Michel Reviewed-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-id: 20180727095421.386-5-luc.mic...@greensocs.com Signed-off-by: Peter Maydell --- include/migration/vmstate.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h index 42b946ce902..2b501d04669 100644 --- a/include/migration/vmstate.h +++ b/include/migration/vmstate.h @@ -923,6 +923,9 @@ extern const VMStateInfo vmstate_info_qtailq; #define VMSTATE_UINT16_ARRAY(_f, _s, _n) \ VMSTATE_UINT16_ARRAY_V(_f, _s, _n, 0) +#define VMSTATE_UINT16_SUB_ARRAY(_f, _s, _start, _num)\ +VMSTATE_SUB_ARRAY(_f, _s, _start, _num, 0, vmstate_info_uint16, uint16_t) + #define VMSTATE_UINT16_2DARRAY(_f, _s, _n1, _n2) \ VMSTATE_UINT16_2DARRAY_V(_f, _s, _n1, _n2, 0) -- 2.18.0
[Qemu-devel] [PULL 11/19] target/mips: Implement CP0 Config1.WR bit functionality
From: Stefan Markovic Add testing Config1.WR bit into watch exception handling logic. Reviewed-by: Aleksandar Markovic Signed-off-by: Aleksandar Markovic Signed-off-by: Stefan Markovic --- target/mips/translate.c | 8 1 file changed, 8 insertions(+) diff --git a/target/mips/translate.c b/target/mips/translate.c index e62ea96..6f4bdc9 100644 --- a/target/mips/translate.c +++ b/target/mips/translate.c @@ -5562,6 +5562,7 @@ static void gen_mfc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_1e0i(mfc0_watchlo, arg, sel); rn = "WatchLo"; break; @@ -5579,6 +5580,7 @@ static void gen_mfc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_1e0i(mfc0_watchhi, arg, sel); rn = "WatchHi"; break; @@ -6261,6 +6263,7 @@ static void gen_mtc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_0e1i(mtc0_watchlo, arg, sel); rn = "WatchLo"; break; @@ -6278,6 +6281,7 @@ static void gen_mtc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_0e1i(mtc0_watchhi, arg, sel); rn = "WatchHi"; break; @@ -6964,6 +6968,7 @@ static void gen_dmfc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_1e0i(dmfc0_watchlo, arg, sel); rn = "WatchLo"; break; @@ -6981,6 +6986,7 @@ static void gen_dmfc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_1e0i(mfc0_watchhi, arg, sel); rn = "WatchHi"; break; @@ -7645,6 +7651,7 @@ static void gen_dmtc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_0e1i(mtc0_watchlo, arg, sel); rn = "WatchLo"; break; @@ -7662,6 +7669,7 @@ static void gen_dmtc0(DisasContext *ctx, TCGv arg, int reg, int sel) case 5: case 6: case 7: +CP0_CHECK(ctx->CP0_Config1 & (1 << CP0C1_WR)); gen_helper_0e1i(mtc0_watchhi, arg, sel); rn = "WatchHi"; break; -- 2.7.4
[Qemu-devel] [PULL 25/45] intc/arm_gic: Wire the vCPU interface
From: Luc Michel
Add the read/write functions to handle accesses to the vCPU interface.
Those accesses are forwarded to the real CPU interface, with the CPU id
being converted to the corresponding vCPU id (vCPU id = CPU id +
GIC_NCPU).
Signed-off-by: Luc Michel
Message-id: 20180727095421.386-15-luc.mic...@greensocs.com
Reviewed-by: Peter Maydell
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 37 +++--
1 file changed, 35 insertions(+), 2 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 0e1b23047e3..7ee2e6bcbb3 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -1555,6 +1555,23 @@ static MemTxResult gic_do_cpu_write(void *opaque, hwaddr
addr,
return gic_cpu_write(s, id, addr, value, attrs);
}
+static MemTxResult gic_thisvcpu_read(void *opaque, hwaddr addr, uint64_t *data,
+unsigned size, MemTxAttrs attrs)
+{
+GICState *s = (GICState *)opaque;
+
+return gic_cpu_read(s, gic_get_current_vcpu(s), addr, data, attrs);
+}
+
+static MemTxResult gic_thisvcpu_write(void *opaque, hwaddr addr,
+ uint64_t value, unsigned size,
+ MemTxAttrs attrs)
+{
+GICState *s = (GICState *)opaque;
+
+return gic_cpu_write(s, gic_get_current_vcpu(s), addr, value, attrs);
+}
+
static const MemoryRegionOps gic_ops[2] = {
{
.read_with_attrs = gic_dist_read,
@@ -1574,6 +1591,19 @@ static const MemoryRegionOps gic_cpu_ops = {
.endianness = DEVICE_NATIVE_ENDIAN,
};
+static const MemoryRegionOps gic_virt_ops[2] = {
+{
+.read_with_attrs = NULL,
+.write_with_attrs = NULL,
+.endianness = DEVICE_NATIVE_ENDIAN,
+},
+{
+.read_with_attrs = gic_thisvcpu_read,
+.write_with_attrs = gic_thisvcpu_write,
+.endianness = DEVICE_NATIVE_ENDIAN,
+}
+};
+
static void arm_gic_realize(DeviceState *dev, Error **errp)
{
/* Device instance realize function for the GIC sysbus device */
@@ -1595,8 +1625,11 @@ static void arm_gic_realize(DeviceState *dev, Error
**errp)
return;
}
-/* This creates distributor and main CPU interface (s->cpuiomem[0]) */
-gic_init_irqs_and_mmio(s, gic_set_irq, gic_ops, NULL);
+/* This creates distributor, main CPU interface (s->cpuiomem[0]) and if
+ * enabled, virtualization extensions related interfaces (main virtual
+ * interface (s->vifaceiomem[0]) and virtual CPU interface).
+ */
+gic_init_irqs_and_mmio(s, gic_set_irq, gic_ops, gic_virt_ops);
/* Extra core-specific regions for the CPU interfaces. This is
* necessary for "franken-GIC" implementations, for example on
--
2.18.0
[Qemu-devel] [PULL 08/45] accel/tcg: tb_gen_code(): Create single-insn TB for execution from non-RAM
If get_page_addr_code() returns -1, this indicates that there is no RAM
page we can read a full TB from. Instead we must create a TB which
contains a single instruction and which we do not cache, so it is
executed only once.
Since this means we can now have TBs which are not in any page list,
we also need to make tb_phys_invalidate() handle them (by not trying
to remove them from a nonexistent page list).
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Reviewed-by: Emilio G. Cota
Tested-by: Cédric Le Goater
Message-id: 20180710160013.26559-5-peter.mayd...@linaro.org
---
accel/tcg/translate-all.c | 19 ++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index ff7d0145f46..898c3bb3d12 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -1493,7 +1493,7 @@ static void tb_phys_invalidate__locked(TranslationBlock
*tb)
*/
void tb_phys_invalidate(TranslationBlock *tb, tb_page_addr_t page_addr)
{
-if (page_addr == -1) {
+if (page_addr == -1 && tb->page_addr[0] != -1) {
page_lock_tb(tb);
do_tb_phys_invalidate(tb, true);
page_unlock_tb(tb);
@@ -1608,6 +1608,17 @@ tb_link_page(TranslationBlock *tb, tb_page_addr_t
phys_pc,
assert_memory_lock();
+if (phys_pc == -1) {
+/*
+ * If the TB is not associated with a physical RAM page then
+ * it must be a temporary one-insn TB, and we have nothing to do
+ * except fill in the page_addr[] fields.
+ */
+assert(tb->cflags & CF_NOCACHE);
+tb->page_addr[0] = tb->page_addr[1] = -1;
+return tb;
+}
+
/*
* Add the TB to the page list, acquiring first the pages's locks.
* We keep the locks held until after inserting the TB in the hash table,
@@ -1677,6 +1688,12 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
phys_pc = get_page_addr_code(env, pc);
+if (phys_pc == -1) {
+/* Generate a temporary TB with 1 insn in it */
+cflags &= ~CF_COUNT_MASK;
+cflags |= CF_NOCACHE | 1;
+}
+
buffer_overflow:
tb = tb_alloc(pc);
if (unlikely(!tb)) {
--
2.18.0
[Qemu-devel] [PULL 11/45] accel/tcg: Check whether TLB entry is RAM consistently with how we set it up
We set up TLB entries in tlb_set_page_with_attrs(), where we have
some logic for determining whether the TLB entry is considered
to be RAM-backed, and thus has a valid addend field. When we
look at the TLB entry in get_page_addr_code(), we use different
logic for determining whether to treat the page as RAM-backed
and use the addend field. This is confusing, and in fact buggy,
because the code in tlb_set_page_with_attrs() correctly decides
that rom_device memory regions not in romd mode are not RAM-backed,
but the code in get_page_addr_code() thinks they are RAM-backed.
This typically results in "Bad ram pointer" assertion if the
guest tries to execute from such a memory region.
Fix this by making get_page_addr_code() just look at the
TLB_MMIO bit in the code_address field of the TLB, which
tlb_set_page_with_attrs() sets if and only if the addend
field is not valid for code execution.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Tested-by: Philippe Mathieu-Daudé
Message-id: 20180713150945.12348-1-peter.mayd...@linaro.org
---
include/exec/exec-all.h | 2 --
accel/tcg/cputlb.c | 29 -
exec.c | 6 --
3 files changed, 8 insertions(+), 29 deletions(-)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index da73e3bfed2..5f781255826 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -502,8 +502,6 @@ hwaddr memory_region_section_get_iotlb(CPUState *cpu,
hwaddr paddr, hwaddr xlat,
int prot,
target_ulong *address);
-bool memory_region_is_unassigned(MemoryRegion *mr);
-
#endif
/* vl.c */
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 754795ff253..f4702ce91f6 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -926,10 +926,6 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env,
target_ulong addr)
{
int mmu_idx, index;
void *p;
-MemoryRegion *mr;
-MemoryRegionSection *section;
-CPUState *cpu = ENV_GET_CPU(env);
-CPUIOTLBEntry *iotlbentry;
index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
mmu_idx = cpu_mmu_index(env, true);
@@ -940,28 +936,19 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env,
target_ulong addr)
assert(tlb_hit(env->tlb_table[mmu_idx][index].addr_code, addr));
}
-if (unlikely(env->tlb_table[mmu_idx][index].addr_code & TLB_RECHECK)) {
+if (unlikely(env->tlb_table[mmu_idx][index].addr_code &
+ (TLB_RECHECK | TLB_MMIO))) {
/*
- * This is a TLB_RECHECK access, where the MMU protection
- * covers a smaller range than a target page. Return -1 to
- * indicate that we cannot simply execute from RAM here;
- * we will perform the necessary repeat of the MMU check
- * when the "execute a single insn" code performs the
- * load of the guest insn.
+ * Return -1 if we can't translate and execute from an entire
+ * page of RAM here, which will cause us to execute by loading
+ * and translating one insn at a time, without caching:
+ * - TLB_RECHECK: means the MMU protection covers a smaller range
+ *than a target page, so we must redo the MMU check every insn
+ * - TLB_MMIO: region is not backed by RAM
*/
return -1;
}
-iotlbentry = >iotlb[mmu_idx][index];
-section = iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs);
-mr = section->mr;
-if (memory_region_is_unassigned(mr)) {
-/*
- * Not guest RAM, so there is no ram_addr_t for it. Return -1,
- * and we will execute a single insn from this device.
- */
-return -1;
-}
p = (void *)((uintptr_t)addr + env->tlb_table[mmu_idx][index].addend);
return qemu_ram_addr_from_host_nofail(p);
}
diff --git a/exec.c b/exec.c
index 4f5df07b6a2..e7be0761c28 100644
--- a/exec.c
+++ b/exec.c
@@ -402,12 +402,6 @@ static MemoryRegionSection
*phys_page_find(AddressSpaceDispatch *d, hwaddr addr)
}
}
-bool memory_region_is_unassigned(MemoryRegion *mr)
-{
-return mr != _mem_rom && mr != _mem_notdirty && !mr->rom_device
-&& mr != _mem_watch;
-}
-
/* Called from RCU critical section */
static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch
*d,
hwaddr addr,
--
2.18.0
[Qemu-devel] [PULL 08/19] target/mips: Add support for availability control via bit XNP
From: Aleksandar Rikalo
Add a field in hflags for XNP bit, and a function check_xnp().
Reviewed-by: Aleksandar Markovic
Signed-off-by: Aleksandar Markovic
Signed-off-by: Stefan Markovic
---
target/mips/cpu.h | 3 ++-
target/mips/internal.h | 5 -
target/mips/translate.c | 12
3 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/target/mips/cpu.h b/target/mips/cpu.h
index 009202c..02ea91e 100644
--- a/target/mips/cpu.h
+++ b/target/mips/cpu.h
@@ -554,7 +554,7 @@ struct CPUMIPSState {
#define EXCP_INST_NOTAVAIL 0x2 /* No valid instruction word for BadInstr */
uint32_t hflags;/* CPU State */
/* TMASK defines different execution modes */
-#define MIPS_HFLAG_TMASK 0x1F5807FF
+#define MIPS_HFLAG_TMASK 0x3F5807FF
#define MIPS_HFLAG_MODE 0x7 /* execution modes*/
/* The KSU flags must be the lowest bits in hflags. The flag order
must be the same as defined for CP0 Status. This allows to use
@@ -605,6 +605,7 @@ struct CPUMIPSState {
#define MIPS_HFLAG_ELPA 0x400
#define MIPS_HFLAG_ITC_CACHE 0x800 /* CACHE instr. operates on ITC tag */
#define MIPS_HFLAG_ERL 0x1000 /* error level flag */
+#define MIPS_HFLAG_XNP 0x2000
target_ulong btarget;/* Jump / branch target */
target_ulong bcond; /* Branch condition (if needed) */
diff --git a/target/mips/internal.h b/target/mips/internal.h
index e41051f..97485da 100644
--- a/target/mips/internal.h
+++ b/target/mips/internal.h
@@ -308,7 +308,7 @@ static inline void compute_hflags(CPUMIPSState *env)
MIPS_HFLAG_F64 | MIPS_HFLAG_FPU | MIPS_HFLAG_KSU |
MIPS_HFLAG_AWRAP | MIPS_HFLAG_DSP | MIPS_HFLAG_DSPR2 |
MIPS_HFLAG_SBRI | MIPS_HFLAG_MSA | MIPS_HFLAG_FRE |
- MIPS_HFLAG_ELPA | MIPS_HFLAG_ERL);
+ MIPS_HFLAG_ELPA | MIPS_HFLAG_ERL | MIPS_HFLAG_XNP);
if (env->CP0_Status & (1 << CP0St_ERL)) {
env->hflags |= MIPS_HFLAG_ERL;
}
@@ -402,6 +402,9 @@ static inline void compute_hflags(CPUMIPSState *env)
env->hflags |= MIPS_HFLAG_ELPA;
}
}
+if (env->CP0_Config5 & (1 << CP0C5_XNP)) {
+env->hflags |= MIPS_HFLAG_XNP;
+}
}
void cpu_mips_tlb_flush(CPUMIPSState *env);
diff --git a/target/mips/translate.c b/target/mips/translate.c
index ae3aaab..35342e2 100644
--- a/target/mips/translate.c
+++ b/target/mips/translate.c
@@ -1902,6 +1902,18 @@ static inline void check_mvh(DisasContext *ctx)
}
#endif
+/*
+ * This code generates a "reserved instruction" exception if the
+ * Config5 XNP bit is set.
+ */
+static inline void check_xnp(DisasContext *ctx)
+{
+if (unlikely(ctx->hflags & MIPS_HFLAG_XNP)) {
+generate_exception_end(ctx, EXCP_RI);
+}
+}
+
+
/* Define small wrappers for gen_load_fpr* so that we have a uniform
calling interface for 32 and 64-bit FPRs. No sense in changing
all callers for gen_load_fpr32 when we need the CTX parameter for
--
2.7.4
[Qemu-devel] [PULL 23/45] intc/arm_gic: Implement virtualization extensions in gic_(deactivate|complete_irq)
From: Luc Michel
Implement virtualization extensions in the gic_deactivate_irq() and
gic_complete_irq() functions.
When the guest writes an invalid vIRQ to V_EOIR or V_DIR, since the
GICv2 specification is not entirely clear here, we adopt the behaviour
observed on real hardware:
* When V_CTRL.EOIMode is false (EOI split is disabled):
- In case of an invalid vIRQ write to V_EOIR:
-> If some bits are set in H_APR, an invalid vIRQ write to V_EOIR
triggers a priority drop, and increments V_HCR.EOICount.
-> If V_APR is already cleared, nothing happen
- An invalid vIRQ write to V_DIR is ignored.
* When V_CTRL.EOIMode is true:
- In case of an invalid vIRQ write to V_EOIR:
-> If some bits are set in H_APR, an invalid vIRQ write to V_EOIR
triggers a priority drop.
-> If V_APR is already cleared, nothing happen
- An invalid vIRQ write to V_DIR increments V_HCR.EOICount.
Signed-off-by: Luc Michel
Message-id: 20180727095421.386-13-luc.mic...@greensocs.com
Reviewed-by: Peter Maydell
Signed-off-by: Peter Maydell
---
hw/intc/arm_gic.c | 51 +++
1 file changed, 47 insertions(+), 4 deletions(-)
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index d80acde989f..3cddf658269 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -583,20 +583,19 @@ static void gic_deactivate_irq(GICState *s, int cpu, int
irq, MemTxAttrs attrs)
{
int group;
-if (irq >= s->num_irq) {
+if (irq >= GIC_MAXIRQ || (!gic_is_vcpu(cpu) && irq >= s->num_irq)) {
/*
* This handles two cases:
* 1. If software writes the ID of a spurious interrupt [ie 1023]
* to the GICC_DIR, the GIC ignores that write.
* 2. If software writes the number of a non-existent interrupt
* this must be a subcase of "value written is not an active interrupt"
- * and so this is UNPREDICTABLE. We choose to ignore it.
+ * and so this is UNPREDICTABLE. We choose to ignore it. For vCPUs,
+ * all IRQs potentially exist, so this limit does not apply.
*/
return;
}
-group = gic_has_groups(s) && gic_test_group(s, irq, cpu);
-
if (!gic_eoi_split(s, cpu, attrs)) {
/* This is UNPREDICTABLE; we choose to ignore it */
qemu_log_mask(LOG_GUEST_ERROR,
@@ -604,6 +603,17 @@ static void gic_deactivate_irq(GICState *s, int cpu, int
irq, MemTxAttrs attrs)
return;
}
+if (gic_is_vcpu(cpu) && !gic_virq_is_valid(s, irq, cpu)) {
+/* This vIRQ does not have an LR entry which is either active or
+ * pending and active. Increment EOICount and ignore the write.
+ */
+int rcpu = gic_get_vcpu_real_id(cpu);
+s->h_hcr[rcpu] += 1 << R_GICH_HCR_EOICount_SHIFT;
+return;
+}
+
+group = gic_has_groups(s) && gic_test_group(s, irq, cpu);
+
if (gic_cpu_ns_access(s, cpu, attrs) && !group) {
DPRINTF("Non-secure DI for Group0 interrupt %d ignored\n", irq);
return;
@@ -618,6 +628,39 @@ static void gic_complete_irq(GICState *s, int cpu, int
irq, MemTxAttrs attrs)
int group;
DPRINTF("EOI %d\n", irq);
+if (gic_is_vcpu(cpu)) {
+/* The call to gic_prio_drop() will clear a bit in GICH_APR iff the
+ * running prio is < 0x100.
+ */
+bool prio_drop = s->running_priority[cpu] < 0x100;
+
+if (irq >= GIC_MAXIRQ) {
+/* Ignore spurious interrupt */
+return;
+}
+
+gic_drop_prio(s, cpu, 0);
+
+if (!gic_eoi_split(s, cpu, attrs)) {
+bool valid = gic_virq_is_valid(s, irq, cpu);
+if (prio_drop && !valid) {
+/* We are in a situation where:
+ * - V_CTRL.EOIMode is false (no EOI split),
+ * - The call to gic_drop_prio() cleared a bit in GICH_APR,
+ * - This vIRQ does not have an LR entry which is either
+ * active or pending and active.
+ * In that case, we must increment EOICount.
+ */
+int rcpu = gic_get_vcpu_real_id(cpu);
+s->h_hcr[rcpu] += 1 << R_GICH_HCR_EOICount_SHIFT;
+} else if (valid) {
+gic_clear_active(s, irq, cpu);
+}
+}
+
+return;
+}
+
if (irq >= s->num_irq) {
/* This handles two cases:
* 1. If software writes the ID of a spurious interrupt [ie 1023]
--
2.18.0
[Qemu-devel] [PULL 05/45] accel/tcg: Pass read access type through to io_readx()
The io_readx() function needs to know whether the load it is
doing is an MMU_DATA_LOAD or an MMU_INST_FETCH, so that it
can pass the right value to the cpu_transaction_failed()
function. Plumb this information through from the softmmu
code.
This is currently not often going to give the wrong answer,
because usually instruction fetches go via get_page_addr_code().
However once we switch over to handling execution from non-RAM by
creating single-insn TBs, the path for an insn fetch to generate
a bus error will be through cpu_ld*_code() and io_readx(),
so without this change we will generate a d-side fault when we
should generate an i-side fault.
We also have to pass the access type via a CPU struct global
down to unassigned_mem_read(), for the benefit of the targets
which still use the cpu_unassigned_access() hook (m68k, mips,
sparc, xtensa).
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Reviewed-by: Philippe Mathieu-Daudé
Tested-by: Cédric Le Goater
Message-id: 20180710160013.26559-2-peter.mayd...@linaro.org
---
accel/tcg/softmmu_template.h | 11 +++
include/qom/cpu.h| 6 ++
accel/tcg/cputlb.c | 5 +++--
memory.c | 3 ++-
4 files changed, 18 insertions(+), 7 deletions(-)
diff --git a/accel/tcg/softmmu_template.h b/accel/tcg/softmmu_template.h
index badbf148803..f060a693d41 100644
--- a/accel/tcg/softmmu_template.h
+++ b/accel/tcg/softmmu_template.h
@@ -99,11 +99,12 @@ static inline DATA_TYPE glue(io_read, SUFFIX)(CPUArchState
*env,
size_t mmu_idx, size_t index,
target_ulong addr,
uintptr_t retaddr,
- bool recheck)
+ bool recheck,
+ MMUAccessType access_type)
{
CPUIOTLBEntry *iotlbentry = >iotlb[mmu_idx][index];
return io_readx(env, iotlbentry, mmu_idx, addr, retaddr, recheck,
-DATA_SIZE);
+access_type, DATA_SIZE);
}
#endif
@@ -140,7 +141,8 @@ WORD_TYPE helper_le_ld_name(CPUArchState *env, target_ulong
addr,
/* ??? Note that the io helpers always read data in the target
byte ordering. We should push the LE/BE request down into io. */
res = glue(io_read, SUFFIX)(env, mmu_idx, index, addr, retaddr,
-tlb_addr & TLB_RECHECK);
+tlb_addr & TLB_RECHECK,
+READ_ACCESS_TYPE);
res = TGT_LE(res);
return res;
}
@@ -207,7 +209,8 @@ WORD_TYPE helper_be_ld_name(CPUArchState *env, target_ulong
addr,
/* ??? Note that the io helpers always read data in the target
byte ordering. We should push the LE/BE request down into io. */
res = glue(io_read, SUFFIX)(env, mmu_idx, index, addr, retaddr,
-tlb_addr & TLB_RECHECK);
+tlb_addr & TLB_RECHECK,
+READ_ACCESS_TYPE);
res = TGT_BE(res);
return res;
}
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index bd796579ee4..ecf6ed556a9 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -386,6 +386,12 @@ struct CPUState {
*/
uintptr_t mem_io_pc;
vaddr mem_io_vaddr;
+/*
+ * This is only needed for the legacy cpu_unassigned_access() hook;
+ * when all targets using it have been converted to use
+ * cpu_transaction_failed() instead it can be removed.
+ */
+MMUAccessType mem_io_access_type;
int kvm_fd;
struct KVMState *kvm_state;
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 563fa30117e..51b1193044c 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -789,7 +789,7 @@ static inline ram_addr_t
qemu_ram_addr_from_host_nofail(void *ptr)
static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
int mmu_idx,
target_ulong addr, uintptr_t retaddr,
- bool recheck, int size)
+ bool recheck, MMUAccessType access_type, int size)
{
CPUState *cpu = ENV_GET_CPU(env);
hwaddr mr_offset;
@@ -831,6 +831,7 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry
*iotlbentry,
}
cpu->mem_io_vaddr = addr;
+cpu->mem_io_access_type = access_type;
if (mr->global_locking && !qemu_mutex_iothread_locked()) {
qemu_mutex_lock_iothread();
@@ -843,7 +844,7 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry
*iotlbentry,
section->offset_within_address_space -
section->offset_within_region;
-cpu_transaction_failed(cpu, physaddr, addr, size, MMU_DATA_LOAD,
+cpu_transaction_failed(cpu, physaddr, addr, size,
[Qemu-devel] [PULL 10/45] target/arm: Allow execution from small regions
Now that we have full support for small regions, including execution,
we can remove the workarounds where we marked all small regions as
non-executable for the M-profile MPU and SAU.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Reviewed-by: Philippe Mathieu-Daudé
Tested-by: Cédric Le Goater
Tested-by: Philippe Mathieu-Daudé
Message-id: 20180710160013.26559-7-peter.mayd...@linaro.org
---
target/arm/helper.c | 23 ---
1 file changed, 23 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 63a70065617..02c1c4d8404 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -9795,17 +9795,6 @@ static bool get_phys_addr_pmsav7(CPUARMState *env,
uint32_t address,
fi->type = ARMFault_Permission;
fi->level = 1;
-/*
- * Core QEMU code can't handle execution from small pages yet, so
- * don't try it. This way we'll get an MPU exception, rather than
- * eventually causing QEMU to exit in get_page_addr_code().
- */
-if (*page_size < TARGET_PAGE_SIZE && (*prot & PAGE_EXEC)) {
-qemu_log_mask(LOG_UNIMP,
- "MPU: No support for execution from regions "
- "smaller than 1K\n");
-*prot &= ~PAGE_EXEC;
-}
return !(*prot & (1 << access_type));
}
@@ -10056,18 +10045,6 @@ static bool pmsav8_mpu_lookup(CPUARMState *env,
uint32_t address,
fi->type = ARMFault_Permission;
fi->level = 1;
-/*
- * Core QEMU code can't handle execution from small pages yet, so
- * don't try it. This means any attempted execution will generate
- * an MPU exception, rather than eventually causing QEMU to exit in
- * get_page_addr_code().
- */
-if (*is_subpage && (*prot & PAGE_EXEC)) {
-qemu_log_mask(LOG_UNIMP,
- "MPU: No support for execution from regions "
- "smaller than 1K\n");
-*prot &= ~PAGE_EXEC;
-}
return !(*prot & (1 << access_type));
}
--
2.18.0
[Qemu-devel] [PULL 06/19] target/mips: Update some CP0 registers bit definitions
From: Aleksandar Markovic
Update CP0 registers Config0, Config1, Config2, Config3,
Config4, and Config5 bit definitions.
Some of these bits will be utilized by upcoming nanoMIPS changes.
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Signed-off-by: Aleksandar Markovic
---
target/mips/cpu.h | 157 ++
1 file changed, 88 insertions(+), 69 deletions(-)
diff --git a/target/mips/cpu.h b/target/mips/cpu.h
index cfe1735..77c638c 100644
--- a/target/mips/cpu.h
+++ b/target/mips/cpu.h
@@ -388,26 +388,27 @@ struct CPUMIPSState {
target_ulong CP0_CMGCRBase;
int32_t CP0_Config0;
#define CP0C0_M31
-#define CP0C0_K23 28
-#define CP0C0_KU 25
+#define CP0C0_K23 28/* 30..28 */
+#define CP0C0_KU 25/* 27..25 */
#define CP0C0_MDU 20
#define CP0C0_MM 18
#define CP0C0_BM 16
+#define CP0C0_Impl 16/* 24..16 */
#define CP0C0_BE 15
-#define CP0C0_AT 13
-#define CP0C0_AR 10
-#define CP0C0_MT 7
+#define CP0C0_AT 13/* 14..13 */
+#define CP0C0_AR 10/* 12..10 */
+#define CP0C0_MT 7 /* 9..7 */
#define CP0C0_VI 3
-#define CP0C0_K0 0
+#define CP0C0_K0 0 /* 2..0 */
int32_t CP0_Config1;
#define CP0C1_M31
-#define CP0C1_MMU 25
-#define CP0C1_IS 22
-#define CP0C1_IL 19
-#define CP0C1_IA 16
-#define CP0C1_DS 13
-#define CP0C1_DL 10
-#define CP0C1_DA 7
+#define CP0C1_MMU 25/* 30..25 */
+#define CP0C1_IS 22/* 24..22 */
+#define CP0C1_IL 19/* 21..19 */
+#define CP0C1_IA 16/* 18..16 */
+#define CP0C1_DS 13/* 15..13 */
+#define CP0C1_DL 10/* 12..10 */
+#define CP0C1_DA 7 /* 9..7 */
#define CP0C1_C2 6
#define CP0C1_MD 5
#define CP0C1_PC 4
@@ -417,67 +418,85 @@ struct CPUMIPSState {
#define CP0C1_FP 0
int32_t CP0_Config2;
#define CP0C2_M31
-#define CP0C2_TU 28
-#define CP0C2_TS 24
-#define CP0C2_TL 20
-#define CP0C2_TA 16
-#define CP0C2_SU 12
-#define CP0C2_SS 8
-#define CP0C2_SL 4
-#define CP0C2_SA 0
+#define CP0C2_TU 28/* 30..28 */
+#define CP0C2_TS 24/* 27..24 */
+#define CP0C2_TL 20/* 23..20 */
+#define CP0C2_TA 16/* 19..16 */
+#define CP0C2_SU 12/* 15..12 */
+#define CP0C2_SS 8 /* 11..8 */
+#define CP0C2_SL 4 /* 7..4 */
+#define CP0C2_SA 0 /* 3..0 */
int32_t CP0_Config3;
-#define CP0C3_M31
-#define CP0C3_BPG 30
-#define CP0C3_CMGCR 29
-#define CP0C3_MSAP 28
-#define CP0C3_BP 27
-#define CP0C3_BI 26
-#define CP0C3_SC 25
-#define CP0C3_IPLW 21
-#define CP0C3_MMAR 18
-#define CP0C3_MCU 17
-#define CP0C3_ISA_ON_EXC 16
-#define CP0C3_ISA 14
-#define CP0C3_ULRI 13
-#define CP0C3_RXI 12
-#define CP0C3_DSP2P 11
-#define CP0C3_DSPP 10
-#define CP0C3_LPA 7
-#define CP0C3_VEIC 6
-#define CP0C3_VInt 5
-#define CP0C3_SP 4
-#define CP0C3_CDMM 3
-#define CP0C3_MT 2
-#define CP0C3_SM 1
-#define CP0C3_TL 0
+#define CP0C3_M31
+#define CP0C3_BPG 30
+#define CP0C3_CMGCR29
+#define CP0C3_MSAP 28
+#define CP0C3_BP 27
+#define CP0C3_BI 26
+#define CP0C3_SC 25
+#define CP0C3_PW 24
+#define CP0C3_VZ 23
+#define CP0C3_IPLV 21/* 22..21 */
+#define CP0C3_MMAR 18/* 20..18 */
+#define CP0C3_MCU 17
+#define CP0C3_ISA_ON_EXC 16
+#define CP0C3_ISA 14/* 15..14 */
+#define CP0C3_ULRI 13
+#define CP0C3_RXI 12
+#define CP0C3_DSP2P11
+#define CP0C3_DSPP 10
+#define CP0C3_CTXTC9
+#define CP0C3_ITL 8
+#define CP0C3_LPA 7
+#define CP0C3_VEIC 6
+#define CP0C3_VInt 5
+#define CP0C3_SP 4
+#define CP0C3_CDMM 3
+#define CP0C3_MT 2
+#define CP0C3_SM 1
+#define CP0C3_TL 0
int32_t CP0_Config4;
int32_t CP0_Config4_rw_bitmask;
-#define CP0C4_M31
-#define CP0C4_IE 29
-#define CP0C4_AE 28
-#define CP0C4_KScrExist 16
-#define CP0C4_MMUExtDef 14
-#define CP0C4_FTLBPageSize 8
-#define CP0C4_FTLBWays 4
-#define CP0C4_FTLBSets 0
-#define CP0C4_MMUSizeExt 0
+#define CP0C4_M31
+#define CP0C4_IE 29/* 30..29 */
+#define CP0C4_AE 28
+#define CP0C4_VTLBSizeExt 24/* 27..24 */
+#define CP0C4_KScrExist16
+#define CP0C4_MMUExtDef14
+#define CP0C4_FTLBPageSize 8 /* 12..8 */
+/* bit layout if MMUExtDef=1 */
+#define CP0C4_MMUSizeExt 0 /* 7..0 */
+/* bit layout if MMUExtDef=2 */
+#define CP0C4_FTLBWays 4 /* 7..4 */
+#define CP0C4_FTLBSets 0 /* 3..0 */
int32_t CP0_Config5;
int32_t CP0_Config5_rw_bitmask;
-#define CP0C5_M 31
-#define CP0C5_K 30
-#define CP0C5_CV 29
-#define CP0C5_EVA28
-#define CP0C5_MSAEn 27
-#define CP0C5_XNP13
-#define CP0C5_UFE9
-#define CP0C5_FRE8
-#define CP0C5_VP 7
-#define CP0C5_SBRI 6
-#define CP0C5_MVH5
