Re: [PULL 35/44] tcg/arm: Remove fallback definition of __ARM_ARCH
On 9/14/21 2:14 AM, Richard Henderson wrote: > GCC since 4.8 provides the definition and we now require 7.5. FYI we might go back to 7.4 (this doesn't affect this patch): https://gitlab.com/qemu-project/qemu/-/issues/614 > Reviewed-by: Peter Maydell > Signed-off-by: Richard Henderson > --- > tcg/arm/tcg-target.h | 19 --- > 1 file changed, 19 deletions(-)
Re: [PATCH 21/22] qapi: Drop simple unions
Eric Blake writes: > On Mon, Sep 13, 2021 at 02:39:31PM +0200, Markus Armbruster wrote: >> Simple unions predate flat unions. Having both complicates the QAPI >> schema language and the QAPI generator. We haven't been using simple >> unions in new code for a long time, because they are less flexible and >> somewhat awkward on the wire. >> >> The previous commits eliminated simple union from the tree. Now drop >> them from the QAPI schema language entirely, and update mentions of >> "flat union" to just "union". >> >> Signed-off-by: Markus Armbruster >> --- >> docs/devel/qapi-code-gen.rst | 125 -- >> scripts/qapi/expr.py | 21 +-- >> scripts/qapi/schema.py| 101 +++--- >> .../qapi-schema/flat-union-array-branch.json | 2 +- >> tests/qapi-schema/flat-union-empty.json | 2 +- >> tests/qapi-schema/flat-union-int-branch.json | 2 +- >> tests/qapi-schema/flat-union-no-base.err | 2 +- >> tests/qapi-schema/flat-union-no-base.json | 2 +- >> tests/qapi-schema/qapi-schema-test.json | 2 +- >> tests/qapi-schema/reserved-member-u.json | 2 +- >> tests/qapi-schema/union-base-empty.json | 2 +- >> .../union-base-no-discriminator.err | 2 +- >> .../union-base-no-discriminator.json | 2 +- >> 13 files changed, 62 insertions(+), 205 deletions(-) > > Whee! What a fun ride! 3-2-1-gone! And good riddance :) > Reviewed-by: Eric Blake Thank you for your quick review!
Re: [PATCH 19/22] tests/qapi-schema: Drop simple union __org.qemu_x-Union1
Eric Blake writes: > On Mon, Sep 13, 2021 at 02:39:29PM +0200, Markus Armbruster wrote: >> Replace simple union __org.qemu_x-Union1 flat union > > missing 'with' Will fix. >> __org.qemu_x-Union2, except drop it from __org.qemu_x-command, because >> there it's only used to pull it into QMP. Now drop the unused simple >> union. >> >> Signed-off-by: Markus Armbruster >> --- >> tests/unit/test-qmp-cmds.c | 16 +--- >> tests/qapi-schema/qapi-schema-test.json | 6 ++ >> tests/qapi-schema/qapi-schema-test.out | 14 +++--- >> 3 files changed, 10 insertions(+), 26 deletions(-) >> > > Looks a bit odd to leave things with Union2 but not Union1; up to you > if it is worth a further cleanup to rename what remains to get rid of > the odd gap. I don't think it's a show-stopper for your series to > keep the naming as-is, though. Can do. Another cleanup I forgot: rename tests/qapi-schema/flat-union* after PATCH 21. > Reviewed-by: Eric Blake Thanks!
Re: [PATCH 12/22] test-qobject-input-visitor: Wean off UserDefListUnion
Eric Blake writes:
> On Mon, Sep 13, 2021 at 02:39:22PM +0200, Markus Armbruster wrote:
>> The test_visitor_in_list_union_FOO() use simple union UserDefListUnion
>> to cover lists of builtin types. Rewrite as
>> test_visitor_in_list_struct(), using struct ArrayStruct and a lot less
>> code.
>>
>> test_visitor_in_fail_union_list() uses UserDefListUnion to cover
>> "variant members don't match the discriminator value". Cover that in
>> test_visitor_in_fail_union_flat() instead, and drop
>> test_visitor_in_fail_union_list(). Appropriating the former for this
>> purpose is okay, because it actually failed due to missing
>> discriminator, which is still covered by
>> test_visitor_in_fail_union_flat_no_discrim().
>>
>> Signed-off-by: Markus Armbruster
>> ---
>> tests/unit/test-qobject-input-visitor.c | 460
>> 1 file changed, 148 insertions(+), 312 deletions(-)
>>
>> @@ -1206,7 +1066,7 @@ static void
>> test_visitor_in_fail_union_flat(TestInputVisitorData *data,
>> Error *err = NULL;
>> Visitor *v;
>>
>> -v = visitor_input_test_init(data, "{ 'string': 'c', 'integer': 41,
>> 'boolean': true }");
>> +v = visitor_input_test_init(data, "{ 'enum1': 'value2', 'string': 'c',
>> 'integer': 41, 'boolean': true }");
>
> Long line; do we care?
We have loads of similar lines in unit tests, and I've given up on
them.
> Reviewed-by: Eric Blake
Thanks!
Re: [PATCH] gitlab-ci: Make more custom runner jobs manual, and don't allow failure
On 13/09/2021 12.19, Peter Maydell wrote: Currently we define a lot of jobs for our custom runners: for both aarch64 and s390x we have - all-linux-static - all - alldbg - clang (manual) - tci - notcg (manual) This is overkill. The main reason to run on these hosts is to get coverage for the host architecture; we can leave the handling of differences like debug vs non-debug to the x86 CI jobs. The jobs are also generally running OK; they occasionally fail due to timeouts, which is likely because we're overloading the machine by asking it to run 4 CI jobs at once plus the ad-hoc CI. Remove the 'allow_failure' tag from all these jobs, and switch the s390x-alldbg, aarch64-all, s390x-tci and aarch64-tci jobs to manual. This will let us make the switch for s390x and aarch64 hosts from the ad-hoc CI to gitlab. Signed-off-by: Peter Maydell --- .gitlab-ci.d/custom-runners.yml | 20 1 file changed, 8 insertions(+), 12 deletions(-) Acked-by: Thomas Huth
Re: [qemu-web RFC PATCH] Add Sponsors page
On 13/09/2021 20.25, Philippe Mathieu-Daudé wrote: Add a page listing QEMU sponsors and displaying their logos. Logo sources: - https://www.rackspace.com/es/newsroom/media-kit - https://developer.arm.com/solutions/infrastructure/works-on-arm - https://gitlab.com/fosshost/assets/logo - https://www.linkedin.com/company/cip-united Resolves: https://gitlab.com/qemu-project/qemu-web/-/issues/2 Signed-off-by: Philippe Mathieu-Daudé --- There are probably more, but I'm not aware of them. Maybe we should list past sponsors, precising a year range? I think we might have a hard time to compile a complete list, so I'd rather not start that job. --- _includes/nav.html | 1 + sponsors.md | 22 ++ sponsors/cipunited.jpg | Bin 0 -> 10607 bytes sponsors/fosshost.png | Bin 0 -> 18251 bytes sponsors/rackspace.png | Bin 0 -> 7363 bytes sponsors/worksonarm.png | Bin 0 -> 9965 bytes 6 files changed, 23 insertions(+) create mode 100644 sponsors.md create mode 100644 sponsors/cipunited.jpg create mode 100644 sponsors/fosshost.png create mode 100644 sponsors/rackspace.png create mode 100644 sponsors/worksonarm.png diff --git a/_includes/nav.html b/_includes/nav.html index 73b39b3..49ad4cd 100644 --- a/_includes/nav.html +++ b/_includes/nav.html @@ -8,6 +8,7 @@ Contribute Docs https://wiki.qemu.org;>Wiki + Sponsors Not sure whether we need that link on every page (i.e. in the navigation menu)? Maybe it's enough to put the link somewhere on the home page? Blog diff --git a/sponsors.md b/sponsors.md new file mode 100644 index 000..da1bf19 --- /dev/null +++ b/sponsors.md @@ -0,0 +1,22 @@ +--- +title: QEMU sponsors +permalink: /sponsors/ +--- + +QEMU has sponsors! + +The website is hosted by [Rackspace Technology](https://www.rackspace.com/). + +For continuous integration and testing, hardware is provided by: +- Arm and Equinix Metal via the [Works on Arm program](https://www.worksonarm.com/) +- [Fosshost](https://fosshost.org/) +- [CIP United](https://www.cipunited.com/) + + + + + + + + + Some remarks: 1) Could you please use the original URLs as source for the pictures instead of copying them over into our website? Some folks don't like it when their images are copied... 2) Could we have a short description about what the CI hardware is used for? I can figure out that worksonarm likely provides the hardware for the aarch64 gitlab runner, but what are the others good for? 3) What about the s390x gitlab runner? 4) Shouldn't we mention gitlab.com here, too? They did not actively offer hardware to us, but we're using their free gitlab infrastructure a lot, so I think we should provide a link to them here, too. Thomas
Re: [PATCH 10/22] qapi: Convert simple union TransactionAction to flat one
Eric Blake writes:
> On Mon, Sep 13, 2021 at 02:39:20PM +0200, Markus Armbruster wrote:
>> Simple unions predate flat unions. Having both complicates the QAPI
>> schema language and the QAPI generator. We haven't been using simple
>> unions in new code for a long time, because they are less flexible and
>> somewhat awkward on the wire.
>>
>> To prepare for their removal, convert simple union TransactionAction
>> to an equivalent flat one. Adds some boilerplate to the schema, which
>> is a bit ugly, but a lot easier to maintain than the simple union
>> feature.
>>
>> Cc: Kevin Wolf
>> Cc: Hanna Reitz
>> Signed-off-by: Markus Armbruster
>> ---
>> qapi/transaction.json | 111 +-
>> 1 file changed, 99 insertions(+), 12 deletions(-)
>
> Same comments for each of 5-10 as for 4; the conversion is sane, and
> the only question is on documentation, whether you want...
>
>>
>> diff --git a/qapi/transaction.json b/qapi/transaction.json
>> index 894258d9e2..d7fc73d7df 100644
>> --- a/qapi/transaction.json
>> +++ b/qapi/transaction.json
>> @@ -38,6 +38,91 @@
>> { 'enum': 'ActionCompletionMode',
>>'data': [ 'individual', 'grouped' ] }
>>
>> +##
>> +# @TransactionActionKind:
>> +#
>> +# Since: 6.1
>
> ... 6.2 here, or to preserve the implicit...
>
>> ##
>> # @TransactionAction:
>> #
>> @@ -60,19 +145,21 @@
>> # Since: 1.1
>
> ...1.1 matching when the simple union was first formed (actually, this
> simple union has grown over time, which makes it trickier to decide
> which historical Since: to use on each Wrapper, so I'd lean towards
> 6.2 on all of them as being less work).
The enum becomes explicit in the schema, but is the same as before. I
think copying "since" information from the no-longer-simple union and
its branches to the enum and its members makes sense.
The wrapper types become explicit, but with a new name. We can copy
"since" from their branch anyway. Doesn't really matter, unlike for the
enum.
> For patches 5-10:
> Reviewed-by: Eric Blake
Thanks!
Re: [qemu-web PATCH] Gemfile: Add webrick bundle dependency
On 13/09/2021 20.29, Philippe Mathieu-Daudé wrote: Without the webrick bundle, jekyll fails to start: $ bundle exec jekyll serve Ignoring ffi-1.11.1 because its extensions are not built. Try: gem pristine ffi --version 1.11.1 Configuration file: qemu-web/_config.yml Source: qemu-web Destination: qemu-web/_site Incremental build: disabled. Enable with --incremental Generating... Jekyll Feed: Generating feed for posts done in 0.686 seconds. Auto-regeneration: enabled for 'qemu-web' Jekyll 4.0.1 Please append `--trace` to the `serve` command for any additional information or backtrace. qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/commands/serve/servlet.rb:3:in `require': cannot load such file -- webrick (LoadError) from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/commands/serve/servlet.rb:3:in `' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/commands/serve.rb:179:in `require_relative' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/commands/serve.rb:179:in `setup' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/commands/serve.rb:100:in `process' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/command.rb:89:in `block in process_with_graceful_fail' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/command.rb:89:in `each' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/command.rb:89:in `process_with_graceful_fail' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/lib/jekyll/commands/serve.rb:86:in `block (2 levels) in init_with_program' from qemu-web/vendor/ruby/3.0.0/gems/mercenary-0.3.6/lib/mercenary/command.rb:220:in `block in execute' from qemu-web/vendor/ruby/3.0.0/gems/mercenary-0.3.6/lib/mercenary/command.rb:220:in `each' from qemu-web/vendor/ruby/3.0.0/gems/mercenary-0.3.6/lib/mercenary/command.rb:220:in `execute' from qemu-web/vendor/ruby/3.0.0/gems/mercenary-0.3.6/lib/mercenary/program.rb:42:in `go' from qemu-web/vendor/ruby/3.0.0/gems/mercenary-0.3.6/lib/mercenary.rb:19:in `program' from qemu-web/vendor/ruby/3.0.0/gems/jekyll-4.0.1/exe/jekyll:15:in `' Signed-off-by: Philippe Mathieu-Daudé --- Gemfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Gemfile b/Gemfile index 6a7852e..dc35cb7 100644 --- a/Gemfile +++ b/Gemfile @@ -25,3 +25,5 @@ end # for https://github.com/sass/sassc-ruby/issues/146 gem "sassc", ">= 2.2.1" + +gem "webrick", "~> 1.7" Daniel, is this fixing the jekyll problem for you, too? I'm still on ruby 2.5.9 where this does not occur yet... might be good to mention that this is a new problem with ruby 3.0 in the cover letter. Thomas
Re: [PATCH 04/22] qapi: Convert simple union InputEvent to flat one
Eric Blake writes:
> On Mon, Sep 13, 2021 at 02:39:14PM +0200, Markus Armbruster wrote:
>> Simple unions predate flat unions. Having both complicates the QAPI
>> schema language and the QAPI generator. We haven't been using simple
>> unions in new code for a long time, because they are less flexible and
>> somewhat awkward on the wire.
>>
>> To prepare for their removal, convert simple union InputEvent to an
>> equivalent flat one. Adds some boilerplate to the schema, which is a
>> bit ugly, but a lot easier to maintain than the simple union feature.
>>
>> Cc: Gerd Hoffmann
>> Signed-off-by: Markus Armbruster
>> ---
>> qapi/ui.json | 42 ++
>> 1 file changed, 38 insertions(+), 4 deletions(-)
>
> Same question as in 3/22:
>
>>
>> diff --git a/qapi/ui.json b/qapi/ui.json
>> index a6b0dce876..fe10d69431 100644
>> --- a/qapi/ui.json
>> +++ b/qapi/ui.json
>> @@ -960,6 +960,38 @@
>>'data' : { 'axis': 'InputAxis',
>>'value' : 'int' } }
>>
>> +##
>> +# @InputEventKind:
>> +#
>> +# Since: 6.1
>
> This should either be 6.2, or...
>
>> ##
>> # @InputEvent:
>> #
>> @@ -975,10 +1007,12 @@
>> # Since: 2.0
>
> ...2.0.
Same answer: 2.0.
>> ##
>> { 'union' : 'InputEvent',
>> - 'data' : { 'key' : 'InputKeyEvent',
>> - 'btn' : 'InputBtnEvent',
>> - 'rel' : 'InputMoveEvent',
>> - 'abs' : 'InputMoveEvent' } }
>> + 'base': { 'type': 'InputEventKind' },
>> + 'discriminator': 'type',
>> + 'data' : { 'key' : 'InputKeyEventWrapper',
>> + 'btn' : 'InputBtnEventWrapper',
>> + 'rel' : 'InputMoveEventWrapper',
>> + 'abs' : 'InputMoveEventWrapper' } }
>
> But as with that patch, I trust your decision on docs, and the
> conversion itself is sane.
>
> Reviewed-by: Eric Blake
Thanks!
[PATCH 2/3] hw/i386/acpi: fix conflicting IO address range for acpi pci hotplug in q35
Change caf108bc58790 ("hw/i386/acpi-build: Add ACPI PCI hot-plug methods to
Q35")
selects an IO address range for acpi based PCI hotplug for q35 arbitrarily. It
starts at address 0x0cc4 and ends at 0x0cdb. At the time when the patch was
written but the final version of the patch was not yet pushed upstream, this
address range was free and did not conflict with any other IO address ranges.
However, with the following change, this address range was no
longer conflict free as in this change, the IO address range
(value of ACPI_PCIHP_SIZE) was incremented by four bytes:
b32bd763a1ca92 ("pci: introduce acpi-index property for PCI device")
This can be seen from the output of QMP command 'info mtree' :
0600-0603 (prio 0, i/o): acpi-evt
0604-0605 (prio 0, i/o): acpi-cnt
0608-060b (prio 0, i/o): acpi-tmr
0620-062f (prio 0, i/o): acpi-gpe0
0630-0637 (prio 0, i/o): acpi-smi
0cc4-0cdb (prio 0, i/o): acpi-pci-hotplug
0cd8-0ce3 (prio 0, i/o): acpi-cpu-hotplug
It shows that there is a region of conflict between IO regions of acpi
pci hotplug and acpi cpu hotplug.
Unfortunately, the change caf108bc58790 did not update the IO address range
appropriately before it was pushed upstream to accomodate the increased
length of the IO address space introduced in change b32bd763a1ca92.
Due to this bug, windows guests complain 'This device cannot find
enough free resources it can use' in the device manager panel for extended
IO buses. This issue also breaks the correct functioning of pci hotplug as the
following shows that the IO space for pci hotplug has been truncated:
(qemu) info mtree -f
FlatView #0
AS "I/O", root: io
Root memory region: io
0cc4-0cd7 (prio 0, i/o): acpi-pci-hotplug
0cd8-0cf7 (prio 0, i/o): acpi-cpu-hotplug
Therefore, in this fix, we adjust the IO address range for the acpi pci
hotplug so that it does not conflict with cpu hotplug and there is no
truncation of IO spaces. The starting IO address of PCI hotplug region
has been decremented by four bytes in order to accomodate four byte
increment in the IO address space introduced by change
b32bd763a1ca92 ("pci: introduce acpi-index property for PCI device")
After fixing, the following are the corrected IO ranges:
0600-0603 (prio 0, i/o): acpi-evt
0604-0605 (prio 0, i/o): acpi-cnt
0608-060b (prio 0, i/o): acpi-tmr
0620-062f (prio 0, i/o): acpi-gpe0
0630-0637 (prio 0, i/o): acpi-smi
0cc0-0cd7 (prio 0, i/o): acpi-pci-hotplug
0cd8-0ce3 (prio 0, i/o): acpi-cpu-hotplug
This change has been tested using a Windows Server 2019 guest VM. Windows
no longer complains after this change.
Fixes: caf108bc58790 ("hw/i386/acpi-build: Add ACPI PCI hot-plug methods to
Q35")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/561
Signed-off-by: Ani Sinha
---
include/hw/acpi/ich9.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/hw/acpi/ich9.h b/include/hw/acpi/ich9.h
index a329ce43ab..f04f1791bd 100644
--- a/include/hw/acpi/ich9.h
+++ b/include/hw/acpi/ich9.h
@@ -29,7 +29,7 @@
#include "hw/acpi/acpi_dev_interface.h"
#include "hw/acpi/tco.h"
-#define ACPI_PCIHP_ADDR_ICH9 0x0cc4
+#define ACPI_PCIHP_ADDR_ICH9 0x0cc0
typedef struct ICH9LPCPMRegs {
/*
--
2.25.1
[PATCH 3/3] bios-tables-test: Update ACPI DSDT table golden blobs for q35
We have modified the IO address range for ACPI pci hotplug in q35. See change:
36f98d0d4f ("hw/i386/acpi: fix conflicting IO address range for acpi pci
hotplug in q35")
The ACPI DSDT table golden blobs must be regenrated in order to make the unit
tests
pass. This change updates the golden ACPI DSDT table blobs.
Following is the ASL diff between the blobs:
@@ -1,30 +1,30 @@
/*
* Intel ACPI Component Architecture
* AML/ASL+ Disassembler version 20190509 (64-bit version)
* Copyright (c) 2000 - 2019 Intel Corporation
*
* Disassembling to symbolic ASL+ operators
*
- * Disassembly of tests/data/acpi/q35/DSDT, Tue Sep 14 09:04:06 2021
+ * Disassembly of /tmp/aml-52DP90, Tue Sep 14 09:04:06 2021
*
* Original Table Header:
* Signature"DSDT"
* Length 0x2061 (8289)
* Revision 0x01 32-bit table (V1), no 64-bit math support
- * Checksum 0xE5
+ * Checksum 0xF9
* OEM ID "BOCHS "
* OEM Table ID "BXPC"
* OEM Revision 0x0001 (1)
* Compiler ID "BXPC"
* Compiler Version 0x0001 (1)
*/
DefinitionBlock ("", "DSDT", 1, "BOCHS ", "BXPC", 0x0001)
{
Scope (\)
{
OperationRegion (DBG, SystemIO, 0x0402, One)
Field (DBG, ByteAcc, NoLock, Preserve)
{
DBGB, 8
}
@@ -226,46 +226,46 @@
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
IO (Decode16,
0x0070, // Range Minimum
0x0070, // Range Maximum
0x01, // Alignment
0x08, // Length
)
IRQNoFlags ()
{8}
})
}
}
Scope (_SB.PCI0)
{
-OperationRegion (PCST, SystemIO, 0x0CC4, 0x08)
+OperationRegion (PCST, SystemIO, 0x0CC0, 0x08)
Field (PCST, DWordAcc, NoLock, WriteAsZeros)
{
PCIU, 32,
PCID, 32
}
-OperationRegion (SEJ, SystemIO, 0x0CCC, 0x04)
+OperationRegion (SEJ, SystemIO, 0x0CC8, 0x04)
Field (SEJ, DWordAcc, NoLock, WriteAsZeros)
{
B0EJ, 32
}
-OperationRegion (BNMR, SystemIO, 0x0CD4, 0x08)
+OperationRegion (BNMR, SystemIO, 0x0CD0, 0x08)
Field (BNMR, DWordAcc, NoLock, WriteAsZeros)
{
BNUM, 32,
PIDX, 32
}
Mutex (BLCK, 0x00)
Method (PCEJ, 2, NotSerialized)
{
Acquire (BLCK, 0x)
BNUM = Arg0
B0EJ = (One << Arg1)
Release (BLCK)
Return (Zero)
}
@@ -3185,34 +3185,34 @@
0x0620, // Range Minimum
0x0620, // Range Maximum
0x01, // Alignment
0x10, // Length
)
})
}
Device (PHPR)
{
Name (_HID, "PNP0A06" /* Generic Container Device */) // _HID:
Hardware ID
Name (_UID, "PCI Hotplug resources") // _UID: Unique ID
Name (_STA, 0x0B) // _STA: Status
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
IO (Decode16,
-0x0CC4, // Range Minimum
-0x0CC4, // Range Maximum
+0x0CC0, // Range Minimum
+0x0CC0, // Range Maximum
0x01, // Alignment
0x18, // Length
)
})
}
}
Scope (\)
{
Name (_S3, Package (0x04) // _S3_: S3 System State
{
One,
One,
Zero,
Zero
})
Signed-off-by: Ani Sinha
---
tests/data/acpi/q35/DSDT| Bin 8289 -> 8289 bytes
tests/data/acpi/q35/DSDT.acpihmat | Bin 9614 -> 9614 bytes
tests/data/acpi/q35/DSDT.bridge | Bin 11003 -> 11003 bytes
tests/data/acpi/q35/DSDT.cphp | Bin 8753 -> 8753 bytes
tests/data/acpi/q35/DSDT.dimmpxm| Bin 9943 -> 9943 bytes
tests/data/acpi/q35/DSDT.ipmibt | Bin 8364 -> 8364 bytes
tests/data/acpi/q35/DSDT.memhp | Bin 9648 -> 9648 bytes
tests/data/acpi/q35/DSDT.mmio64 | Bin 9419 -> 9419 bytes
tests/data/acpi/q35/DSDT.nohpet | Bin 8147 -> 8147 bytes
tests/data/acpi/q35/DSDT.numamem| Bin 8295 -> 8295 bytes
tests/data/acpi/q35/DSDT.tis| Bin 8894 -> 8894 bytes
tests/qtest/bios-tables-test-allowed-diff.h | 11 ---
12 files changed, 11 deletions(-)
diff --git
Re: [PATCH 03/22] qapi: Convert simple union KeyValue to flat one
Eric Blake writes:
> On Mon, Sep 13, 2021 at 02:39:13PM +0200, Markus Armbruster wrote:
>> Simple unions predate flat unions. Having both complicates the QAPI
>> schema language and the QAPI generator. We haven't been using simple
>> unions in new code for a long time, because they are less flexible and
>> somewhat awkward on the wire.
>>
>> To prepare for their removal, convert simple union KeyValue to an
>> equivalent flat one. Adds some boilerplate to the schema, which is a
>> bit ugly, but a lot easier to maintain than the simple union feature.
>>
>> Cc: Gerd Hoffmann
>> Signed-off-by: Markus Armbruster
>> ---
>> qapi/ui.json | 30 --
>> 1 file changed, 28 insertions(+), 2 deletions(-)
>>
>> diff --git a/qapi/ui.json b/qapi/ui.json
>> index b2cf7a6759..a6b0dce876 100644
>> --- a/qapi/ui.json
>> +++ b/qapi/ui.json
>> @@ -824,6 +824,30 @@
>> 'ac_home', 'ac_back', 'ac_forward', 'ac_refresh',
>> 'ac_bookmarks',
>> 'lang1', 'lang2' ] }
>>
>> +##
>> +# @KeyValueKind:
>> +#
>> +# Since: 6.1
>
> 6.2 now? Or should this be...
Yes. Can't count :)
>> +
>> ##
>> # @KeyValue:
>> #
>> @@ -832,9 +856,11 @@
>> # Since: 1.3
>
> ...1.3, since the type has been around by that name already (albeit
> implicitly) since that older release?
I'll change it to 1.3.
My first version had KeyValueType here. Then I found the renaming of
its uses in C code tedious, and realized I could avoid it by unreserving
*Kind type names early. I forgot to adjust the Since tag.
>> ##
>> { 'union': 'KeyValue',
>> + 'base': { 'type': 'KeyValueKind' },
>> + 'discriminator': 'type',
>>'data': {
>> -'number': 'int',
>> -'qcode': 'QKeyCode' } }
>> +'number': 'IntWrapper',
>> +'qcode': 'QKeyCodeWrapper' } }
>>
>
> I'll trust your decision on the documentation issue; the conversion
> itself is sane, so I'm fine with:
>
> Reviewed-by: Eric Blake
Thanks!
[PATCH 1/3] bios-tables-test: allow changes in DSDT ACPI tables for q35
We are going to commit a change to fix IO address range allocated for acpi pci hotplug in q35. This affects DSDT tables. This change allows DSDT table modification so that unit tests are not broken. Signed-off-by: Ani Sinha --- tests/qtest/bios-tables-test-allowed-diff.h | 11 +++ 1 file changed, 11 insertions(+) diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h index dfb8523c8b..a02b88305c 100644 --- a/tests/qtest/bios-tables-test-allowed-diff.h +++ b/tests/qtest/bios-tables-test-allowed-diff.h @@ -1 +1,12 @@ /* List of comma-separated changed AML files to ignore */ +"tests/data/acpi/q35/DSDT", +"tests/data/acpi/q35/DSDT.tis", +"tests/data/acpi/q35/DSDT.bridge", +"tests/data/acpi/q35/DSDT.mmio64", +"tests/data/acpi/q35/DSDT.ipmibt", +"tests/data/acpi/q35/DSDT.cphp", +"tests/data/acpi/q35/DSDT.memhp", +"tests/data/acpi/q35/DSDT.numamem", +"tests/data/acpi/q35/DSDT.nohpet", +"tests/data/acpi/q35/DSDT.dimmpxm", +"tests/data/acpi/q35/DSDT.acpihmat", -- 2.25.1
hw/i386/acpi: fix conflicting IO address range for acpi pci hotplug in q35
Hi Igor/Michael : This patchset fixes the acpi pci hotplug IO address range conflict issue with cpu hotplug. This issue has been reported here: https://gitlab.com/qemu-project/qemu/-/issues/561 We have disucssed this issue at length here: https://lists.gnu.org/archive/html/qemu-devel/2021-09/msg02146.html This issue affects Qemu version 6.1. Patch 1 : allows q35 DSDT table changes. Patch 2 : actual fix. Patch 3: updates DSDT table blobs. Thanks ani
Re: [PATCH] qapi: define cleanup function for g_autoptr(Error)
Philippe Mathieu-Daudé writes:
> On 9/13/21 3:08 PM, Markus Armbruster wrote:
>> Markus Armbruster writes:
[...]
>> As is, reporting errors doesn't play well with g_autoptr(). Example:
>>
>> Error *err = NULL;
>>
>> ... code that may set @err ...
>>
>> if (error is serious) {
>> error_report_err(err);
>> } else {
>> error_free(err);
>> }
>
> error_report_err() seems always called within an if()
> statement, so an alternative is to refactor this pattern as:
>
> void error_report_err_cond(bool condition, Error *err);
It's rarely the only thing done when the condition is true, so it needs
to return it.
Re: [PATCH RESEND v2 4/4] hw/dma: sifive_pdma: don't set Control.error if 0 bytes to transfer
On Sun, Sep 12, 2021 at 11:11 PM wrote:
>
> From: Frank Chang
>
> Real PDMA doesn't set Control.error if there are 0 bytes to be
> transferred. The DMA transfer is still success.
>
> The following result is PDMA tested in U-Boot on Unmatched board:
>
> => mw.l 0x300 0x0 <= Disclaim channel 0
> => mw.l 0x300 0x1 <= Claim channel 0
> => mw.l 0x304 0x5500 <= wsize = rsize = 5 (2^5 = 32
> bytes)
> => mw.q 0x308 0x0 <= NextBytes = 0
> => mw.q 0x310 0x8400 <= NextDestination = 0x8400
> => mw.q 0x318 0x84001000 <= NextSource = 0x84001000
> => mw.l 0x8400 0x87654321 <= Fill test data to dst
> => mw.l 0x84001000 0x12345678 <= Fill test data to src
> => md.l 0x8400 1; md.l 0x84001000 1<= Dump src/dst memory contents
> 8400: 87654321 !Ce.
> 84001000: 12345678 xV4.
> => md.l 0x300 8<= Dump PDMA status
> 0300: 0001 5500 ...U
> 0310: 8400 84001000
> => mw.l 0x300 0x3 <= Set channel 0 run and claim bits
> => md.l 0x300 8<= Dump PDMA status
> 0300: 4001 5500 ...@...U
> 0310: 8400 84001000
> => md.l 0x8400 1; md.l 0x84001000 1<= Dump src/dst memory contents
> 8400: 87654321 !Ce.
> 84001000: 12345678 xV4.
>
> Signed-off-by: Frank Chang
> Tested-by: Max Hsu
> Reviewed-by: Bin Meng
> Tested-by: Bin Meng
Thanks!
Applied to riscv-to-apply.next
Alistair
> ---
> hw/dma/sifive_pdma.c | 12 ++--
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/hw/dma/sifive_pdma.c b/hw/dma/sifive_pdma.c
> index d7d2c53e97e..b4fd40573a5 100644
> --- a/hw/dma/sifive_pdma.c
> +++ b/hw/dma/sifive_pdma.c
> @@ -80,7 +80,7 @@ static void sifive_pdma_run(SiFivePDMAState *s, int ch)
>
> /* do nothing if bytes to transfer is zero */
> if (!bytes) {
> -goto error;
> +goto done;
> }
>
> /*
> @@ -135,11 +135,6 @@ static void sifive_pdma_run(SiFivePDMAState *s, int ch)
> s->chan[ch].exec_bytes -= remainder;
> }
>
> -/* indicate a DMA transfer is done */
> -s->chan[ch].state = DMA_CHAN_STATE_DONE;
> -s->chan[ch].control &= ~CONTROL_RUN;
> -s->chan[ch].control |= CONTROL_DONE;
> -
> /* reload exec_ registers if repeat is required */
> if (s->chan[ch].next_config & CONFIG_REPEAT) {
> s->chan[ch].exec_bytes = bytes;
> @@ -147,6 +142,11 @@ static void sifive_pdma_run(SiFivePDMAState *s, int ch)
> s->chan[ch].exec_src = src;
> }
>
> +done:
> +/* indicate a DMA transfer is done */
> +s->chan[ch].state = DMA_CHAN_STATE_DONE;
> +s->chan[ch].control &= ~CONTROL_RUN;
> +s->chan[ch].control |= CONTROL_DONE;
> return;
>
> error:
> --
> 2.25.1
>
>
Re: [PATCH] target/riscv: Force to set mstatus_hs.[SD|FS] bits in mark_fs_dirty()
On Tue, Sep 14, 2021 at 10:10 AM Richard Henderson <
richard.hender...@linaro.org> wrote:
> On 9/13/21 6:37 PM, frank.ch...@sifive.com wrote:
> > From: Frank Chang
> >
> > When V=1, both vsstauts.FS and HS-level sstatus.FS are in effect.
> > Modifying the floating-point state when V=1 causes both fields to
> > be set to 3 (Dirty).
> >
> > However, it's possible that HS-level sstatus.FS is Clean and VS-level
> > vsstatus.FS is Dirty at the time mark_fs_dirty() is called when V=1.
> > We can't early return for this case because we still need to set
> > sstatus.FS to Dirty according to spec.
> >
> > Signed-off-by: Frank Chang
> > Reviewed-by: Vincent Chen
> > Tested-by: Vincent Chen
> > ---
> > target/riscv/translate.c | 19 ++-
> > 1 file changed, 10 insertions(+), 9 deletions(-)
> >
> > diff --git a/target/riscv/translate.c b/target/riscv/translate.c
> > index e356fc6c46c..0096b098738 100644
> > --- a/target/riscv/translate.c
> > +++ b/target/riscv/translate.c
> > @@ -280,26 +280,27 @@ static void gen_jal(DisasContext *ctx, int rd,
> target_ulong imm)
> > static void mark_fs_dirty(DisasContext *ctx)
> > {
> > TCGv tmp;
> > -target_ulong sd;
> > +target_ulong sd = is_32bit(ctx) ? MSTATUS32_SD : MSTATUS64_SD;
> > +
> > +if (ctx->virt_enabled) {
> > +tmp = tcg_temp_new();
> > +tcg_gen_ld_tl(tmp, cpu_env, offsetof(CPURISCVState,
> mstatus_hs));
> > +tcg_gen_ori_tl(tmp, tmp, MSTATUS_FS | sd);
> > +tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState,
> mstatus_hs));
> > +tcg_temp_free(tmp);
> > +}
> >
> > if (ctx->mstatus_fs == MSTATUS_FS) {
> > return;
> > }
>
> You should introduce a ctx->mstatus_hs field to track the code that you
> moved. Otherwise
> you'll be setting this dirty bit for every fp insn.
>
>
Thanks, Richard, I was struggling with whether to introduce a new field
in DisasContext.
I will update my patch.
Regards,
Frank Chang
>
> r~
>
Re: [PATCH] target/riscv: Force to set mstatus_hs.[SD|FS] bits in mark_fs_dirty()
On 9/13/21 6:37 PM, frank.ch...@sifive.com wrote:
From: Frank Chang
When V=1, both vsstauts.FS and HS-level sstatus.FS are in effect.
Modifying the floating-point state when V=1 causes both fields to
be set to 3 (Dirty).
However, it's possible that HS-level sstatus.FS is Clean and VS-level
vsstatus.FS is Dirty at the time mark_fs_dirty() is called when V=1.
We can't early return for this case because we still need to set
sstatus.FS to Dirty according to spec.
Signed-off-by: Frank Chang
Reviewed-by: Vincent Chen
Tested-by: Vincent Chen
---
target/riscv/translate.c | 19 ++-
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index e356fc6c46c..0096b098738 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -280,26 +280,27 @@ static void gen_jal(DisasContext *ctx, int rd,
target_ulong imm)
static void mark_fs_dirty(DisasContext *ctx)
{
TCGv tmp;
-target_ulong sd;
+target_ulong sd = is_32bit(ctx) ? MSTATUS32_SD : MSTATUS64_SD;
+
+if (ctx->virt_enabled) {
+tmp = tcg_temp_new();
+tcg_gen_ld_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs));
+tcg_gen_ori_tl(tmp, tmp, MSTATUS_FS | sd);
+tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs));
+tcg_temp_free(tmp);
+}
if (ctx->mstatus_fs == MSTATUS_FS) {
return;
}
You should introduce a ctx->mstatus_hs field to track the code that you moved. Otherwise
you'll be setting this dirty bit for every fp insn.
r~
[PATCH v2 2/2] vfio/common: Add trace point when a MMIO RAM section less than PAGE_SIZE
The MSI-X structures of some devices and other non-MSI-X structures
are in the same BAR. They may share one host page, especially in the
case of large page granularity, such as 64K.
For example, MSIX-Table size of 82599 NIC is 0x30 and the offset in
Bar 3(size 64KB) is 0x0. If host page size is 64KB.
vfio_listener_region_add() will be called to map the remaining range
(0x30-0x). And it will return early at
'int128_ge((int128_make64(iova), llend))' and hasn't any message.
Let's add a trace point to informed users like commit 5c08600547c0
("vfio: Use a trace point when a RAM section cannot be DMA mapped")
did.
Signed-off-by: Kunkun Jiang
---
hw/vfio/common.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 8728d4d5c2..2fc6213c0f 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -892,6 +892,13 @@ static void vfio_listener_region_add(MemoryListener
*listener,
llend = int128_and(llend, int128_exts64(qemu_real_host_page_mask));
if (int128_ge(int128_make64(iova), llend)) {
+if (memory_region_is_ram_device(section->mr)) {
+trace_vfio_listener_region_add_no_dma_map(
+memory_region_name(section->mr),
+section->offset_within_address_space,
+int128_getlo(section->size),
+qemu_real_host_page_size);
+}
return;
}
end = int128_get64(int128_sub(llend, int128_one()));
--
2.23.0
[PATCH v2 1/2] vfio/pci: Fix vfio-pci sub-page MMIO BAR mmaping in live migration
We expand MemoryRegions of vfio-pci sub-page MMIO BARs to
vfio_pci_write_config to improve IO performance.
The MemoryRegions of destination VM will not be expanded
successful in live migration, because their addresses have
been updated in vmstate_load_state (vfio_pci_load_config).
So iterate BARs in vfio_pci_write_config and try to update
sub-page BARs.
Fixes: c5e2fb3ce4d (vfio: Add save and load functions for VFIO PCI devices)
Reported-by: Nianyao Tang
Reported-by: Qixin Gan
Signed-off-by: Kunkun Jiang
---
hw/vfio/pci.c | 15 ++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c
index e1ea1d8a23..43c7e93153 100644
--- a/hw/vfio/pci.c
+++ b/hw/vfio/pci.c
@@ -2453,7 +2453,12 @@ static int vfio_pci_load_config(VFIODevice *vbasedev,
QEMUFile *f)
{
VFIOPCIDevice *vdev = container_of(vbasedev, VFIOPCIDevice, vbasedev);
PCIDevice *pdev = >pdev;
-int ret;
+pcibus_t old_addr[PCI_NUM_REGIONS - 1];
+int bar, ret;
+
+for (bar = 0; bar < PCI_ROM_SLOT; bar++) {
+old_addr[bar] = pdev->io_regions[bar].addr;
+}
ret = vmstate_load_state(f, _vfio_pci_config, vdev, 1);
if (ret) {
@@ -2463,6 +2468,14 @@ static int vfio_pci_load_config(VFIODevice *vbasedev,
QEMUFile *f)
vfio_pci_write_config(pdev, PCI_COMMAND,
pci_get_word(pdev->config + PCI_COMMAND), 2);
+for (bar = 0; bar < PCI_ROM_SLOT; bar++) {
+if (old_addr[bar] != pdev->io_regions[bar].addr &&
+vdev->bars[bar].region.size > 0 &&
+vdev->bars[bar].region.size < qemu_real_host_page_size) {
+vfio_sub_page_bar_update_mapping(pdev, bar);
+}
+}
+
if (msi_enabled(pdev)) {
vfio_msi_enable(vdev);
} else if (msix_enabled(pdev)) {
--
2.23.0
[PATCH v2 0/2] vfio: Some fixes about vfio-pci MMIO RAM mapping
This series include patches as below: Patch 1: - vfio/pci: Fix vfio-pci sub-page MMIO BAR mmaping in live migration Patch 2: - Added a trace point to informe users when a MMIO RAM ection less than PAGE_SIZE History: v1 -> v2: - Add iterate sub-page BARs in vfio_pci_load_config and try to update them [Alex Williamson] Kunkun Jiang (2): vfio/pci: Fix vfio-pci sub-page MMIO BAR mmaping in live migration vfio/common: Add trace point when a MMIO RAM section less than PAGE_SIZE hw/vfio/common.c | 7 +++ hw/vfio/pci.c| 15 ++- 2 files changed, 21 insertions(+), 1 deletion(-) -- 2.23.0
[PATCH] target/riscv: Force to set mstatus_hs.[SD|FS] bits in mark_fs_dirty()
From: Frank Chang
When V=1, both vsstauts.FS and HS-level sstatus.FS are in effect.
Modifying the floating-point state when V=1 causes both fields to
be set to 3 (Dirty).
However, it's possible that HS-level sstatus.FS is Clean and VS-level
vsstatus.FS is Dirty at the time mark_fs_dirty() is called when V=1.
We can't early return for this case because we still need to set
sstatus.FS to Dirty according to spec.
Signed-off-by: Frank Chang
Reviewed-by: Vincent Chen
Tested-by: Vincent Chen
---
target/riscv/translate.c | 19 ++-
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index e356fc6c46c..0096b098738 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -280,26 +280,27 @@ static void gen_jal(DisasContext *ctx, int rd,
target_ulong imm)
static void mark_fs_dirty(DisasContext *ctx)
{
TCGv tmp;
-target_ulong sd;
+target_ulong sd = is_32bit(ctx) ? MSTATUS32_SD : MSTATUS64_SD;
+
+if (ctx->virt_enabled) {
+tmp = tcg_temp_new();
+tcg_gen_ld_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs));
+tcg_gen_ori_tl(tmp, tmp, MSTATUS_FS | sd);
+tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs));
+tcg_temp_free(tmp);
+}
if (ctx->mstatus_fs == MSTATUS_FS) {
return;
}
+
/* Remember the state change for the rest of the TB. */
ctx->mstatus_fs = MSTATUS_FS;
tmp = tcg_temp_new();
-sd = is_32bit(ctx) ? MSTATUS32_SD : MSTATUS64_SD;
-
tcg_gen_ld_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus));
tcg_gen_ori_tl(tmp, tmp, MSTATUS_FS | sd);
tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus));
-
-if (ctx->virt_enabled) {
-tcg_gen_ld_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs));
-tcg_gen_ori_tl(tmp, tmp, MSTATUS_FS | sd);
-tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs));
-}
tcg_temp_free(tmp);
}
#else
--
2.25.1
[PATCH] target/riscv: Backup/restore mstatus.SD bit when virtual register swapped
From: Frank Chang
When virtual registers are swapped, mstatus.SD bit should also be
backed up/restored. Otherwise, mstatus.SD bit will be incorrectly kept
across the world switches.
Signed-off-by: Frank Chang
Reviewed-by: Vincent Chen
---
target/riscv/cpu_helper.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index 968cb8046f4..488867b59eb 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -111,9 +111,10 @@ bool riscv_cpu_fp_enabled(CPURISCVState *env)
void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env)
{
+target_ulong sd = riscv_cpu_is_32bit(env) ? MSTATUS32_SD : MSTATUS64_SD;
uint64_t mstatus_mask = MSTATUS_MXR | MSTATUS_SUM | MSTATUS_FS |
MSTATUS_SPP | MSTATUS_SPIE | MSTATUS_SIE |
-MSTATUS64_UXL;
+MSTATUS64_UXL | sd;
bool current_virt = riscv_cpu_virt_enabled(env);
g_assert(riscv_has_ext(env, RVH));
--
2.25.1
Re: [RFC PATCH 0/7] linux-user: Streamline handling of SIGSEGV/SIGBUS
On 9/13/21 3:05 PM, Richard Henderson wrote: All of the really tcg-specific portions are still in user-exec.c, and all of the really host-specific portions are now ditributed across linux-user/host//. Importantly, SEGV_MAPERR and SEGV_ACCERR are now passed through from the host kernel -- or at least there's a single place from which to manage it [1]. Hum. And then there's the special case of s390x, where the hw does not provide the exact address on faults, but only the page. We have code for that in cpu_loop, but I have to invent some new hook in this new scheme. r~
[PULL 44/44] tcg/arm: More use of the TCGReg enum
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 65 +---
1 file changed, 35 insertions(+), 30 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index cf0627448b..d25e68b36b 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -559,7 +559,7 @@ static void tcg_out_bl_imm(TCGContext *s, ARMCond cond,
int32_t offset)
(((offset - 8) >> 2) & 0x00ff));
}
-static void tcg_out_blx_reg(TCGContext *s, ARMCond cond, int rn)
+static void tcg_out_blx_reg(TCGContext *s, ARMCond cond, TCGReg rn)
{
tcg_out32(s, (cond << 28) | 0x012fff30 | rn);
}
@@ -570,14 +570,14 @@ static void tcg_out_blx_imm(TCGContext *s, int32_t offset)
(((offset - 8) >> 2) & 0x00ff));
}
-static void tcg_out_dat_reg(TCGContext *s, ARMCond cond, ARMInsn opc, int rd,
-int rn, int rm, int shift)
+static void tcg_out_dat_reg(TCGContext *s, ARMCond cond, ARMInsn opc,
+TCGReg rd, TCGReg rn, TCGReg rm, int shift)
{
tcg_out32(s, (cond << 28) | (0 << 25) | opc |
(rn << 16) | (rd << 12) | shift | rm);
}
-static void tcg_out_mov_reg(TCGContext *s, ARMCond cond, int rd, int rm)
+static void tcg_out_mov_reg(TCGContext *s, ARMCond cond, TCGReg rd, TCGReg rm)
{
/* Simple reg-reg move, optimising out the 'do nothing' case */
if (rd != rm) {
@@ -604,7 +604,7 @@ static void tcg_out_b_reg(TCGContext *s, ARMCond cond,
TCGReg rn)
}
static void tcg_out_dat_imm(TCGContext *s, ARMCond cond, ARMInsn opc,
-int rd, int rn, int im)
+TCGReg rd, TCGReg rn, int im)
{
tcg_out32(s, (cond << 28) | (1 << 25) | opc |
(rn << 16) | (rd << 12) | im);
@@ -788,13 +788,15 @@ static void tcg_out_ld8s_r(TCGContext *s, ARMCond cond,
TCGReg rt,
tcg_out_memop_r(s, cond, INSN_LDRSB_REG, rt, rn, rm, 1, 1, 0);
}
-static void tcg_out_movi_pool(TCGContext *s, ARMCond cond, int rd, uint32_t
arg)
+static void tcg_out_movi_pool(TCGContext *s, ARMCond cond,
+ TCGReg rd, uint32_t arg)
{
new_pool_label(s, arg, R_ARM_PC13, s->code_ptr, 0);
tcg_out_ld32_12(s, cond, rd, TCG_REG_PC, 0);
}
-static void tcg_out_movi32(TCGContext *s, ARMCond cond, int rd, uint32_t arg)
+static void tcg_out_movi32(TCGContext *s, ARMCond cond,
+ TCGReg rd, uint32_t arg)
{
int imm12, diff, opc, sh1, sh2;
uint32_t tt0, tt1, tt2;
@@ -873,8 +875,8 @@ static void tcg_out_movi32(TCGContext *s, ARMCond cond, int
rd, uint32_t arg)
* Emit either the reg,imm or reg,reg form of a data-processing insn.
* rhs must satisfy the "rI" constraint.
*/
-static void tcg_out_dat_rI(TCGContext *s, ARMCond cond, ARMInsn opc, TCGArg
dst,
- TCGArg lhs, TCGArg rhs, int rhs_is_const)
+static void tcg_out_dat_rI(TCGContext *s, ARMCond cond, ARMInsn opc,
+ TCGReg dst, TCGReg lhs, TCGArg rhs, int
rhs_is_const)
{
if (rhs_is_const) {
tcg_out_dat_imm(s, cond, opc, dst, lhs, encode_imm_nofail(rhs));
@@ -904,7 +906,7 @@ static void tcg_out_dat_rIK(TCGContext *s, ARMCond cond,
ARMInsn opc,
}
static void tcg_out_dat_rIN(TCGContext *s, ARMCond cond, ARMInsn opc,
-ARMInsn opneg, TCGArg dst, TCGArg lhs, TCGArg rhs,
+ARMInsn opneg, TCGReg dst, TCGReg lhs, TCGArg rhs,
bool rhs_is_const)
{
/* Emit either the reg,imm or reg,reg form of a data-processing insn.
@@ -978,17 +980,19 @@ static void tcg_out_smull32(TCGContext *s, ARMCond cond,
TCGReg rd0,
(rd1 << 16) | (rd0 << 12) | (rm << 8) | rn);
}
-static void tcg_out_sdiv(TCGContext *s, ARMCond cond, int rd, int rn, int rm)
+static void tcg_out_sdiv(TCGContext *s, ARMCond cond,
+ TCGReg rd, TCGReg rn, TCGReg rm)
{
tcg_out32(s, 0x0710f010 | (cond << 28) | (rd << 16) | rn | (rm << 8));
}
-static void tcg_out_udiv(TCGContext *s, ARMCond cond, int rd, int rn, int rm)
+static void tcg_out_udiv(TCGContext *s, ARMCond cond,
+ TCGReg rd, TCGReg rn, TCGReg rm)
{
tcg_out32(s, 0x0730f010 | (cond << 28) | (rd << 16) | rn | (rm << 8));
}
-static void tcg_out_ext8s(TCGContext *s, ARMCond cond, int rd, int rn)
+static void tcg_out_ext8s(TCGContext *s, ARMCond cond, TCGReg rd, TCGReg rn)
{
if (use_armv6_instructions) {
/* sxtb */
@@ -1002,12 +1006,12 @@ static void tcg_out_ext8s(TCGContext *s, ARMCond cond,
int rd, int rn)
}
static void __attribute__((unused))
-tcg_out_ext8u(TCGContext *s, ARMCond cond, int rd, int rn)
+tcg_out_ext8u(TCGContext *s, ARMCond cond, TCGReg rd, TCGReg rn)
{
tcg_out_dat_imm(s, cond, ARITH_AND, rd, rn, 0xff);
}
-static void tcg_out_ext16s(TCGContext *s, ARMCond cond, int
[PULL 43/44] tcg/arm: More use of the ARMInsn enum
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index c068e707e8..cf0627448b 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -570,7 +570,7 @@ static void tcg_out_blx_imm(TCGContext *s, int32_t offset)
(((offset - 8) >> 2) & 0x00ff));
}
-static void tcg_out_dat_reg(TCGContext *s, ARMCond cond, int opc, int rd,
+static void tcg_out_dat_reg(TCGContext *s, ARMCond cond, ARMInsn opc, int rd,
int rn, int rm, int shift)
{
tcg_out32(s, (cond << 28) | (0 << 25) | opc |
@@ -603,14 +603,14 @@ static void tcg_out_b_reg(TCGContext *s, ARMCond cond,
TCGReg rn)
}
}
-static void tcg_out_dat_imm(TCGContext *s, ARMCond cond, int opc,
+static void tcg_out_dat_imm(TCGContext *s, ARMCond cond, ARMInsn opc,
int rd, int rn, int im)
{
tcg_out32(s, (cond << 28) | (1 << 25) | opc |
(rn << 16) | (rd << 12) | im);
}
-static void tcg_out_ldstm(TCGContext *s, ARMCond cond, int opc,
+static void tcg_out_ldstm(TCGContext *s, ARMCond cond, ARMInsn opc,
TCGReg rn, uint16_t mask)
{
tcg_out32(s, (cond << 28) | opc | (rn << 16) | mask);
@@ -637,8 +637,8 @@ static void tcg_out_memop_8(TCGContext *s, ARMCond cond,
ARMInsn opc, TCGReg rt,
(rn << 16) | (rt << 12) | ((imm8 & 0xf0) << 4) | (imm8 & 0xf));
}
-static void tcg_out_memop_12(TCGContext *s, ARMCond cond, ARMInsn opc, TCGReg
rt,
- TCGReg rn, int imm12, bool p, bool w)
+static void tcg_out_memop_12(TCGContext *s, ARMCond cond, ARMInsn opc,
+ TCGReg rt, TCGReg rn, int imm12, bool p, bool w)
{
bool u = 1;
if (imm12 < 0) {
@@ -873,7 +873,7 @@ static void tcg_out_movi32(TCGContext *s, ARMCond cond, int
rd, uint32_t arg)
* Emit either the reg,imm or reg,reg form of a data-processing insn.
* rhs must satisfy the "rI" constraint.
*/
-static void tcg_out_dat_rI(TCGContext *s, ARMCond cond, int opc, TCGArg dst,
+static void tcg_out_dat_rI(TCGContext *s, ARMCond cond, ARMInsn opc, TCGArg
dst,
TCGArg lhs, TCGArg rhs, int rhs_is_const)
{
if (rhs_is_const) {
@@ -887,8 +887,8 @@ static void tcg_out_dat_rI(TCGContext *s, ARMCond cond, int
opc, TCGArg dst,
* Emit either the reg,imm or reg,reg form of a data-processing insn.
* rhs must satisfy the "rIK" constraint.
*/
-static void tcg_out_dat_rIK(TCGContext *s, ARMCond cond, int opc, int opinv,
-TCGReg dst, TCGReg lhs, TCGArg rhs,
+static void tcg_out_dat_rIK(TCGContext *s, ARMCond cond, ARMInsn opc,
+ARMInsn opinv, TCGReg dst, TCGReg lhs, TCGArg rhs,
bool rhs_is_const)
{
if (rhs_is_const) {
@@ -903,8 +903,8 @@ static void tcg_out_dat_rIK(TCGContext *s, ARMCond cond,
int opc, int opinv,
}
}
-static void tcg_out_dat_rIN(TCGContext *s, ARMCond cond, int opc, int opneg,
-TCGArg dst, TCGArg lhs, TCGArg rhs,
+static void tcg_out_dat_rIN(TCGContext *s, ARMCond cond, ARMInsn opc,
+ARMInsn opneg, TCGArg dst, TCGArg lhs, TCGArg rhs,
bool rhs_is_const)
{
/* Emit either the reg,imm or reg,reg form of a data-processing insn.
--
2.25.1
[PULL 37/44] tcg/arm: Simplify use_armv5t_instructions
According to the Arm ARM DDI 0406C, section A1.3, the valid variants are ARMv5T, ARMv5TE, ARMv5TEJ -- there is no ARMv5 without Thumb. Therefore simplify the test from preprocessor ifdefs to base architecture revision. Retain the "t" in the name to minimize churn. Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson --- tcg/arm/tcg-target.h | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/tcg/arm/tcg-target.h b/tcg/arm/tcg-target.h index 18bb16c784..f41b809554 100644 --- a/tcg/arm/tcg-target.h +++ b/tcg/arm/tcg-target.h @@ -28,13 +28,7 @@ extern int arm_arch; -#if defined(__ARM_ARCH_5T__) \ -|| defined(__ARM_ARCH_5TE__) || defined(__ARM_ARCH_5TEJ__) -# define use_armv5t_instructions 1 -#else -# define use_armv5t_instructions use_armv6_instructions -#endif - +#define use_armv5t_instructions (__ARM_ARCH >= 5 || arm_arch >= 5) #define use_armv6_instructions (__ARM_ARCH >= 6 || arm_arch >= 6) #define use_armv7_instructions (__ARM_ARCH >= 7 || arm_arch >= 7) -- 2.25.1
[PULL 29/44] target/rx: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-22-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/rx/cpu.h| 2 ++
target/rx/cpu.c| 2 +-
target/rx/helper.c | 4
3 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/target/rx/cpu.h b/target/rx/cpu.h
index 0b4b998c7b..faa3606f52 100644
--- a/target/rx/cpu.h
+++ b/target/rx/cpu.h
@@ -124,8 +124,10 @@ typedef RXCPU ArchCPU;
#define CPU_RESOLVING_TYPE TYPE_RX_CPU
const char *rx_crname(uint8_t cr);
+#ifndef CONFIG_USER_ONLY
void rx_cpu_do_interrupt(CPUState *cpu);
bool rx_cpu_exec_interrupt(CPUState *cpu, int int_req);
+#endif /* !CONFIG_USER_ONLY */
void rx_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
int rx_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
int rx_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
diff --git a/target/rx/cpu.c b/target/rx/cpu.c
index 96cc96e514..25a4aa2976 100644
--- a/target/rx/cpu.c
+++ b/target/rx/cpu.c
@@ -186,10 +186,10 @@ static const struct SysemuCPUOps rx_sysemu_ops = {
static const struct TCGCPUOps rx_tcg_ops = {
.initialize = rx_translate_init,
.synchronize_from_tb = rx_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = rx_cpu_exec_interrupt,
.tlb_fill = rx_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = rx_cpu_exec_interrupt,
.do_interrupt = rx_cpu_do_interrupt,
#endif /* !CONFIG_USER_ONLY */
};
diff --git a/target/rx/helper.c b/target/rx/helper.c
index db6b07e389..f34945e7e2 100644
--- a/target/rx/helper.c
+++ b/target/rx/helper.c
@@ -40,6 +40,8 @@ void rx_cpu_unpack_psw(CPURXState *env, uint32_t psw, int rte)
env->psw_c = FIELD_EX32(psw, PSW, C);
}
+#ifndef CONFIG_USER_ONLY
+
#define INT_FLAGS (CPU_INTERRUPT_HARD | CPU_INTERRUPT_FIR)
void rx_cpu_do_interrupt(CPUState *cs)
{
@@ -142,6 +144,8 @@ bool rx_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return false;
}
+#endif /* !CONFIG_USER_ONLY */
+
hwaddr rx_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
{
return addr;
--
2.25.1
[PULL 30/44] target/xtensa: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-23-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/xtensa/cpu.h| 4 ++--
target/xtensa/cpu.c| 2 +-
target/xtensa/exc_helper.c | 7 ++-
3 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/target/xtensa/cpu.h b/target/xtensa/cpu.h
index 1e0cb1535c..cbb720e7cc 100644
--- a/target/xtensa/cpu.h
+++ b/target/xtensa/cpu.h
@@ -566,14 +566,14 @@ struct XtensaCPU {
bool xtensa_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr);
+#ifndef CONFIG_USER_ONLY
void xtensa_cpu_do_interrupt(CPUState *cpu);
bool xtensa_cpu_exec_interrupt(CPUState *cpu, int interrupt_request);
-#ifndef CONFIG_USER_ONLY
void xtensa_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, vaddr
addr,
unsigned size, MMUAccessType access_type,
int mmu_idx, MemTxAttrs attrs,
MemTxResult response, uintptr_t retaddr);
-#endif /* !CONFIG_USER_ONLY */
+#endif
void xtensa_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
hwaddr xtensa_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
void xtensa_count_regs(const XtensaConfig *config,
diff --git a/target/xtensa/cpu.c b/target/xtensa/cpu.c
index 58ec3a0862..c1cbd03595 100644
--- a/target/xtensa/cpu.c
+++ b/target/xtensa/cpu.c
@@ -192,11 +192,11 @@ static const struct SysemuCPUOps xtensa_sysemu_ops = {
static const struct TCGCPUOps xtensa_tcg_ops = {
.initialize = xtensa_translate_init,
-.cpu_exec_interrupt = xtensa_cpu_exec_interrupt,
.tlb_fill = xtensa_cpu_tlb_fill,
.debug_excp_handler = xtensa_breakpoint_handler,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = xtensa_cpu_exec_interrupt,
.do_interrupt = xtensa_cpu_do_interrupt,
.do_transaction_failed = xtensa_cpu_do_transaction_failed,
.do_unaligned_access = xtensa_cpu_do_unaligned_access,
diff --git a/target/xtensa/exc_helper.c b/target/xtensa/exc_helper.c
index 10e75ab070..9bc7f50d35 100644
--- a/target/xtensa/exc_helper.c
+++ b/target/xtensa/exc_helper.c
@@ -255,11 +255,6 @@ void xtensa_cpu_do_interrupt(CPUState *cs)
}
check_interrupts(env);
}
-#else
-void xtensa_cpu_do_interrupt(CPUState *cs)
-{
-}
-#endif
bool xtensa_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
@@ -270,3 +265,5 @@ bool xtensa_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
}
return false;
}
+
+#endif /* !CONFIG_USER_ONLY */
--
2.25.1
[PULL 23/44] target/nios2: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-16-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/nios2/cpu.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/target/nios2/cpu.c b/target/nios2/cpu.c
index 5e37defef8..947bb09bc1 100644
--- a/target/nios2/cpu.c
+++ b/target/nios2/cpu.c
@@ -127,6 +127,7 @@ static void nios2_cpu_realizefn(DeviceState *dev, Error
**errp)
ncc->parent_realize(dev, errp);
}
+#ifndef CONFIG_USER_ONLY
static bool nios2_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
Nios2CPU *cpu = NIOS2_CPU(cs);
@@ -140,7 +141,7 @@ static bool nios2_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
}
return false;
}
-
+#endif /* !CONFIG_USER_ONLY */
static void nios2_cpu_disas_set_info(CPUState *cpu, disassemble_info *info)
{
@@ -219,10 +220,10 @@ static const struct SysemuCPUOps nios2_sysemu_ops = {
static const struct TCGCPUOps nios2_tcg_ops = {
.initialize = nios2_tcg_init,
-.cpu_exec_interrupt = nios2_cpu_exec_interrupt,
.tlb_fill = nios2_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = nios2_cpu_exec_interrupt,
.do_interrupt = nios2_cpu_do_interrupt,
.do_unaligned_access = nios2_cpu_do_unaligned_access,
#endif /* !CONFIG_USER_ONLY */
--
2.25.1
[PULL 24/44] target/openrisc: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-17-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/openrisc/cpu.h | 5 +++--
target/openrisc/cpu.c | 2 +-
target/openrisc/interrupt.c | 2 --
target/openrisc/meson.build | 6 --
4 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/target/openrisc/cpu.h b/target/openrisc/cpu.h
index 82cbaeb4f8..be6df81a81 100644
--- a/target/openrisc/cpu.h
+++ b/target/openrisc/cpu.h
@@ -312,8 +312,6 @@ struct OpenRISCCPU {
void cpu_openrisc_list(void);
-void openrisc_cpu_do_interrupt(CPUState *cpu);
-bool openrisc_cpu_exec_interrupt(CPUState *cpu, int int_req);
void openrisc_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
hwaddr openrisc_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
int openrisc_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
@@ -331,6 +329,9 @@ int print_insn_or1k(bfd_vma addr, disassemble_info *info);
#ifndef CONFIG_USER_ONLY
extern const VMStateDescription vmstate_openrisc_cpu;
+void openrisc_cpu_do_interrupt(CPUState *cpu);
+bool openrisc_cpu_exec_interrupt(CPUState *cpu, int int_req);
+
/* hw/openrisc_pic.c */
void cpu_openrisc_pic_init(OpenRISCCPU *cpu);
diff --git a/target/openrisc/cpu.c b/target/openrisc/cpu.c
index bd34e429ec..27cb04152f 100644
--- a/target/openrisc/cpu.c
+++ b/target/openrisc/cpu.c
@@ -186,10 +186,10 @@ static const struct SysemuCPUOps openrisc_sysemu_ops = {
static const struct TCGCPUOps openrisc_tcg_ops = {
.initialize = openrisc_translate_init,
-.cpu_exec_interrupt = openrisc_cpu_exec_interrupt,
.tlb_fill = openrisc_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = openrisc_cpu_exec_interrupt,
.do_interrupt = openrisc_cpu_do_interrupt,
#endif /* !CONFIG_USER_ONLY */
};
diff --git a/target/openrisc/interrupt.c b/target/openrisc/interrupt.c
index 3eab771dcd..19223e3f25 100644
--- a/target/openrisc/interrupt.c
+++ b/target/openrisc/interrupt.c
@@ -28,7 +28,6 @@
void openrisc_cpu_do_interrupt(CPUState *cs)
{
-#ifndef CONFIG_USER_ONLY
OpenRISCCPU *cpu = OPENRISC_CPU(cs);
CPUOpenRISCState *env = >env;
int exception = cs->exception_index;
@@ -96,7 +95,6 @@ void openrisc_cpu_do_interrupt(CPUState *cs)
} else {
cpu_abort(cs, "Unhandled exception 0x%x\n", exception);
}
-#endif
cs->exception_index = -1;
}
diff --git a/target/openrisc/meson.build b/target/openrisc/meson.build
index 9774a58306..e445dec4a0 100644
--- a/target/openrisc/meson.build
+++ b/target/openrisc/meson.build
@@ -9,7 +9,6 @@ openrisc_ss.add(files(
'exception_helper.c',
'fpu_helper.c',
'gdbstub.c',
- 'interrupt.c',
'interrupt_helper.c',
'mmu.c',
'sys_helper.c',
@@ -17,7 +16,10 @@ openrisc_ss.add(files(
))
openrisc_softmmu_ss = ss.source_set()
-openrisc_softmmu_ss.add(files('machine.c'))
+openrisc_softmmu_ss.add(files(
+ 'interrupt.c',
+ 'machine.c',
+))
target_arch += {'openrisc': openrisc_ss}
target_softmmu_arch += {'openrisc': openrisc_softmmu_ss}
--
2.25.1
[PULL 25/44] target/ppc: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Acked-by: David Gibson
Message-Id: <20210911165434.531552-18-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/ppc/cpu.h | 4 ++--
target/ppc/cpu_init.c| 2 +-
target/ppc/excp_helper.c | 21 +++--
3 files changed, 6 insertions(+), 21 deletions(-)
diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
index 500205229c..362e7c4c5c 100644
--- a/target/ppc/cpu.h
+++ b/target/ppc/cpu.h
@@ -1254,8 +1254,6 @@ DECLARE_OBJ_CHECKERS(PPCVirtualHypervisor,
PPCVirtualHypervisorClass,
PPC_VIRTUAL_HYPERVISOR, TYPE_PPC_VIRTUAL_HYPERVISOR)
#endif /* CONFIG_USER_ONLY */
-void ppc_cpu_do_interrupt(CPUState *cpu);
-bool ppc_cpu_exec_interrupt(CPUState *cpu, int int_req);
void ppc_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
hwaddr ppc_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
int ppc_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
@@ -1271,6 +1269,8 @@ int ppc64_cpu_write_elf64_note(WriteCoreDumpFunction f,
CPUState *cs,
int ppc32_cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cs,
int cpuid, void *opaque);
#ifndef CONFIG_USER_ONLY
+void ppc_cpu_do_interrupt(CPUState *cpu);
+bool ppc_cpu_exec_interrupt(CPUState *cpu, int int_req);
void ppc_cpu_do_system_reset(CPUState *cs);
void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector);
extern const VMStateDescription vmstate_ppc_cpu;
diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
index ad7abc6041..6aad01d1d3 100644
--- a/target/ppc/cpu_init.c
+++ b/target/ppc/cpu_init.c
@@ -9014,10 +9014,10 @@ static const struct SysemuCPUOps ppc_sysemu_ops = {
static const struct TCGCPUOps ppc_tcg_ops = {
.initialize = ppc_translate_init,
- .cpu_exec_interrupt = ppc_cpu_exec_interrupt,
.tlb_fill = ppc_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+ .cpu_exec_interrupt = ppc_cpu_exec_interrupt,
.do_interrupt = ppc_cpu_do_interrupt,
.cpu_exec_enter = ppc_cpu_exec_enter,
.cpu_exec_exit = ppc_cpu_exec_exit,
diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
index 7b6ac16eef..d7e32ee107 100644
--- a/target/ppc/excp_helper.c
+++ b/target/ppc/excp_helper.c
@@ -40,24 +40,8 @@
/*/
/* Exception processing */
-#if defined(CONFIG_USER_ONLY)
-void ppc_cpu_do_interrupt(CPUState *cs)
-{
-PowerPCCPU *cpu = POWERPC_CPU(cs);
-CPUPPCState *env = >env;
+#if !defined(CONFIG_USER_ONLY)
-cs->exception_index = POWERPC_EXCP_NONE;
-env->error_code = 0;
-}
-
-static void ppc_hw_interrupt(CPUPPCState *env)
-{
-CPUState *cs = env_cpu(env);
-
-cs->exception_index = POWERPC_EXCP_NONE;
-env->error_code = 0;
-}
-#else /* defined(CONFIG_USER_ONLY) */
static inline void dump_syscall(CPUPPCState *env)
{
qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64
@@ -1113,7 +1097,6 @@ void ppc_cpu_do_fwnmi_machine_check(CPUState *cs,
target_ulong vector)
powerpc_set_excp_state(cpu, vector, msr);
}
-#endif /* !CONFIG_USER_ONLY */
bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
@@ -1130,6 +1113,8 @@ bool ppc_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return false;
}
+#endif /* !CONFIG_USER_ONLY */
+
#if defined(DEBUG_OP)
static void cpu_dump_rfi(target_ulong RA, target_ulong msr)
{
--
2.25.1
[PULL 40/44] tcg/arm: Simplify usage of encode_imm
We have already computed the rotated value of the imm8
portion of the complete imm12 encoding. No sense leaving
the combination of rot + rotation to the caller.
Create an encode_imm12_nofail helper that performs an assert.
This removes the final use of the local "rotl" function,
which duplicated our generic "rol32" function.
Reviewed-by: Peter Maydell
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 141 +--
1 file changed, 77 insertions(+), 64 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index c9e3fcfeac..1931cea1ca 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -312,10 +312,10 @@ static bool reloc_pc8(tcg_insn_unit *src_rw, const
tcg_insn_unit *target)
{
const tcg_insn_unit *src_rx = tcg_splitwx_to_rx(src_rw);
ptrdiff_t offset = tcg_ptr_byte_diff(target, src_rx) - 8;
-int rot = encode_imm(offset);
+int imm12 = encode_imm(offset);
-if (rot >= 0) {
-*src_rw = deposit32(*src_rw, 0, 12, rol32(offset, rot) | (rot << 7));
+if (imm12 >= 0) {
+*src_rw = deposit32(*src_rw, 0, 12, imm12);
return true;
}
return false;
@@ -369,33 +369,52 @@ static bool patch_reloc(tcg_insn_unit *code_ptr, int type,
(ALL_GENERAL_REGS & ~((1 << TCG_REG_R0) | (1 << TCG_REG_R1)))
#endif
-static inline uint32_t rotl(uint32_t val, int n)
-{
- return (val << n) | (val >> (32 - n));
-}
-
-/* ARM immediates for ALU instructions are made of an unsigned 8-bit
- right-rotated by an even amount between 0 and 30. */
+/*
+ * ARM immediates for ALU instructions are made of an unsigned 8-bit
+ * right-rotated by an even amount between 0 and 30.
+ *
+ * Return < 0 if @imm cannot be encoded, else the entire imm12 field.
+ */
static int encode_imm(uint32_t imm)
{
-int shift;
+uint32_t rot, imm8;
-/* simple case, only lower bits */
-if ((imm & ~0xff) == 0)
-return 0;
-/* then try a simple even shift */
-shift = ctz32(imm) & ~1;
-if (((imm >> shift) & ~0xff) == 0)
-return 32 - shift;
-/* now try harder with rotations */
-if ((rotl(imm, 2) & ~0xff) == 0)
-return 2;
-if ((rotl(imm, 4) & ~0xff) == 0)
-return 4;
-if ((rotl(imm, 6) & ~0xff) == 0)
-return 6;
-/* imm can't be encoded */
+/* Simple case, no rotation required. */
+if ((imm & ~0xff) == 0) {
+return imm;
+}
+
+/* Next, try a simple even shift. */
+rot = ctz32(imm) & ~1;
+imm8 = imm >> rot;
+rot = 32 - rot;
+if ((imm8 & ~0xff) == 0) {
+goto found;
+}
+
+/*
+ * Finally, try harder with rotations.
+ * The ctz test above will have taken care of rotates >= 8.
+ */
+for (rot = 2; rot < 8; rot += 2) {
+imm8 = rol32(imm, rot);
+if ((imm8 & ~0xff) == 0) {
+goto found;
+}
+}
+/* Fail: imm cannot be encoded. */
return -1;
+
+ found:
+/* Note that rot is even, and we discard bit 0 by shifting by 7. */
+return rot << 7 | imm8;
+}
+
+static int encode_imm_nofail(uint32_t imm)
+{
+int ret = encode_imm(imm);
+tcg_debug_assert(ret >= 0);
+return ret;
}
static inline int check_fit_imm(uint32_t imm)
@@ -782,20 +801,18 @@ static void tcg_out_movi_pool(TCGContext *s, int cond,
int rd, uint32_t arg)
static void tcg_out_movi32(TCGContext *s, int cond, int rd, uint32_t arg)
{
-int rot, diff, opc, sh1, sh2;
+int imm12, diff, opc, sh1, sh2;
uint32_t tt0, tt1, tt2;
/* Check a single MOV/MVN before anything else. */
-rot = encode_imm(arg);
-if (rot >= 0) {
-tcg_out_dat_imm(s, cond, ARITH_MOV, rd, 0,
-rotl(arg, rot) | (rot << 7));
+imm12 = encode_imm(arg);
+if (imm12 >= 0) {
+tcg_out_dat_imm(s, cond, ARITH_MOV, rd, 0, imm12);
return;
}
-rot = encode_imm(~arg);
-if (rot >= 0) {
-tcg_out_dat_imm(s, cond, ARITH_MVN, rd, 0,
-rotl(~arg, rot) | (rot << 7));
+imm12 = encode_imm(~arg);
+if (imm12 >= 0) {
+tcg_out_dat_imm(s, cond, ARITH_MVN, rd, 0, imm12);
return;
}
@@ -803,17 +820,15 @@ static void tcg_out_movi32(TCGContext *s, int cond, int
rd, uint32_t arg)
or within the TB, which is immediately before the code block. */
diff = tcg_pcrel_diff(s, (void *)arg) - 8;
if (diff >= 0) {
-rot = encode_imm(diff);
-if (rot >= 0) {
-tcg_out_dat_imm(s, cond, ARITH_ADD, rd, TCG_REG_PC,
-rotl(diff, rot) | (rot << 7));
+imm12 = encode_imm(diff);
+if (imm12 >= 0) {
+tcg_out_dat_imm(s, cond, ARITH_ADD, rd, TCG_REG_PC, imm12);
return;
}
} else {
-rot = encode_imm(-diff);
-if (rot >= 0) {
-tcg_out_dat_imm(s, cond, ARITH_SUB, rd, TCG_REG_PC,
-rotl(-diff, rot) | (rot << 7));
+
[PULL 42/44] tcg/arm: Give enum arm_cond_code_e a typedef and use it
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 136 +++
1 file changed, 68 insertions(+), 68 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index 529728fbbe..c068e707e8 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -92,7 +92,7 @@ static const int tcg_target_call_oarg_regs[2] = {
#define TCG_REG_TMP TCG_REG_R12
#define TCG_VEC_TMP TCG_REG_Q15
-enum arm_cond_code_e {
+typedef enum {
COND_EQ = 0x0,
COND_NE = 0x1,
COND_CS = 0x2, /* Unsigned greater or equal */
@@ -108,7 +108,7 @@ enum arm_cond_code_e {
COND_GT = 0xc,
COND_LE = 0xd,
COND_AL = 0xe,
-};
+} ARMCond;
#define TO_CPSR (1 << 20)
@@ -547,19 +547,19 @@ static bool tcg_target_const_match(int64_t val, TCGType
type, int ct)
return 0;
}
-static void tcg_out_b_imm(TCGContext *s, int cond, int32_t offset)
+static void tcg_out_b_imm(TCGContext *s, ARMCond cond, int32_t offset)
{
tcg_out32(s, (cond << 28) | 0x0a00 |
(((offset - 8) >> 2) & 0x00ff));
}
-static void tcg_out_bl_imm(TCGContext *s, int cond, int32_t offset)
+static void tcg_out_bl_imm(TCGContext *s, ARMCond cond, int32_t offset)
{
tcg_out32(s, (cond << 28) | 0x0b00 |
(((offset - 8) >> 2) & 0x00ff));
}
-static void tcg_out_blx_reg(TCGContext *s, int cond, int rn)
+static void tcg_out_blx_reg(TCGContext *s, ARMCond cond, int rn)
{
tcg_out32(s, (cond << 28) | 0x012fff30 | rn);
}
@@ -570,14 +570,14 @@ static void tcg_out_blx_imm(TCGContext *s, int32_t offset)
(((offset - 8) >> 2) & 0x00ff));
}
-static void tcg_out_dat_reg(TCGContext *s,
-int cond, int opc, int rd, int rn, int rm, int shift)
+static void tcg_out_dat_reg(TCGContext *s, ARMCond cond, int opc, int rd,
+int rn, int rm, int shift)
{
tcg_out32(s, (cond << 28) | (0 << 25) | opc |
(rn << 16) | (rd << 12) | shift | rm);
}
-static void tcg_out_mov_reg(TCGContext *s, int cond, int rd, int rm)
+static void tcg_out_mov_reg(TCGContext *s, ARMCond cond, int rd, int rm)
{
/* Simple reg-reg move, optimising out the 'do nothing' case */
if (rd != rm) {
@@ -585,12 +585,12 @@ static void tcg_out_mov_reg(TCGContext *s, int cond, int
rd, int rm)
}
}
-static void tcg_out_bx_reg(TCGContext *s, int cond, TCGReg rn)
+static void tcg_out_bx_reg(TCGContext *s, ARMCond cond, TCGReg rn)
{
tcg_out32(s, (cond << 28) | 0x012fff10 | rn);
}
-static void tcg_out_b_reg(TCGContext *s, int cond, TCGReg rn)
+static void tcg_out_b_reg(TCGContext *s, ARMCond cond, TCGReg rn)
{
/*
* Unless the C portion of QEMU is compiled as thumb, we don't need
@@ -603,14 +603,14 @@ static void tcg_out_b_reg(TCGContext *s, int cond, TCGReg
rn)
}
}
-static void tcg_out_dat_imm(TCGContext *s, int cond, int opc,
+static void tcg_out_dat_imm(TCGContext *s, ARMCond cond, int opc,
int rd, int rn, int im)
{
tcg_out32(s, (cond << 28) | (1 << 25) | opc |
(rn << 16) | (rd << 12) | im);
}
-static void tcg_out_ldstm(TCGContext *s, int cond, int opc,
+static void tcg_out_ldstm(TCGContext *s, ARMCond cond, int opc,
TCGReg rn, uint16_t mask)
{
tcg_out32(s, (cond << 28) | opc | (rn << 16) | mask);
@@ -618,14 +618,14 @@ static void tcg_out_ldstm(TCGContext *s, int cond, int
opc,
/* Note that this routine is used for both LDR and LDRH formats, so we do
not wish to include an immediate shift at this point. */
-static void tcg_out_memop_r(TCGContext *s, int cond, ARMInsn opc, TCGReg rt,
+static void tcg_out_memop_r(TCGContext *s, ARMCond cond, ARMInsn opc, TCGReg
rt,
TCGReg rn, TCGReg rm, bool u, bool p, bool w)
{
tcg_out32(s, (cond << 28) | opc | (u << 23) | (p << 24)
| (w << 21) | (rn << 16) | (rt << 12) | rm);
}
-static void tcg_out_memop_8(TCGContext *s, int cond, ARMInsn opc, TCGReg rt,
+static void tcg_out_memop_8(TCGContext *s, ARMCond cond, ARMInsn opc, TCGReg
rt,
TCGReg rn, int imm8, bool p, bool w)
{
bool u = 1;
@@ -637,7 +637,7 @@ static void tcg_out_memop_8(TCGContext *s, int cond,
ARMInsn opc, TCGReg rt,
(rn << 16) | (rt << 12) | ((imm8 & 0xf0) << 4) | (imm8 & 0xf));
}
-static void tcg_out_memop_12(TCGContext *s, int cond, ARMInsn opc, TCGReg rt,
+static void tcg_out_memop_12(TCGContext *s, ARMCond cond, ARMInsn opc, TCGReg
rt,
TCGReg rn, int imm12, bool p, bool w)
{
bool u = 1;
@@ -649,152 +649,152 @@ static void tcg_out_memop_12(TCGContext *s, int cond,
ARMInsn opc, TCGReg rt,
(rn << 16) | (rt << 12) | imm12);
}
-static void tcg_out_ld32_12(TCGContext *s, int cond, TCGReg rt,
+static void
[PULL 15/44] target/arm: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-8-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/arm/cpu.h | 3 +--
target/arm/cpu.c | 7 +--
target/arm/cpu_tcg.c | 6 +++---
3 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 6a987f65e4..cfd755cff9 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1040,11 +1040,10 @@ uint64_t arm_cpu_mp_affinity(int idx, uint8_t
clustersz);
#ifndef CONFIG_USER_ONLY
extern const VMStateDescription vmstate_arm_cpu;
-#endif
void arm_cpu_do_interrupt(CPUState *cpu);
void arm_v7m_cpu_do_interrupt(CPUState *cpu);
-bool arm_cpu_exec_interrupt(CPUState *cpu, int int_req);
+#endif /* !CONFIG_USER_ONLY */
hwaddr arm_cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr,
MemTxAttrs *attrs);
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index d631c4683c..ba0741b20e 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -440,6 +440,8 @@ static void arm_cpu_reset(DeviceState *dev)
arm_rebuild_hflags(env);
}
+#ifndef CONFIG_USER_ONLY
+
static inline bool arm_excp_unmasked(CPUState *cs, unsigned int excp_idx,
unsigned int target_el,
unsigned int cur_el, bool secure,
@@ -556,7 +558,7 @@ static inline bool arm_excp_unmasked(CPUState *cs, unsigned
int excp_idx,
return unmasked || pstate_unmasked;
}
-bool arm_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
+static bool arm_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
CPUClass *cc = CPU_GET_CLASS(cs);
CPUARMState *env = cs->env_ptr;
@@ -608,6 +610,7 @@ bool arm_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
cc->tcg_ops->do_interrupt(cs);
return true;
}
+#endif /* !CONFIG_USER_ONLY */
void arm_cpu_update_virq(ARMCPU *cpu)
{
@@ -2010,11 +2013,11 @@ static const struct SysemuCPUOps arm_sysemu_ops = {
static const struct TCGCPUOps arm_tcg_ops = {
.initialize = arm_translate_init,
.synchronize_from_tb = arm_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = arm_cpu_exec_interrupt,
.tlb_fill = arm_cpu_tlb_fill,
.debug_excp_handler = arm_debug_excp_handler,
#if !defined(CONFIG_USER_ONLY)
+.cpu_exec_interrupt = arm_cpu_exec_interrupt,
.do_interrupt = arm_cpu_do_interrupt,
.do_transaction_failed = arm_cpu_do_transaction_failed,
.do_unaligned_access = arm_cpu_do_unaligned_access,
diff --git a/target/arm/cpu_tcg.c b/target/arm/cpu_tcg.c
index 33cc75af57..0d5adccf1a 100644
--- a/target/arm/cpu_tcg.c
+++ b/target/arm/cpu_tcg.c
@@ -22,7 +22,7 @@
/* CPU models. These are not needed for the AArch64 linux-user build. */
#if !defined(CONFIG_USER_ONLY) || !defined(TARGET_AARCH64)
-#ifdef CONFIG_TCG
+#if !defined(CONFIG_USER_ONLY) && defined(CONFIG_TCG)
static bool arm_v7m_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
CPUClass *cc = CPU_GET_CLASS(cs);
@@ -46,7 +46,7 @@ static bool arm_v7m_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
}
return ret;
}
-#endif /* CONFIG_TCG */
+#endif /* !CONFIG_USER_ONLY && CONFIG_TCG */
static void arm926_initfn(Object *obj)
{
@@ -898,11 +898,11 @@ static void pxa270c5_initfn(Object *obj)
static const struct TCGCPUOps arm_v7m_tcg_ops = {
.initialize = arm_translate_init,
.synchronize_from_tb = arm_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = arm_v7m_cpu_exec_interrupt,
.tlb_fill = arm_cpu_tlb_fill,
.debug_excp_handler = arm_debug_excp_handler,
#if !defined(CONFIG_USER_ONLY)
+.cpu_exec_interrupt = arm_v7m_cpu_exec_interrupt,
.do_interrupt = arm_v7m_cpu_do_interrupt,
.do_transaction_failed = arm_cpu_do_transaction_failed,
.do_unaligned_access = arm_cpu_do_unaligned_access,
--
2.25.1
[PULL 38/44] tcg/arm: Support armv4t in tcg_out_goto and tcg_out_call
ARMv4T has BX as its only interworking instruction. In order
to support testing of different architecture revisions with a
qemu binary that may have been built for, say ARMv6T2, fill in
the blank required to make calls to helpers in thumb mode.
Reviewed-by: Peter Maydell
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 49
1 file changed, 34 insertions(+), 15 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index 7d15c36f85..852100bb80 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -1211,7 +1211,8 @@ static inline void tcg_out_st8(TCGContext *s, int cond,
tcg_out_st8_12(s, cond, rd, rn, offset);
}
-/* The _goto case is normally between TBs within the same code buffer, and
+/*
+ * The _goto case is normally between TBs within the same code buffer, and
* with the code buffer limited to 16MB we wouldn't need the long case.
* But we also use it for the tail-call to the qemu_ld/st helpers, which does.
*/
@@ -1219,38 +1220,56 @@ static void tcg_out_goto(TCGContext *s, int cond, const
tcg_insn_unit *addr)
{
intptr_t addri = (intptr_t)addr;
ptrdiff_t disp = tcg_pcrel_diff(s, addr);
+bool arm_mode = !(addri & 1);
-if ((addri & 1) == 0 && disp - 8 < 0x01fd && disp - 8 > -0x01fd) {
+if (arm_mode && disp - 8 < 0x01fd && disp - 8 > -0x01fd) {
tcg_out_b_imm(s, cond, disp);
return;
}
-tcg_out_movi_pool(s, cond, TCG_REG_PC, addri);
+
+/* LDR is interworking from v5t. */
+if (arm_mode || use_armv5t_instructions) {
+tcg_out_movi_pool(s, cond, TCG_REG_PC, addri);
+return;
+}
+
+/* else v4t */
+tcg_out_movi32(s, COND_AL, TCG_REG_TMP, addri);
+tcg_out_bx_reg(s, COND_AL, TCG_REG_TMP);
}
-/* The call case is mostly used for helpers - so it's not unreasonable
- * for them to be beyond branch range */
+/*
+ * The call case is mostly used for helpers - so it's not unreasonable
+ * for them to be beyond branch range.
+ */
static void tcg_out_call(TCGContext *s, const tcg_insn_unit *addr)
{
intptr_t addri = (intptr_t)addr;
ptrdiff_t disp = tcg_pcrel_diff(s, addr);
+bool arm_mode = !(addri & 1);
if (disp - 8 < 0x0200 && disp - 8 >= -0x0200) {
-if (addri & 1) {
-/* Use BLX if the target is in Thumb mode */
-if (!use_armv5t_instructions) {
-tcg_abort();
-}
-tcg_out_blx_imm(s, disp);
-} else {
+if (arm_mode) {
tcg_out_bl_imm(s, COND_AL, disp);
+return;
}
-} else if (use_armv7_instructions) {
+if (use_armv5t_instructions) {
+tcg_out_blx_imm(s, disp);
+return;
+}
+}
+
+if (use_armv5t_instructions) {
tcg_out_movi32(s, COND_AL, TCG_REG_TMP, addri);
tcg_out_blx_reg(s, COND_AL, TCG_REG_TMP);
-} else {
+} else if (arm_mode) {
/* ??? Know that movi_pool emits exactly 1 insn. */
-tcg_out_dat_imm(s, COND_AL, ARITH_ADD, TCG_REG_R14, TCG_REG_PC, 0);
+tcg_out_mov_reg(s, COND_AL, TCG_REG_R14, TCG_REG_PC);
tcg_out_movi_pool(s, COND_AL, TCG_REG_PC, addri);
+} else {
+tcg_out_movi32(s, COND_AL, TCG_REG_TMP, addri);
+tcg_out_mov_reg(s, COND_AL, TCG_REG_R14, TCG_REG_PC);
+tcg_out_bx_reg(s, COND_AL, TCG_REG_TMP);
}
}
--
2.25.1
[PULL 34/44] accel/tcg/user-exec: Fix read-modify-write of code on s390 hosts
From: Ilya Leoshkevich
x86_64 dotnet/runtime uses cmpxchg for code patching. When running it
under s390x qemu-linux user, cpu_signal_handler() does not recognize
this as a write and does not restore PAGE_WRITE cleared by
tb_page_add(), incorrectly forwarding the signal to the guest code.
Signed-off-by: Ilya Leoshkevich
Reviewed-by: Richard Henderson
Message-Id: <20210803221606.150103-1-...@linux.ibm.com>
Signed-off-by: Richard Henderson
---
accel/tcg/user-exec.c | 48 ---
1 file changed, 41 insertions(+), 7 deletions(-)
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 90d1a2d327..8fed542622 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -680,18 +680,26 @@ int cpu_signal_handler(int host_signum, void *pinfo,
pc = uc->uc_mcontext.psw.addr;
-/* ??? On linux, the non-rt signal handler has 4 (!) arguments instead
- of the normal 2 arguments. The 3rd argument contains the "int_code"
- from the hardware which does in fact contain the is_write value.
- The rt signal handler, as far as I can tell, does not give this value
- at all. Not that we could get to it from here even if it were. */
-/* ??? This is not even close to complete, since it ignores all
- of the read-modify-write instructions. */
+/*
+ * ??? On linux, the non-rt signal handler has 4 (!) arguments instead
+ * of the normal 2 arguments. The 4th argument contains the "Translation-
+ * Exception Identification for DAT Exceptions" from the hardware (aka
+ * "int_parm_long"), which does in fact contain the is_write value.
+ * The rt signal handler, as far as I can tell, does not give this value
+ * at all. Not that we could get to it from here even if it were.
+ * So fall back to parsing instructions. Treat read-modify-write ones as
+ * writes, which is not fully correct, but for tracking self-modifying code
+ * this is better than treating them as reads. Checking si_addr page flags
+ * might be a viable improvement, albeit a racy one.
+ */
+/* ??? This is not even close to complete. */
pinsn = (uint16_t *)pc;
switch (pinsn[0] >> 8) {
case 0x50: /* ST */
case 0x42: /* STC */
case 0x40: /* STH */
+case 0xba: /* CS */
+case 0xbb: /* CDS */
is_write = 1;
break;
case 0xc4: /* RIL format insns */
@@ -702,6 +710,12 @@ int cpu_signal_handler(int host_signum, void *pinfo,
is_write = 1;
}
break;
+case 0xc8: /* SSF format insns */
+switch (pinsn[0] & 0xf) {
+case 0x2: /* CSST */
+is_write = 1;
+}
+break;
case 0xe3: /* RXY format insns */
switch (pinsn[2] & 0xff) {
case 0x50: /* STY */
@@ -715,7 +729,27 @@ int cpu_signal_handler(int host_signum, void *pinfo,
is_write = 1;
}
break;
+case 0xeb: /* RSY format insns */
+switch (pinsn[2] & 0xff) {
+case 0x14: /* CSY */
+case 0x30: /* CSG */
+case 0x31: /* CDSY */
+case 0x3e: /* CDSG */
+case 0xe4: /* LANG */
+case 0xe6: /* LAOG */
+case 0xe7: /* LAXG */
+case 0xe8: /* LAAG */
+case 0xea: /* LAALG */
+case 0xf4: /* LAN */
+case 0xf6: /* LAO */
+case 0xf7: /* LAX */
+case 0xfa: /* LAAL */
+case 0xf8: /* LAA */
+is_write = 1;
+}
+break;
}
+
return handle_cpu_signal(pc, info, is_write, >uc_sigmask);
}
--
2.25.1
[PULL 13/44] accel/tcg: Rename user-mode do_interrupt hack as fake_user_interrupt
From: Philippe Mathieu-Daudé
do_interrupt() is sysemu specific. However due to some X86
specific hack, it is also used in user-mode emulation, which
is why it couldn't be restricted to CONFIG_SOFTMMU (see the
comment around added in commit 78271684719: "cpu: tcg_ops:
move to tcg-cpu-ops.h, keep a pointer in CPUClass").
Keep the hack but rename the handler as fake_user_interrupt()
and restrict do_interrupt() to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-6-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
include/hw/core/tcg-cpu-ops.h | 22 ++
accel/tcg/cpu-exec.c | 4 ++--
target/i386/tcg/tcg-cpu.c | 6 --
3 files changed, 20 insertions(+), 12 deletions(-)
diff --git a/include/hw/core/tcg-cpu-ops.h b/include/hw/core/tcg-cpu-ops.h
index eab27d0c03..6c7ab9600b 100644
--- a/include/hw/core/tcg-cpu-ops.h
+++ b/include/hw/core/tcg-cpu-ops.h
@@ -37,14 +37,6 @@ struct TCGCPUOps {
void (*cpu_exec_exit)(CPUState *cpu);
/** @cpu_exec_interrupt: Callback for processing interrupts in cpu_exec */
bool (*cpu_exec_interrupt)(CPUState *cpu, int interrupt_request);
-/**
- * @do_interrupt: Callback for interrupt handling.
- *
- * note that this is in general SOFTMMU only, but it actually isn't
- * because of an x86 hack (accel/tcg/cpu-exec.c), so we cannot put it
- * in the SOFTMMU section in general.
- */
-void (*do_interrupt)(CPUState *cpu);
/**
* @tlb_fill: Handle a softmmu tlb miss or user-only address fault
*
@@ -61,6 +53,20 @@ struct TCGCPUOps {
void (*debug_excp_handler)(CPUState *cpu);
#ifdef NEED_CPU_H
+#if defined(CONFIG_USER_ONLY) && defined(TARGET_I386)
+/**
+ * @fake_user_interrupt: Callback for 'fake exception' handling.
+ *
+ * Simulate 'fake exception' which will be handled outside the
+ * cpu execution loop (hack for x86 user mode).
+ */
+void (*fake_user_interrupt)(CPUState *cpu);
+#else
+/**
+ * @do_interrupt: Callback for interrupt handling.
+ */
+void (*do_interrupt)(CPUState *cpu);
+#endif /* !CONFIG_USER_ONLY || !TARGET_I386 */
#ifdef CONFIG_SOFTMMU
/**
* @do_transaction_failed: Callback for handling failed memory transactions
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index e5c0ccd1a2..2838177e7f 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -651,8 +651,8 @@ static inline bool cpu_handle_exception(CPUState *cpu, int
*ret)
loop */
#if defined(TARGET_I386)
CPUClass *cc = CPU_GET_CLASS(cpu);
-cc->tcg_ops->do_interrupt(cpu);
-#endif
+cc->tcg_ops->fake_user_interrupt(cpu);
+#endif /* TARGET_I386 */
*ret = cpu->exception_index;
cpu->exception_index = -1;
return true;
diff --git a/target/i386/tcg/tcg-cpu.c b/target/i386/tcg/tcg-cpu.c
index 93a79a5741..04c35486a2 100644
--- a/target/i386/tcg/tcg-cpu.c
+++ b/target/i386/tcg/tcg-cpu.c
@@ -73,9 +73,11 @@ static const struct TCGCPUOps x86_tcg_ops = {
.cpu_exec_enter = x86_cpu_exec_enter,
.cpu_exec_exit = x86_cpu_exec_exit,
.cpu_exec_interrupt = x86_cpu_exec_interrupt,
-.do_interrupt = x86_cpu_do_interrupt,
.tlb_fill = x86_cpu_tlb_fill,
-#ifndef CONFIG_USER_ONLY
+#ifdef CONFIG_USER_ONLY
+.fake_user_interrupt = x86_cpu_do_interrupt,
+#else
+.do_interrupt = x86_cpu_do_interrupt,
.debug_excp_handler = breakpoint_handler,
.debug_check_breakpoint = x86_debug_check_breakpoint,
#endif /* !CONFIG_USER_ONLY */
--
2.25.1
[PULL 33/44] user: Mark cpu_loop() with noreturn attribute
From: Philippe Mathieu-Daudé cpu_loop() never exits, so mark it with QEMU_NORETURN. Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Bin Meng Reviewed-By: Warner Losh Reviewed-by: Richard Henderson Message-Id: <20210905000429.1097336-1-f4...@amsat.org> Signed-off-by: Richard Henderson --- bsd-user/qemu.h | 2 +- linux-user/qemu.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bsd-user/qemu.h b/bsd-user/qemu.h index 522d6c4031..1511327d51 100644 --- a/bsd-user/qemu.h +++ b/bsd-user/qemu.h @@ -168,7 +168,7 @@ abi_long do_openbsd_syscall(void *cpu_env, int num, abi_long arg1, abi_long arg5, abi_long arg6); void gemu_log(const char *fmt, ...) GCC_FMT_ATTR(1, 2); extern __thread CPUState *thread_cpu; -void cpu_loop(CPUArchState *env); +void QEMU_NORETURN cpu_loop(CPUArchState *env); char *target_strerror(int err); int get_osversion(void); void fork_start(void); diff --git a/linux-user/qemu.h b/linux-user/qemu.h index 3b0b6b75fe..5b2c764ae7 100644 --- a/linux-user/qemu.h +++ b/linux-user/qemu.h @@ -236,7 +236,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, abi_long arg5, abi_long arg6, abi_long arg7, abi_long arg8); extern __thread CPUState *thread_cpu; -void cpu_loop(CPUArchState *env); +void QEMU_NORETURN cpu_loop(CPUArchState *env); const char *target_strerror(int err); int get_osversion(void); void init_qemu_uname_release(void); -- 2.25.1
[PULL 16/44] target/cris: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-9-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/cris/cpu.h| 2 +-
target/cris/cpu.c| 4 ++--
target/cris/helper.c | 17 ++---
3 files changed, 5 insertions(+), 18 deletions(-)
diff --git a/target/cris/cpu.h b/target/cris/cpu.h
index d3b6492909..be021899ae 100644
--- a/target/cris/cpu.h
+++ b/target/cris/cpu.h
@@ -185,11 +185,11 @@ struct CRISCPU {
#ifndef CONFIG_USER_ONLY
extern const VMStateDescription vmstate_cris_cpu;
-#endif
void cris_cpu_do_interrupt(CPUState *cpu);
void crisv10_cpu_do_interrupt(CPUState *cpu);
bool cris_cpu_exec_interrupt(CPUState *cpu, int int_req);
+#endif
void cris_cpu_dump_state(CPUState *cs, FILE *f, int flags);
diff --git a/target/cris/cpu.c b/target/cris/cpu.c
index 70932b1f8c..c2e7483f5b 100644
--- a/target/cris/cpu.c
+++ b/target/cris/cpu.c
@@ -205,20 +205,20 @@ static const struct SysemuCPUOps cris_sysemu_ops = {
static const struct TCGCPUOps crisv10_tcg_ops = {
.initialize = cris_initialize_crisv10_tcg,
-.cpu_exec_interrupt = cris_cpu_exec_interrupt,
.tlb_fill = cris_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = cris_cpu_exec_interrupt,
.do_interrupt = crisv10_cpu_do_interrupt,
#endif /* !CONFIG_USER_ONLY */
};
static const struct TCGCPUOps crisv32_tcg_ops = {
.initialize = cris_initialize_tcg,
-.cpu_exec_interrupt = cris_cpu_exec_interrupt,
.tlb_fill = cris_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = cris_cpu_exec_interrupt,
.do_interrupt = cris_cpu_do_interrupt,
#endif /* !CONFIG_USER_ONLY */
};
diff --git a/target/cris/helper.c b/target/cris/helper.c
index 911867f3b4..36926faf32 100644
--- a/target/cris/helper.c
+++ b/target/cris/helper.c
@@ -41,20 +41,6 @@
#if defined(CONFIG_USER_ONLY)
-void cris_cpu_do_interrupt(CPUState *cs)
-{
-CRISCPU *cpu = CRIS_CPU(cs);
-CPUCRISState *env = >env;
-
-cs->exception_index = -1;
-env->pregs[PR_ERP] = env->pc;
-}
-
-void crisv10_cpu_do_interrupt(CPUState *cs)
-{
-cris_cpu_do_interrupt(cs);
-}
-
bool cris_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr)
@@ -287,7 +273,6 @@ hwaddr cris_cpu_get_phys_page_debug(CPUState *cs, vaddr
addr)
D(fprintf(stderr, "%s %x -> %x\n", __func__, addr, phy));
return phy;
}
-#endif
bool cris_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
@@ -319,3 +304,5 @@ bool cris_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return ret;
}
+
+#endif /* !CONFIG_USER_ONLY */
--
2.25.1
[PULL 39/44] tcg/arm: Split out tcg_out_ldstm
Expand these hard-coded instructions symbolically.
Reviewed-by: Peter Maydell
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 19 +--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index 852100bb80..c9e3fcfeac 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -141,6 +141,9 @@ typedef enum {
INSN_CLZ = 0x016f0f10,
INSN_RBIT = 0x06ff0f30,
+INSN_LDMIA = 0x08b0,
+INSN_STMDB = 0x0920,
+
INSN_LDR_IMM = 0x0410,
INSN_LDR_REG = 0x0610,
INSN_STR_IMM = 0x0400,
@@ -593,6 +596,12 @@ static inline void tcg_out_dat_imm(TCGContext *s,
(rn << 16) | (rd << 12) | im);
}
+static void tcg_out_ldstm(TCGContext *s, int cond, int opc,
+ TCGReg rn, uint16_t mask)
+{
+tcg_out32(s, (cond << 28) | opc | (rn << 16) | mask);
+}
+
/* Note that this routine is used for both LDR and LDRH formats, so we do
not wish to include an immediate shift at this point. */
static void tcg_out_memop_r(TCGContext *s, int cond, ARMInsn opc, TCGReg rt,
@@ -3081,7 +3090,10 @@ static void tcg_target_qemu_prologue(TCGContext *s)
{
/* Calling convention requires us to save r4-r11 and lr. */
/* stmdb sp!, { r4 - r11, lr } */
-tcg_out32(s, (COND_AL << 28) | 0x092d4ff0);
+tcg_out_ldstm(s, COND_AL, INSN_STMDB, TCG_REG_CALL_STACK,
+ (1 << TCG_REG_R4) | (1 << TCG_REG_R5) | (1 << TCG_REG_R6) |
+ (1 << TCG_REG_R7) | (1 << TCG_REG_R8) | (1 << TCG_REG_R9) |
+ (1 << TCG_REG_R10) | (1 << TCG_REG_R11) | (1 <<
TCG_REG_R14));
/* Reserve callee argument and tcg temp space. */
tcg_out_dat_rI(s, COND_AL, ARITH_SUB, TCG_REG_CALL_STACK,
@@ -3109,7 +3121,10 @@ static void tcg_out_epilogue(TCGContext *s)
TCG_REG_CALL_STACK, STACK_ADDEND, 1);
/* ldmia sp!, { r4 - r11, pc } */
-tcg_out32(s, (COND_AL << 28) | 0x08bd8ff0);
+tcg_out_ldstm(s, COND_AL, INSN_LDMIA, TCG_REG_CALL_STACK,
+ (1 << TCG_REG_R4) | (1 << TCG_REG_R5) | (1 << TCG_REG_R6) |
+ (1 << TCG_REG_R7) | (1 << TCG_REG_R8) | (1 << TCG_REG_R9) |
+ (1 << TCG_REG_R10) | (1 << TCG_REG_R11) | (1 << TCG_REG_PC));
}
typedef struct {
--
2.25.1
[PULL 27/44] target/sh4: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-20-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/sh4/cpu.h| 4 ++--
target/sh4/cpu.c| 2 +-
target/sh4/helper.c | 9 ++---
3 files changed, 5 insertions(+), 10 deletions(-)
diff --git a/target/sh4/cpu.h b/target/sh4/cpu.h
index 01c4344082..017a770214 100644
--- a/target/sh4/cpu.h
+++ b/target/sh4/cpu.h
@@ -204,8 +204,6 @@ struct SuperHCPU {
};
-void superh_cpu_do_interrupt(CPUState *cpu);
-bool superh_cpu_exec_interrupt(CPUState *cpu, int int_req);
void superh_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
hwaddr superh_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
int superh_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
@@ -223,6 +221,8 @@ bool superh_cpu_tlb_fill(CPUState *cs, vaddr address, int
size,
void sh4_cpu_list(void);
#if !defined(CONFIG_USER_ONLY)
+void superh_cpu_do_interrupt(CPUState *cpu);
+bool superh_cpu_exec_interrupt(CPUState *cpu, int int_req);
void cpu_sh4_invalidate_tlb(CPUSH4State *s);
uint32_t cpu_sh4_read_mmaped_itlb_addr(CPUSH4State *s,
hwaddr addr);
diff --git a/target/sh4/cpu.c b/target/sh4/cpu.c
index 8326922942..2047742d03 100644
--- a/target/sh4/cpu.c
+++ b/target/sh4/cpu.c
@@ -236,10 +236,10 @@ static const struct SysemuCPUOps sh4_sysemu_ops = {
static const struct TCGCPUOps superh_tcg_ops = {
.initialize = sh4_translate_init,
.synchronize_from_tb = superh_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = superh_cpu_exec_interrupt,
.tlb_fill = superh_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = superh_cpu_exec_interrupt,
.do_interrupt = superh_cpu_do_interrupt,
.do_unaligned_access = superh_cpu_do_unaligned_access,
.io_recompile_replay_branch = superh_io_recompile_replay_branch,
diff --git a/target/sh4/helper.c b/target/sh4/helper.c
index 2d622081e8..53cb9c3b63 100644
--- a/target/sh4/helper.c
+++ b/target/sh4/helper.c
@@ -45,11 +45,6 @@
#if defined(CONFIG_USER_ONLY)
-void superh_cpu_do_interrupt(CPUState *cs)
-{
-cs->exception_index = -1;
-}
-
int cpu_sh4_is_cached(CPUSH4State *env, target_ulong addr)
{
/* For user mode, only U0 area is cacheable. */
@@ -784,8 +779,6 @@ int cpu_sh4_is_cached(CPUSH4State * env, target_ulong addr)
return 0;
}
-#endif
-
bool superh_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
if (interrupt_request & CPU_INTERRUPT_HARD) {
@@ -803,6 +796,8 @@ bool superh_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return false;
}
+#endif /* !CONFIG_USER_ONLY */
+
bool superh_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr)
--
2.25.1
[PULL 35/44] tcg/arm: Remove fallback definition of __ARM_ARCH
GCC since 4.8 provides the definition and we now require 7.5. Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson --- tcg/arm/tcg-target.h | 19 --- 1 file changed, 19 deletions(-) diff --git a/tcg/arm/tcg-target.h b/tcg/arm/tcg-target.h index d113b7f8db..18bb16c784 100644 --- a/tcg/arm/tcg-target.h +++ b/tcg/arm/tcg-target.h @@ -26,25 +26,6 @@ #ifndef ARM_TCG_TARGET_H #define ARM_TCG_TARGET_H -/* The __ARM_ARCH define is provided by gcc 4.8. Construct it otherwise. */ -#ifndef __ARM_ARCH -# if defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) \ - || defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__) \ - || defined(__ARM_ARCH_7EM__) -# define __ARM_ARCH 7 -# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) \ - || defined(__ARM_ARCH_6Z__) || defined(__ARM_ARCH_6ZK__) \ - || defined(__ARM_ARCH_6K__) || defined(__ARM_ARCH_6T2__) -# define __ARM_ARCH 6 -# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5E__) \ - || defined(__ARM_ARCH_5T__) || defined(__ARM_ARCH_5TE__) \ - || defined(__ARM_ARCH_5TEJ__) -# define __ARM_ARCH 5 -# else -# define __ARM_ARCH 4 -# endif -#endif - extern int arm_arch; #if defined(__ARM_ARCH_5T__) \ -- 2.25.1
[PULL 11/44] target/i386: Simplify TARGET_X86_64 #ifdef'ry
From: Philippe Mathieu-Daudé
Merge two TARGET_X86_64 consecutive blocks.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-4-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/i386/tcg/seg_helper.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index cef68b610a..56263e358d 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -929,9 +929,7 @@ static void do_interrupt64(CPUX86State *env, int intno, int
is_int,
e2);
env->eip = offset;
}
-#endif
-#ifdef TARGET_X86_64
void helper_sysret(CPUX86State *env, int dflag)
{
int cpl, selector;
@@ -984,7 +982,7 @@ void helper_sysret(CPUX86State *env, int dflag)
DESC_W_MASK | DESC_A_MASK);
}
}
-#endif
+#endif /* TARGET_X86_64 */
/* real mode interrupt */
static void do_interrupt_real(CPUX86State *env, int intno, int is_int,
--
2.25.1
[PULL 26/44] target/riscv: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Reviewed-by: Bin Meng
Message-Id: <20210911165434.531552-19-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/riscv/cpu.h| 2 +-
target/riscv/cpu.c| 2 +-
target/riscv/cpu_helper.c | 5 -
3 files changed, 2 insertions(+), 7 deletions(-)
diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index bf1c899c00..e735e53e26 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -334,7 +334,6 @@ int riscv_cpu_write_elf32_note(WriteCoreDumpFunction f,
CPUState *cs,
int cpuid, void *opaque);
int riscv_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
int riscv_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
-bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request);
bool riscv_cpu_fp_enabled(CPURISCVState *env);
bool riscv_cpu_virt_enabled(CPURISCVState *env);
void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable);
@@ -362,6 +361,7 @@ void riscv_cpu_list(void);
#define cpu_mmu_index riscv_cpu_mmu_index
#ifndef CONFIG_USER_ONLY
+bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request);
void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env);
int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts);
uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value);
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 1a2b03d579..13575c1408 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -644,10 +644,10 @@ static const struct SysemuCPUOps riscv_sysemu_ops = {
static const struct TCGCPUOps riscv_tcg_ops = {
.initialize = riscv_translate_init,
.synchronize_from_tb = riscv_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = riscv_cpu_exec_interrupt,
.tlb_fill = riscv_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = riscv_cpu_exec_interrupt,
.do_interrupt = riscv_cpu_do_interrupt,
.do_transaction_failed = riscv_cpu_do_transaction_failed,
.do_unaligned_access = riscv_cpu_do_unaligned_access,
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index 968cb8046f..701858d670 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -75,11 +75,9 @@ static int riscv_cpu_local_irq_pending(CPURISCVState *env)
return RISCV_EXCP_NONE; /* indicates no pending interrupt */
}
}
-#endif
bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
-#if !defined(CONFIG_USER_ONLY)
if (interrupt_request & CPU_INTERRUPT_HARD) {
RISCVCPU *cpu = RISCV_CPU(cs);
CPURISCVState *env = >env;
@@ -90,12 +88,9 @@ bool riscv_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return true;
}
}
-#endif
return false;
}
-#if !defined(CONFIG_USER_ONLY)
-
/* Return true is floating point support is currently enabled */
bool riscv_cpu_fp_enabled(CPURISCVState *env)
{
--
2.25.1
[PULL 32/44] user: Remove cpu_get_pic_interrupt() stubs
From: Philippe Mathieu-Daudé
cpu_get_pic_interrupt() is now unreachable from user-mode,
delete the unnecessary stubs.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-25-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/i386/cpu.h | 2 +-
bsd-user/i386/target_arch_cpu.c | 5 -
bsd-user/x86_64/target_arch_cpu.c | 5 -
linux-user/main.c | 7 ---
4 files changed, 1 insertion(+), 18 deletions(-)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 1a36c53c18..7dd664791a 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1836,9 +1836,9 @@ int x86_cpu_gdb_write_register(CPUState *cpu, uint8_t
*buf, int reg);
void x86_cpu_list(void);
int cpu_x86_support_mca_broadcast(CPUX86State *env);
+#ifndef CONFIG_USER_ONLY
int cpu_get_pic_interrupt(CPUX86State *s);
-#ifndef CONFIG_USER_ONLY
/* MSDOS compatibility mode FPU exception support */
void x86_register_ferr_irq(qemu_irq irq);
void fpu_check_raise_ferr_irq(CPUX86State *s);
diff --git a/bsd-user/i386/target_arch_cpu.c b/bsd-user/i386/target_arch_cpu.c
index 71998e5ba5..d349e45299 100644
--- a/bsd-user/i386/target_arch_cpu.c
+++ b/bsd-user/i386/target_arch_cpu.c
@@ -33,11 +33,6 @@ uint64_t cpu_get_tsc(CPUX86State *env)
return cpu_get_host_ticks();
}
-int cpu_get_pic_interrupt(CPUX86State *env)
-{
-return -1;
-}
-
void bsd_i386_write_dt(void *ptr, unsigned long addr, unsigned long limit,
int flags)
{
diff --git a/bsd-user/x86_64/target_arch_cpu.c
b/bsd-user/x86_64/target_arch_cpu.c
index db822e54c6..be7bd10720 100644
--- a/bsd-user/x86_64/target_arch_cpu.c
+++ b/bsd-user/x86_64/target_arch_cpu.c
@@ -33,11 +33,6 @@ uint64_t cpu_get_tsc(CPUX86State *env)
return cpu_get_host_ticks();
}
-int cpu_get_pic_interrupt(CPUX86State *env)
-{
-return -1;
-}
-
void bsd_x86_64_write_dt(void *ptr, unsigned long addr,
unsigned long limit, int flags)
{
diff --git a/linux-user/main.c b/linux-user/main.c
index a6094563b6..45bde4598d 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -120,13 +120,6 @@ const char *qemu_uname_release;
by remapping the process stack directly at the right place */
unsigned long guest_stack_size = 8 * 1024 * 1024UL;
-#if defined(TARGET_I386)
-int cpu_get_pic_interrupt(CPUX86State *env)
-{
-return -1;
-}
-#endif
-
/***/
/* Helper routines for implementing atomic operations. */
--
2.25.1
[PULL 10/44] target/i386: Restrict sysemu-only fpu_helper helpers
From: Philippe Mathieu-Daudé Restrict some sysemu-only fpu_helper helpers (see commit 83a3d9c7402: "i386: separate fpu_helper sysemu-only parts"). Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Warner Losh Reviewed-by: Richard Henderson Message-Id: <20210911165434.531552-3-f4...@amsat.org> Signed-off-by: Richard Henderson --- target/i386/cpu.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 71ae3141c3..1a36c53c18 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1837,11 +1837,14 @@ void x86_cpu_list(void); int cpu_x86_support_mca_broadcast(CPUX86State *env); int cpu_get_pic_interrupt(CPUX86State *s); + +#ifndef CONFIG_USER_ONLY /* MSDOS compatibility mode FPU exception support */ void x86_register_ferr_irq(qemu_irq irq); void fpu_check_raise_ferr_irq(CPUX86State *s); void cpu_set_ignne(void); void cpu_clear_ignne(void); +#endif /* mpx_helper.c */ void cpu_sync_bndcs_hflags(CPUX86State *env); -- 2.25.1
[PULL 28/44] target/sparc: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-21-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/sparc/cpu.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/target/sparc/cpu.c b/target/sparc/cpu.c
index da6b30ec74..5a8a4ce750 100644
--- a/target/sparc/cpu.c
+++ b/target/sparc/cpu.c
@@ -77,6 +77,7 @@ static void sparc_cpu_reset(DeviceState *dev)
env->cache_control = 0;
}
+#ifndef CONFIG_USER_ONLY
static bool sparc_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
if (interrupt_request & CPU_INTERRUPT_HARD) {
@@ -96,6 +97,7 @@ static bool sparc_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
}
return false;
}
+#endif /* !CONFIG_USER_ONLY */
static void cpu_sparc_disas_set_info(CPUState *cpu, disassemble_info *info)
{
@@ -863,10 +865,10 @@ static const struct SysemuCPUOps sparc_sysemu_ops = {
static const struct TCGCPUOps sparc_tcg_ops = {
.initialize = sparc_tcg_init,
.synchronize_from_tb = sparc_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = sparc_cpu_exec_interrupt,
.tlb_fill = sparc_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = sparc_cpu_exec_interrupt,
.do_interrupt = sparc_cpu_do_interrupt,
.do_transaction_failed = sparc_cpu_do_transaction_failed,
.do_unaligned_access = sparc_cpu_do_unaligned_access,
--
2.25.1
[PULL 05/44] tcg: Remove tcg_global_reg_new defines
From: Bin Meng
Since commit 1c2adb958fc0 ("tcg: Initialize cpu_env generically"),
these tcg_global_reg_new_ macros are not used anywhere.
Signed-off-by: Bin Meng
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20210816143507.11200-1-bmeng...@gmail.com>
Signed-off-by: Richard Henderson
---
include/tcg/tcg-op.h| 2 --
target/hppa/translate.c | 3 ---
2 files changed, 5 deletions(-)
diff --git a/include/tcg/tcg-op.h b/include/tcg/tcg-op.h
index 2a654f350c..0545a6224c 100644
--- a/include/tcg/tcg-op.h
+++ b/include/tcg/tcg-op.h
@@ -843,7 +843,6 @@ static inline void tcg_gen_plugin_cb_end(void)
#if TARGET_LONG_BITS == 32
#define tcg_temp_new() tcg_temp_new_i32()
-#define tcg_global_reg_new tcg_global_reg_new_i32
#define tcg_global_mem_new tcg_global_mem_new_i32
#define tcg_temp_local_new() tcg_temp_local_new_i32()
#define tcg_temp_free tcg_temp_free_i32
@@ -851,7 +850,6 @@ static inline void tcg_gen_plugin_cb_end(void)
#define tcg_gen_qemu_st_tl tcg_gen_qemu_st_i32
#else
#define tcg_temp_new() tcg_temp_new_i64()
-#define tcg_global_reg_new tcg_global_reg_new_i64
#define tcg_global_mem_new tcg_global_mem_new_i64
#define tcg_temp_local_new() tcg_temp_local_new_i64()
#define tcg_temp_free tcg_temp_free_i64
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 3ce22cdd09..c3698cf067 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -34,7 +34,6 @@
#undef TCGv
#undef tcg_temp_new
-#undef tcg_global_reg_new
#undef tcg_global_mem_new
#undef tcg_temp_local_new
#undef tcg_temp_free
@@ -59,7 +58,6 @@
#define TCGv_reg TCGv_i64
#define tcg_temp_new tcg_temp_new_i64
-#define tcg_global_reg_new tcg_global_reg_new_i64
#define tcg_global_mem_new tcg_global_mem_new_i64
#define tcg_temp_local_new tcg_temp_local_new_i64
#define tcg_temp_freetcg_temp_free_i64
@@ -155,7 +153,6 @@
#else
#define TCGv_reg TCGv_i32
#define tcg_temp_new tcg_temp_new_i32
-#define tcg_global_reg_new tcg_global_reg_new_i32
#define tcg_global_mem_new tcg_global_mem_new_i32
#define tcg_temp_local_new tcg_temp_local_new_i32
#define tcg_temp_freetcg_temp_free_i32
--
2.25.1
[PULL 20/44] target/m68k: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-13-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/m68k/cpu.h | 2 ++
target/m68k/cpu.c | 2 +-
target/m68k/op_helper.c | 16 +++-
3 files changed, 6 insertions(+), 14 deletions(-)
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index 997d588911..550eb028b6 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -166,8 +166,10 @@ struct M68kCPU {
};
+#ifndef CONFIG_USER_ONLY
void m68k_cpu_do_interrupt(CPUState *cpu);
bool m68k_cpu_exec_interrupt(CPUState *cpu, int int_req);
+#endif /* !CONFIG_USER_ONLY */
void m68k_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
hwaddr m68k_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
int m68k_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
diff --git a/target/m68k/cpu.c b/target/m68k/cpu.c
index 72de6e9726..66d22d1189 100644
--- a/target/m68k/cpu.c
+++ b/target/m68k/cpu.c
@@ -515,10 +515,10 @@ static const struct SysemuCPUOps m68k_sysemu_ops = {
static const struct TCGCPUOps m68k_tcg_ops = {
.initialize = m68k_tcg_init,
-.cpu_exec_interrupt = m68k_cpu_exec_interrupt,
.tlb_fill = m68k_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = m68k_cpu_exec_interrupt,
.do_interrupt = m68k_cpu_do_interrupt,
.do_transaction_failed = m68k_cpu_transaction_failed,
#endif /* !CONFIG_USER_ONLY */
diff --git a/target/m68k/op_helper.c b/target/m68k/op_helper.c
index d006d1cb3e..5d624838ae 100644
--- a/target/m68k/op_helper.c
+++ b/target/m68k/op_helper.c
@@ -24,18 +24,7 @@
#include "semihosting/semihost.h"
#include "tcg/tcg.h"
-#if defined(CONFIG_USER_ONLY)
-
-void m68k_cpu_do_interrupt(CPUState *cs)
-{
-cs->exception_index = -1;
-}
-
-static inline void do_interrupt_m68k_hardirq(CPUM68KState *env)
-{
-}
-
-#else
+#if !defined(CONFIG_USER_ONLY)
static void cf_rte(CPUM68KState *env)
{
@@ -516,7 +505,6 @@ void m68k_cpu_transaction_failed(CPUState *cs, hwaddr
physaddr, vaddr addr,
cpu_loop_exit(cs);
}
}
-#endif
bool m68k_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
@@ -538,6 +526,8 @@ bool m68k_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return false;
}
+#endif /* !CONFIG_USER_ONLY */
+
static void raise_exception_ra(CPUM68KState *env, int tt, uintptr_t raddr)
{
CPUState *cs = env_cpu(env);
--
2.25.1
[PULL 08/44] tcg/arm: Fix tcg_out_vec_op function signature
From: "Jose R. Ziviani"
Commit 5e8892db93 fixed several function signatures but tcg_out_vec_op
for arm is missing. It causes a build error on armv6 and armv7:
tcg-target.c.inc:2718:42: error: argument 5 of type 'const TCGArg *'
{aka 'const unsigned int *'} declared as a pointer [-Werror=array-parameter=]
const TCGArg *args, const int *const_args)
~~^~~~
../tcg/tcg.c:120:41: note: previously declared as an array 'const TCGArg[16]'
{aka 'const unsigned int[16]'}
const TCGArg args[TCG_MAX_OP_ARGS],
~~^~~~
Signed-off-by: Jose R. Ziviani
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20210908185338.7927-1-jzivi...@suse.de>
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index 007ceee68e..e5b4f86841 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -2715,7 +2715,8 @@ static const ARMInsn vec_cmp0_insn[16] = {
static void tcg_out_vec_op(TCGContext *s, TCGOpcode opc,
unsigned vecl, unsigned vece,
- const TCGArg *args, const int *const_args)
+ const TCGArg args[TCG_MAX_OP_ARGS],
+ const int const_args[TCG_MAX_OP_ARGS])
{
TCGType type = vecl + TCG_TYPE_V64;
unsigned q = vecl;
--
2.25.1
[PULL 18/44] target/i386: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-11-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/i386/tcg/helper-tcg.h | 2 ++
target/i386/tcg/seg_helper.c | 10 ++
target/i386/tcg/tcg-cpu.c| 2 +-
3 files changed, 5 insertions(+), 9 deletions(-)
diff --git a/target/i386/tcg/helper-tcg.h b/target/i386/tcg/helper-tcg.h
index 2510cc244e..60ca09e95e 100644
--- a/target/i386/tcg/helper-tcg.h
+++ b/target/i386/tcg/helper-tcg.h
@@ -38,7 +38,9 @@ QEMU_BUILD_BUG_ON(TCG_PHYS_ADDR_BITS >
TARGET_PHYS_ADDR_SPACE_BITS);
* @cpu: vCPU the interrupt is to be handled by.
*/
void x86_cpu_do_interrupt(CPUState *cpu);
+#ifndef CONFIG_USER_ONLY
bool x86_cpu_exec_interrupt(CPUState *cpu, int int_req);
+#endif
/* helper.c */
bool x86_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index 56263e358d..4e6f26a7b7 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -1110,6 +1110,7 @@ void do_interrupt_x86_hardirq(CPUX86State *env, int
intno, int is_hw)
do_interrupt_all(env_archcpu(env), intno, 0, 0, 0, is_hw);
}
+#ifndef CONFIG_USER_ONLY
bool x86_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
X86CPU *cpu = X86_CPU(cs);
@@ -1125,23 +1126,17 @@ bool x86_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
* This is required to make icount-driven execution deterministic.
*/
switch (interrupt_request) {
-#if !defined(CONFIG_USER_ONLY)
case CPU_INTERRUPT_POLL:
cs->interrupt_request &= ~CPU_INTERRUPT_POLL;
apic_poll_irq(cpu->apic_state);
break;
-#endif
case CPU_INTERRUPT_SIPI:
do_cpu_sipi(cpu);
break;
case CPU_INTERRUPT_SMI:
cpu_svm_check_intercept_param(env, SVM_EXIT_SMI, 0, 0);
cs->interrupt_request &= ~CPU_INTERRUPT_SMI;
-#ifdef CONFIG_USER_ONLY
-cpu_abort(CPU(cpu), "SMI interrupt: cannot enter SMM in user-mode");
-#else
do_smm_enter(cpu);
-#endif /* CONFIG_USER_ONLY */
break;
case CPU_INTERRUPT_NMI:
cpu_svm_check_intercept_param(env, SVM_EXIT_NMI, 0, 0);
@@ -1162,7 +1157,6 @@ bool x86_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
"Servicing hardware INT=0x%02x\n", intno);
do_interrupt_x86_hardirq(env, intno, 1);
break;
-#if !defined(CONFIG_USER_ONLY)
case CPU_INTERRUPT_VIRQ:
cpu_svm_check_intercept_param(env, SVM_EXIT_VINTR, 0, 0);
intno = x86_ldl_phys(cs, env->vm_vmcb
@@ -1173,12 +1167,12 @@ bool x86_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
cs->interrupt_request &= ~CPU_INTERRUPT_VIRQ;
env->int_ctl &= ~V_IRQ_MASK;
break;
-#endif
}
/* Ensure that no TB jump will be modified as the program flow was
changed. */
return true;
}
+#endif /* CONFIG_USER_ONLY */
void helper_lldt(CPUX86State *env, int selector)
{
diff --git a/target/i386/tcg/tcg-cpu.c b/target/i386/tcg/tcg-cpu.c
index 04c35486a2..3ecfae34cb 100644
--- a/target/i386/tcg/tcg-cpu.c
+++ b/target/i386/tcg/tcg-cpu.c
@@ -72,12 +72,12 @@ static const struct TCGCPUOps x86_tcg_ops = {
.synchronize_from_tb = x86_cpu_synchronize_from_tb,
.cpu_exec_enter = x86_cpu_exec_enter,
.cpu_exec_exit = x86_cpu_exec_exit,
-.cpu_exec_interrupt = x86_cpu_exec_interrupt,
.tlb_fill = x86_cpu_tlb_fill,
#ifdef CONFIG_USER_ONLY
.fake_user_interrupt = x86_cpu_do_interrupt,
#else
.do_interrupt = x86_cpu_do_interrupt,
+.cpu_exec_interrupt = x86_cpu_exec_interrupt,
.debug_excp_handler = breakpoint_handler,
.debug_check_breakpoint = x86_debug_check_breakpoint,
#endif /* !CONFIG_USER_ONLY */
--
2.25.1
[PULL 22/44] target/mips: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-15-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/mips/tcg/tcg-internal.h | 5 +++--
target/mips/cpu.c | 2 +-
target/mips/tcg/exception.c | 18 --
target/mips/tcg/sysemu/tlb_helper.c | 18 ++
target/mips/tcg/user/tlb_helper.c | 5 -
5 files changed, 22 insertions(+), 26 deletions(-)
diff --git a/target/mips/tcg/tcg-internal.h b/target/mips/tcg/tcg-internal.h
index 81b14eb219..c7a77ddccd 100644
--- a/target/mips/tcg/tcg-internal.h
+++ b/target/mips/tcg/tcg-internal.h
@@ -18,8 +18,6 @@
void mips_tcg_init(void);
void mips_cpu_synchronize_from_tb(CPUState *cs, const TranslationBlock *tb);
-void mips_cpu_do_interrupt(CPUState *cpu);
-bool mips_cpu_exec_interrupt(CPUState *cpu, int int_req);
bool mips_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr);
@@ -41,6 +39,9 @@ static inline void QEMU_NORETURN
do_raise_exception(CPUMIPSState *env,
#if !defined(CONFIG_USER_ONLY)
+void mips_cpu_do_interrupt(CPUState *cpu);
+bool mips_cpu_exec_interrupt(CPUState *cpu, int int_req);
+
void mmu_init(CPUMIPSState *env, const mips_def_t *def);
void update_pagemask(CPUMIPSState *env, target_ulong arg1, int32_t *pagemask);
diff --git a/target/mips/cpu.c b/target/mips/cpu.c
index d426918291..00e0c55d0e 100644
--- a/target/mips/cpu.c
+++ b/target/mips/cpu.c
@@ -539,10 +539,10 @@ static const struct SysemuCPUOps mips_sysemu_ops = {
static const struct TCGCPUOps mips_tcg_ops = {
.initialize = mips_tcg_init,
.synchronize_from_tb = mips_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = mips_cpu_exec_interrupt,
.tlb_fill = mips_cpu_tlb_fill,
#if !defined(CONFIG_USER_ONLY)
+.cpu_exec_interrupt = mips_cpu_exec_interrupt,
.do_interrupt = mips_cpu_do_interrupt,
.do_transaction_failed = mips_cpu_do_transaction_failed,
.do_unaligned_access = mips_cpu_do_unaligned_access,
diff --git a/target/mips/tcg/exception.c b/target/mips/tcg/exception.c
index 4fb8b00711..7b3026b105 100644
--- a/target/mips/tcg/exception.c
+++ b/target/mips/tcg/exception.c
@@ -86,24 +86,6 @@ void mips_cpu_synchronize_from_tb(CPUState *cs, const
TranslationBlock *tb)
env->hflags |= tb->flags & MIPS_HFLAG_BMASK;
}
-bool mips_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
-{
-if (interrupt_request & CPU_INTERRUPT_HARD) {
-MIPSCPU *cpu = MIPS_CPU(cs);
-CPUMIPSState *env = >env;
-
-if (cpu_mips_hw_interrupts_enabled(env) &&
-cpu_mips_hw_interrupts_pending(env)) {
-/* Raise it */
-cs->exception_index = EXCP_EXT_INTERRUPT;
-env->error_code = 0;
-mips_cpu_do_interrupt(cs);
-return true;
-}
-}
-return false;
-}
-
static const char * const excp_names[EXCP_LAST + 1] = {
[EXCP_RESET] = "reset",
[EXCP_SRESET] = "soft reset",
diff --git a/target/mips/tcg/sysemu/tlb_helper.c
b/target/mips/tcg/sysemu/tlb_helper.c
index a150a014ec..73254d1929 100644
--- a/target/mips/tcg/sysemu/tlb_helper.c
+++ b/target/mips/tcg/sysemu/tlb_helper.c
@@ -1339,6 +1339,24 @@ void mips_cpu_do_interrupt(CPUState *cs)
cs->exception_index = EXCP_NONE;
}
+bool mips_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
+{
+if (interrupt_request & CPU_INTERRUPT_HARD) {
+MIPSCPU *cpu = MIPS_CPU(cs);
+CPUMIPSState *env = >env;
+
+if (cpu_mips_hw_interrupts_enabled(env) &&
+cpu_mips_hw_interrupts_pending(env)) {
+/* Raise it */
+cs->exception_index = EXCP_EXT_INTERRUPT;
+env->error_code = 0;
+mips_cpu_do_interrupt(cs);
+return true;
+}
+}
+return false;
+}
+
void r4k_invalidate_tlb(CPUMIPSState *env, int idx, int use_extra)
{
CPUState *cs = env_cpu(env);
diff --git a/target/mips/tcg/user/tlb_helper.c
b/target/mips/tcg/user/tlb_helper.c
index b835144b82..210c6d529e 100644
--- a/target/mips/tcg/user/tlb_helper.c
+++ b/target/mips/tcg/user/tlb_helper.c
@@ -57,8 +57,3 @@ bool mips_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
raise_mmu_exception(env, address, access_type);
do_raise_exception_err(env, cs->exception_index, env->error_code, retaddr);
}
-
-void mips_cpu_do_interrupt(CPUState *cs)
-{
-cs->exception_index = EXCP_NONE;
-}
--
2.25.1
[PULL 17/44] target/hppa: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-10-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/hppa/cpu.h| 4 ++--
target/hppa/cpu.c| 2 +-
target/hppa/int_helper.c | 7 ++-
3 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/target/hppa/cpu.h b/target/hppa/cpu.h
index 748270bfa3..7854675b90 100644
--- a/target/hppa/cpu.h
+++ b/target/hppa/cpu.h
@@ -325,13 +325,13 @@ int cpu_hppa_signal_handler(int host_signum, void *pinfo,
void *puc);
hwaddr hppa_cpu_get_phys_page_debug(CPUState *cs, vaddr addr);
int hppa_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
int hppa_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
-void hppa_cpu_do_interrupt(CPUState *cpu);
-bool hppa_cpu_exec_interrupt(CPUState *cpu, int int_req);
void hppa_cpu_dump_state(CPUState *cs, FILE *f, int);
bool hppa_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr);
#ifndef CONFIG_USER_ONLY
+void hppa_cpu_do_interrupt(CPUState *cpu);
+bool hppa_cpu_exec_interrupt(CPUState *cpu, int int_req);
int hppa_get_physical_address(CPUHPPAState *env, vaddr addr, int mmu_idx,
int type, hwaddr *pphys, int *pprot);
extern const MemoryRegionOps hppa_io_eir_ops;
diff --git a/target/hppa/cpu.c b/target/hppa/cpu.c
index 2eace4ee12..e8edd189bf 100644
--- a/target/hppa/cpu.c
+++ b/target/hppa/cpu.c
@@ -144,10 +144,10 @@ static const struct SysemuCPUOps hppa_sysemu_ops = {
static const struct TCGCPUOps hppa_tcg_ops = {
.initialize = hppa_translate_init,
.synchronize_from_tb = hppa_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = hppa_cpu_exec_interrupt,
.tlb_fill = hppa_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = hppa_cpu_exec_interrupt,
.do_interrupt = hppa_cpu_do_interrupt,
.do_unaligned_access = hppa_cpu_do_unaligned_access,
#endif /* !CONFIG_USER_ONLY */
diff --git a/target/hppa/int_helper.c b/target/hppa/int_helper.c
index 349495d361..13073ae2bd 100644
--- a/target/hppa/int_helper.c
+++ b/target/hppa/int_helper.c
@@ -88,7 +88,6 @@ void HELPER(write_eiem)(CPUHPPAState *env, target_ureg val)
eval_interrupt(env_archcpu(env));
qemu_mutex_unlock_iothread();
}
-#endif /* !CONFIG_USER_ONLY */
void hppa_cpu_do_interrupt(CPUState *cs)
{
@@ -100,7 +99,6 @@ void hppa_cpu_do_interrupt(CPUState *cs)
uint64_t iasq_f = env->iasq_f;
uint64_t iasq_b = env->iasq_b;
-#ifndef CONFIG_USER_ONLY
target_ureg old_psw;
/* As documented in pa2.0 -- interruption handling. */
@@ -187,7 +185,6 @@ void hppa_cpu_do_interrupt(CPUState *cs)
env->iaoq_b = env->iaoq_f + 4;
env->iasq_f = 0;
env->iasq_b = 0;
-#endif
if (qemu_loglevel_mask(CPU_LOG_INT)) {
static const char * const names[] = {
@@ -248,7 +245,6 @@ void hppa_cpu_do_interrupt(CPUState *cs)
bool hppa_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
-#ifndef CONFIG_USER_ONLY
HPPACPU *cpu = HPPA_CPU(cs);
CPUHPPAState *env = >env;
@@ -258,6 +254,7 @@ bool hppa_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
hppa_cpu_do_interrupt(cs);
return true;
}
-#endif
return false;
}
+
+#endif /* !CONFIG_USER_ONLY */
--
2.25.1
[PULL 00/44] tcg patch queue, v2
Version 2 drops the bswap patch that caused such problems
on the various BSDs; I'll have to look at that further.
In the meantime I've also been collecting more pending
patches, and I might as well include them now.
r~
The following changes since commit 7d79344d4fa44e520e6e89f8fed9a27d3d554a9b:
Merge remote-tracking branch 'remotes/bonzini-gitlab/tags/for-upstream' into
staging (2021-09-13 13:33:21 +0100)
are available in the Git repository at:
https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20210913
for you to fetch changes up to 5b778e9b4e0e0a37a86200e6af322b2a9b69c62e:
tcg/arm: More use of the TCGReg enum (2021-09-13 12:09:05 -0700)
Fix translation race condition for user-only.
Fix tcg/i386 encoding for VPSLLVQ, VPSRLVQ.
Fix tcg/arm tcg_out_vec_op signature.
Fix tcg/ppc (32bit) build with clang.
Remove dupluate TCG_KICK_PERIOD definition.
Remove unused tcg_global_reg_new.
Restrict cpu_exec_interrupt and its callees to sysemu.
Cleanups for tcg/arm.
Bin Meng (1):
tcg: Remove tcg_global_reg_new defines
Ilya Leoshkevich (3):
accel/tcg: Add DisasContextBase argument to translator_ld*
accel/tcg: Clear PAGE_WRITE before translation
accel/tcg/user-exec: Fix read-modify-write of code on s390 hosts
Jose R. Ziviani (1):
tcg/arm: Fix tcg_out_vec_op function signature
Luc Michel (1):
accel/tcg: remove redundant TCG_KICK_PERIOD define
Philippe Mathieu-Daudé (25):
target/avr: Remove pointless use of CONFIG_USER_ONLY definition
target/i386: Restrict sysemu-only fpu_helper helpers
target/i386: Simplify TARGET_X86_64 #ifdef'ry
target/xtensa: Restrict do_transaction_failed() to sysemu
accel/tcg: Rename user-mode do_interrupt hack as fake_user_interrupt
target/alpha: Restrict cpu_exec_interrupt() handler to sysemu
target/arm: Restrict cpu_exec_interrupt() handler to sysemu
target/cris: Restrict cpu_exec_interrupt() handler to sysemu
target/hppa: Restrict cpu_exec_interrupt() handler to sysemu
target/i386: Restrict cpu_exec_interrupt() handler to sysemu
target/i386: Move x86_cpu_exec_interrupt() under sysemu/ folder
target/m68k: Restrict cpu_exec_interrupt() handler to sysemu
target/microblaze: Restrict cpu_exec_interrupt() handler to sysemu
target/mips: Restrict cpu_exec_interrupt() handler to sysemu
target/nios2: Restrict cpu_exec_interrupt() handler to sysemu
target/openrisc: Restrict cpu_exec_interrupt() handler to sysemu
target/ppc: Restrict cpu_exec_interrupt() handler to sysemu
target/riscv: Restrict cpu_exec_interrupt() handler to sysemu
target/sh4: Restrict cpu_exec_interrupt() handler to sysemu
target/sparc: Restrict cpu_exec_interrupt() handler to sysemu
target/rx: Restrict cpu_exec_interrupt() handler to sysemu
target/xtensa: Restrict cpu_exec_interrupt() handler to sysemu
accel/tcg: Restrict TCGCPUOps::cpu_exec_interrupt() to sysemu
user: Remove cpu_get_pic_interrupt() stubs
user: Mark cpu_loop() with noreturn attribute
Richard Henderson (13):
tcg/i386: Split P_VEXW from P_REXW
tcg/ppc: Replace TCG_TARGET_CALL_DARWIN with _CALL_DARWIN
tcg/ppc: Ensure _CALL_SYSV is set for 32-bit ELF
tcg/arm: Remove fallback definition of __ARM_ARCH
tcg/arm: Standardize on tcg_out__{reg,imm}
tcg/arm: Simplify use_armv5t_instructions
tcg/arm: Support armv4t in tcg_out_goto and tcg_out_call
tcg/arm: Split out tcg_out_ldstm
tcg/arm: Simplify usage of encode_imm
tcg/arm: Drop inline markers
tcg/arm: Give enum arm_cond_code_e a typedef and use it
tcg/arm: More use of the ARMInsn enum
tcg/arm: More use of the TCGReg enum
bsd-user/qemu.h | 2 +-
include/exec/translate-all.h | 1 +
include/exec/translator.h | 44 +--
include/hw/core/tcg-cpu-ops.h | 26 +-
include/tcg/tcg-op.h | 2 -
linux-user/qemu.h | 2 +-
target/alpha/cpu.h| 2 +-
target/arm/arm_ldst.h | 12 +-
target/arm/cpu.h | 3 +-
target/cris/cpu.h | 2 +-
target/hppa/cpu.h | 4 +-
target/i386/cpu.h | 3 +
target/i386/tcg/helper-tcg.h | 2 +
target/m68k/cpu.h | 2 +
target/microblaze/cpu.h | 2 +
target/mips/tcg/tcg-internal.h| 5 +-
target/openrisc/cpu.h | 5 +-
target/ppc/cpu.h | 4 +-
target/riscv/cpu.h| 2 +-
target/rx/cpu.h | 2 +
target/sh4/cpu.h | 4 +-
target/xtensa/cpu.h
[PULL 41/44] tcg/arm: Drop inline markers
Let the compiler decide about inlining.
Remove tcg_out_nop as unused.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 234 +++
1 file changed, 114 insertions(+), 120 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index 1931cea1ca..529728fbbe 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -417,7 +417,7 @@ static int encode_imm_nofail(uint32_t imm)
return ret;
}
-static inline int check_fit_imm(uint32_t imm)
+static bool check_fit_imm(uint32_t imm)
{
return encode_imm(imm) >= 0;
}
@@ -547,42 +547,37 @@ static bool tcg_target_const_match(int64_t val, TCGType
type, int ct)
return 0;
}
-static inline void tcg_out_b_imm(TCGContext *s, int cond, int32_t offset)
+static void tcg_out_b_imm(TCGContext *s, int cond, int32_t offset)
{
tcg_out32(s, (cond << 28) | 0x0a00 |
(((offset - 8) >> 2) & 0x00ff));
}
-static inline void tcg_out_bl_imm(TCGContext *s, int cond, int32_t offset)
+static void tcg_out_bl_imm(TCGContext *s, int cond, int32_t offset)
{
tcg_out32(s, (cond << 28) | 0x0b00 |
(((offset - 8) >> 2) & 0x00ff));
}
-static inline void tcg_out_blx_reg(TCGContext *s, int cond, int rn)
+static void tcg_out_blx_reg(TCGContext *s, int cond, int rn)
{
tcg_out32(s, (cond << 28) | 0x012fff30 | rn);
}
-static inline void tcg_out_blx_imm(TCGContext *s, int32_t offset)
+static void tcg_out_blx_imm(TCGContext *s, int32_t offset)
{
tcg_out32(s, 0xfa00 | ((offset & 2) << 23) |
(((offset - 8) >> 2) & 0x00ff));
}
-static inline void tcg_out_dat_reg(TCGContext *s,
+static void tcg_out_dat_reg(TCGContext *s,
int cond, int opc, int rd, int rn, int rm, int shift)
{
tcg_out32(s, (cond << 28) | (0 << 25) | opc |
(rn << 16) | (rd << 12) | shift | rm);
}
-static inline void tcg_out_nop(TCGContext *s)
-{
-tcg_out32(s, INSN_NOP);
-}
-
-static inline void tcg_out_mov_reg(TCGContext *s, int cond, int rd, int rm)
+static void tcg_out_mov_reg(TCGContext *s, int cond, int rd, int rm)
{
/* Simple reg-reg move, optimising out the 'do nothing' case */
if (rd != rm) {
@@ -608,8 +603,8 @@ static void tcg_out_b_reg(TCGContext *s, int cond, TCGReg
rn)
}
}
-static inline void tcg_out_dat_imm(TCGContext *s,
-int cond, int opc, int rd, int rn, int im)
+static void tcg_out_dat_imm(TCGContext *s, int cond, int opc,
+int rd, int rn, int im)
{
tcg_out32(s, (cond << 28) | (1 << 25) | opc |
(rn << 16) | (rd << 12) | im);
@@ -654,141 +649,141 @@ static void tcg_out_memop_12(TCGContext *s, int cond,
ARMInsn opc, TCGReg rt,
(rn << 16) | (rt << 12) | imm12);
}
-static inline void tcg_out_ld32_12(TCGContext *s, int cond, TCGReg rt,
- TCGReg rn, int imm12)
+static void tcg_out_ld32_12(TCGContext *s, int cond, TCGReg rt,
+TCGReg rn, int imm12)
{
tcg_out_memop_12(s, cond, INSN_LDR_IMM, rt, rn, imm12, 1, 0);
}
-static inline void tcg_out_st32_12(TCGContext *s, int cond, TCGReg rt,
- TCGReg rn, int imm12)
+static void tcg_out_st32_12(TCGContext *s, int cond, TCGReg rt,
+TCGReg rn, int imm12)
{
tcg_out_memop_12(s, cond, INSN_STR_IMM, rt, rn, imm12, 1, 0);
}
-static inline void tcg_out_ld32_r(TCGContext *s, int cond, TCGReg rt,
- TCGReg rn, TCGReg rm)
+static void tcg_out_ld32_r(TCGContext *s, int cond, TCGReg rt,
+ TCGReg rn, TCGReg rm)
{
tcg_out_memop_r(s, cond, INSN_LDR_REG, rt, rn, rm, 1, 1, 0);
}
-static inline void tcg_out_st32_r(TCGContext *s, int cond, TCGReg rt,
- TCGReg rn, TCGReg rm)
+static void tcg_out_st32_r(TCGContext *s, int cond, TCGReg rt,
+ TCGReg rn, TCGReg rm)
{
tcg_out_memop_r(s, cond, INSN_STR_REG, rt, rn, rm, 1, 1, 0);
}
-static inline void tcg_out_ldrd_8(TCGContext *s, int cond, TCGReg rt,
- TCGReg rn, int imm8)
+static void tcg_out_ldrd_8(TCGContext *s, int cond, TCGReg rt,
+ TCGReg rn, int imm8)
{
tcg_out_memop_8(s, cond, INSN_LDRD_IMM, rt, rn, imm8, 1, 0);
}
-static inline void tcg_out_ldrd_r(TCGContext *s, int cond, TCGReg rt,
- TCGReg rn, TCGReg rm)
+static void tcg_out_ldrd_r(TCGContext *s, int cond, TCGReg rt,
+ TCGReg rn, TCGReg rm)
{
tcg_out_memop_r(s, cond, INSN_LDRD_REG, rt, rn, rm, 1, 1, 0);
}
-static inline void tcg_out_ldrd_rwb(TCGContext *s, int cond, TCGReg rt,
-TCGReg rn, TCGReg rm)
+static void __attribute__((unused))
[PULL 07/44] tcg/ppc: Ensure _CALL_SYSV is set for 32-bit ELF
Clang only sets _CALL_ELF for ppc64, and nothing at all to specify the ABI for ppc32. Make a good guess based on other symbols. Reported-by: Brad Smith Signed-off-by: Richard Henderson --- tcg/ppc/tcg-target.c.inc | 21 ++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/tcg/ppc/tcg-target.c.inc b/tcg/ppc/tcg-target.c.inc index 2202ce017e..5e1fac914a 100644 --- a/tcg/ppc/tcg-target.c.inc +++ b/tcg/ppc/tcg-target.c.inc @@ -25,9 +25,24 @@ #include "elf.h" #include "../tcg-pool.c.inc" -#if !defined _CALL_DARWIN && defined __APPLE__ -#define _CALL_DARWIN 1 -#endif +/* + * Standardize on the _CALL_FOO symbols used by GCC: + * Apple XCode does not define _CALL_DARWIN. + * Clang defines _CALL_ELF (64-bit) but not _CALL_SYSV (32-bit). + */ +#if !defined(_CALL_SYSV) && \ +!defined(_CALL_DARWIN) && \ +!defined(_CALL_AIX) && \ +!defined(_CALL_ELF) +# if defined(__APPLE__) +# define _CALL_DARWIN +# elif defined(__ELF__) && TCG_TARGET_REG_BITS == 32 +# define _CALL_SYSV +# else +# error "Unknown ABI" +# endif +#endif + #ifdef _CALL_SYSV # define TCG_TARGET_CALL_ALIGN_ARGS 1 #endif -- 2.25.1
[PULL 12/44] target/xtensa: Restrict do_transaction_failed() to sysemu
From: Philippe Mathieu-Daudé
The do_transaction_failed() is restricted to system emulation since
commit cbc183d2d9f ("cpu: move cc->transaction_failed to tcg_ops").
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-5-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/xtensa/cpu.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/target/xtensa/cpu.h b/target/xtensa/cpu.h
index 2345cb59c7..1e0cb1535c 100644
--- a/target/xtensa/cpu.h
+++ b/target/xtensa/cpu.h
@@ -568,10 +568,12 @@ bool xtensa_cpu_tlb_fill(CPUState *cs, vaddr address, int
size,
bool probe, uintptr_t retaddr);
void xtensa_cpu_do_interrupt(CPUState *cpu);
bool xtensa_cpu_exec_interrupt(CPUState *cpu, int interrupt_request);
+#ifndef CONFIG_USER_ONLY
void xtensa_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, vaddr
addr,
unsigned size, MMUAccessType access_type,
int mmu_idx, MemTxAttrs attrs,
MemTxResult response, uintptr_t retaddr);
+#endif /* !CONFIG_USER_ONLY */
void xtensa_cpu_dump_state(CPUState *cpu, FILE *f, int flags);
hwaddr xtensa_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
void xtensa_count_regs(const XtensaConfig *config,
--
2.25.1
[PULL 36/44] tcg/arm: Standardize on tcg_out__{reg,imm}
Some of the functions specified _reg, some _imm, and some
left it blank. Make it clearer to which we are referring.
Split tcg_out_b_reg from tcg_out_bx_reg, to indicate when
we do not actually require BX semantics.
Reviewed-by: Peter Maydell
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Richard Henderson
---
tcg/arm/tcg-target.c.inc | 38 ++
1 file changed, 22 insertions(+), 16 deletions(-)
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index e5b4f86841..7d15c36f85 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -525,19 +525,19 @@ static bool tcg_target_const_match(int64_t val, TCGType
type, int ct)
return 0;
}
-static inline void tcg_out_b(TCGContext *s, int cond, int32_t offset)
+static inline void tcg_out_b_imm(TCGContext *s, int cond, int32_t offset)
{
tcg_out32(s, (cond << 28) | 0x0a00 |
(((offset - 8) >> 2) & 0x00ff));
}
-static inline void tcg_out_bl(TCGContext *s, int cond, int32_t offset)
+static inline void tcg_out_bl_imm(TCGContext *s, int cond, int32_t offset)
{
tcg_out32(s, (cond << 28) | 0x0b00 |
(((offset - 8) >> 2) & 0x00ff));
}
-static inline void tcg_out_blx(TCGContext *s, int cond, int rn)
+static inline void tcg_out_blx_reg(TCGContext *s, int cond, int rn)
{
tcg_out32(s, (cond << 28) | 0x012fff30 | rn);
}
@@ -568,13 +568,19 @@ static inline void tcg_out_mov_reg(TCGContext *s, int
cond, int rd, int rm)
}
}
-static inline void tcg_out_bx(TCGContext *s, int cond, TCGReg rn)
+static void tcg_out_bx_reg(TCGContext *s, int cond, TCGReg rn)
{
-/* Unless the C portion of QEMU is compiled as thumb, we don't
- actually need true BX semantics; merely a branch to an address
- held in a register. */
+tcg_out32(s, (cond << 28) | 0x012fff10 | rn);
+}
+
+static void tcg_out_b_reg(TCGContext *s, int cond, TCGReg rn)
+{
+/*
+ * Unless the C portion of QEMU is compiled as thumb, we don't need
+ * true BX semantics; merely a branch to an address held in a register.
+ */
if (use_armv5t_instructions) {
-tcg_out32(s, (cond << 28) | 0x012fff10 | rn);
+tcg_out_bx_reg(s, cond, rn);
} else {
tcg_out_mov_reg(s, cond, TCG_REG_PC, rn);
}
@@ -1215,7 +1221,7 @@ static void tcg_out_goto(TCGContext *s, int cond, const
tcg_insn_unit *addr)
ptrdiff_t disp = tcg_pcrel_diff(s, addr);
if ((addri & 1) == 0 && disp - 8 < 0x01fd && disp - 8 > -0x01fd) {
-tcg_out_b(s, cond, disp);
+tcg_out_b_imm(s, cond, disp);
return;
}
tcg_out_movi_pool(s, cond, TCG_REG_PC, addri);
@@ -1236,11 +1242,11 @@ static void tcg_out_call(TCGContext *s, const
tcg_insn_unit *addr)
}
tcg_out_blx_imm(s, disp);
} else {
-tcg_out_bl(s, COND_AL, disp);
+tcg_out_bl_imm(s, COND_AL, disp);
}
} else if (use_armv7_instructions) {
tcg_out_movi32(s, COND_AL, TCG_REG_TMP, addri);
-tcg_out_blx(s, COND_AL, TCG_REG_TMP);
+tcg_out_blx_reg(s, COND_AL, TCG_REG_TMP);
} else {
/* ??? Know that movi_pool emits exactly 1 insn. */
tcg_out_dat_imm(s, COND_AL, ARITH_ADD, TCG_REG_R14, TCG_REG_PC, 0);
@@ -1254,7 +1260,7 @@ static inline void tcg_out_goto_label(TCGContext *s, int
cond, TCGLabel *l)
tcg_out_goto(s, cond, l->u.value_ptr);
} else {
tcg_out_reloc(s, s->code_ptr, R_ARM_PC24, l, 0);
-tcg_out_b(s, cond, 0);
+tcg_out_b_imm(s, cond, 0);
}
}
@@ -1823,7 +1829,7 @@ static void tcg_out_qemu_ld(TCGContext *s, const TCGArg
*args, bool is64)
/* This a conditional BL only to load a pointer within this opcode into LR
for the slow path. We will not be using the value for a tail call. */
label_ptr = s->code_ptr;
-tcg_out_bl(s, COND_NE, 0);
+tcg_out_bl_imm(s, COND_NE, 0);
tcg_out_qemu_ld_index(s, opc, datalo, datahi, addrlo, addend);
@@ -1929,7 +1935,7 @@ static void tcg_out_qemu_st(TCGContext *s, const TCGArg
*args, bool is64)
/* The conditional call must come last, as we're going to return here. */
label_ptr = s->code_ptr;
-tcg_out_bl(s, COND_NE, 0);
+tcg_out_bl_imm(s, COND_NE, 0);
add_qemu_ldst_label(s, false, oi, datalo, datahi, addrlo, addrhi,
s->code_ptr, label_ptr);
@@ -1982,7 +1988,7 @@ static inline void tcg_out_op(TCGContext *s, TCGOpcode
opc,
}
break;
case INDEX_op_goto_ptr:
-tcg_out_bx(s, COND_AL, args[0]);
+tcg_out_b_reg(s, COND_AL, args[0]);
break;
case INDEX_op_br:
tcg_out_goto_label(s, COND_AL, arg_label(args[0]));
@@ -3066,7 +3072,7 @@ static void tcg_target_qemu_prologue(TCGContext *s)
tcg_out_mov(s, TCG_TYPE_PTR, TCG_AREG0, tcg_target_call_iarg_regs[0]);
-tcg_out_bx(s, COND_AL, tcg_target_call_iarg_regs[1]);
+
[PULL 09/44] target/avr: Remove pointless use of CONFIG_USER_ONLY definition
From: Philippe Mathieu-Daudé
Commit f1c671f96cb ("target/avr: Introduce basic CPU class object")
added to target/avr/cpu.h:
#ifdef CONFIG_USER_ONLY
#error "AVR 8-bit does not support user mode"
#endif
Remove the CONFIG_USER_ONLY definition introduced by mistake in
commit 78271684719 ("cpu: tcg_ops: move to tcg-cpu-ops.h, keep a
pointer in CPUClass").
Reported-by: Richard Henderson
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Reviewed-By: Warner Losh
Message-Id: <20210911165434.531552-2-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/avr/cpu.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/target/avr/cpu.c b/target/avr/cpu.c
index ea14175ca5..5d70e34dd5 100644
--- a/target/avr/cpu.c
+++ b/target/avr/cpu.c
@@ -197,10 +197,7 @@ static const struct TCGCPUOps avr_tcg_ops = {
.synchronize_from_tb = avr_cpu_synchronize_from_tb,
.cpu_exec_interrupt = avr_cpu_exec_interrupt,
.tlb_fill = avr_cpu_tlb_fill,
-
-#ifndef CONFIG_USER_ONLY
.do_interrupt = avr_cpu_do_interrupt,
-#endif /* !CONFIG_USER_ONLY */
};
static void avr_cpu_class_init(ObjectClass *oc, void *data)
--
2.25.1
[PULL 06/44] tcg/ppc: Replace TCG_TARGET_CALL_DARWIN with _CALL_DARWIN
If __APPLE__, ensure that _CALL_DARWIN is set, then remove
our local TCG_TARGET_CALL_DARWIN.
Signed-off-by: Richard Henderson
---
tcg/ppc/tcg-target.c.inc | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/tcg/ppc/tcg-target.c.inc b/tcg/ppc/tcg-target.c.inc
index e0f4665213..2202ce017e 100644
--- a/tcg/ppc/tcg-target.c.inc
+++ b/tcg/ppc/tcg-target.c.inc
@@ -25,8 +25,8 @@
#include "elf.h"
#include "../tcg-pool.c.inc"
-#if defined _CALL_DARWIN || defined __APPLE__
-#define TCG_TARGET_CALL_DARWIN
+#if !defined _CALL_DARWIN && defined __APPLE__
+#define _CALL_DARWIN 1
#endif
#ifdef _CALL_SYSV
# define TCG_TARGET_CALL_ALIGN_ARGS 1
@@ -169,7 +169,7 @@ static const int tcg_target_call_oarg_regs[] = {
};
static const int tcg_target_callee_save_regs[] = {
-#ifdef TCG_TARGET_CALL_DARWIN
+#ifdef _CALL_DARWIN
TCG_REG_R11,
#endif
TCG_REG_R14,
@@ -2372,7 +2372,7 @@ static void tcg_out_nop_fill(tcg_insn_unit *p, int count)
# define LINK_AREA_SIZE(6 * SZR)
# define LR_OFFSET (1 * SZR)
# define TCG_TARGET_CALL_STACK_OFFSET (LINK_AREA_SIZE + 8 * SZR)
-#elif defined(TCG_TARGET_CALL_DARWIN)
+#elif defined(_CALL_DARWIN)
# define LINK_AREA_SIZE(6 * SZR)
# define LR_OFFSET (2 * SZR)
#elif TCG_TARGET_REG_BITS == 64
--
2.25.1
[PULL 19/44] target/i386: Move x86_cpu_exec_interrupt() under sysemu/ folder
From: Philippe Mathieu-Daudé
Following the logic of commit 30493a030ff ("i386: split seg_helper
into user-only and sysemu parts"), move x86_cpu_exec_interrupt()
under sysemu/seg_helper.c.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Reviewed-By: Warner Losh
Message-Id: <20210911165434.531552-12-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/i386/tcg/seg_helper.c| 64 -
target/i386/tcg/sysemu/seg_helper.c | 62
2 files changed, 62 insertions(+), 64 deletions(-)
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index 4e6f26a7b7..baa905a0cd 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -1110,70 +1110,6 @@ void do_interrupt_x86_hardirq(CPUX86State *env, int
intno, int is_hw)
do_interrupt_all(env_archcpu(env), intno, 0, 0, 0, is_hw);
}
-#ifndef CONFIG_USER_ONLY
-bool x86_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
-{
-X86CPU *cpu = X86_CPU(cs);
-CPUX86State *env = >env;
-int intno;
-
-interrupt_request = x86_cpu_pending_interrupt(cs, interrupt_request);
-if (!interrupt_request) {
-return false;
-}
-
-/* Don't process multiple interrupt requests in a single call.
- * This is required to make icount-driven execution deterministic.
- */
-switch (interrupt_request) {
-case CPU_INTERRUPT_POLL:
-cs->interrupt_request &= ~CPU_INTERRUPT_POLL;
-apic_poll_irq(cpu->apic_state);
-break;
-case CPU_INTERRUPT_SIPI:
-do_cpu_sipi(cpu);
-break;
-case CPU_INTERRUPT_SMI:
-cpu_svm_check_intercept_param(env, SVM_EXIT_SMI, 0, 0);
-cs->interrupt_request &= ~CPU_INTERRUPT_SMI;
-do_smm_enter(cpu);
-break;
-case CPU_INTERRUPT_NMI:
-cpu_svm_check_intercept_param(env, SVM_EXIT_NMI, 0, 0);
-cs->interrupt_request &= ~CPU_INTERRUPT_NMI;
-env->hflags2 |= HF2_NMI_MASK;
-do_interrupt_x86_hardirq(env, EXCP02_NMI, 1);
-break;
-case CPU_INTERRUPT_MCE:
-cs->interrupt_request &= ~CPU_INTERRUPT_MCE;
-do_interrupt_x86_hardirq(env, EXCP12_MCHK, 0);
-break;
-case CPU_INTERRUPT_HARD:
-cpu_svm_check_intercept_param(env, SVM_EXIT_INTR, 0, 0);
-cs->interrupt_request &= ~(CPU_INTERRUPT_HARD |
- CPU_INTERRUPT_VIRQ);
-intno = cpu_get_pic_interrupt(env);
-qemu_log_mask(CPU_LOG_TB_IN_ASM,
- "Servicing hardware INT=0x%02x\n", intno);
-do_interrupt_x86_hardirq(env, intno, 1);
-break;
-case CPU_INTERRUPT_VIRQ:
-cpu_svm_check_intercept_param(env, SVM_EXIT_VINTR, 0, 0);
-intno = x86_ldl_phys(cs, env->vm_vmcb
- + offsetof(struct vmcb, control.int_vector));
-qemu_log_mask(CPU_LOG_TB_IN_ASM,
- "Servicing virtual hardware INT=0x%02x\n", intno);
-do_interrupt_x86_hardirq(env, intno, 1);
-cs->interrupt_request &= ~CPU_INTERRUPT_VIRQ;
-env->int_ctl &= ~V_IRQ_MASK;
-break;
-}
-
-/* Ensure that no TB jump will be modified as the program flow was
changed. */
-return true;
-}
-#endif /* CONFIG_USER_ONLY */
-
void helper_lldt(CPUX86State *env, int selector)
{
SegmentCache *dt;
diff --git a/target/i386/tcg/sysemu/seg_helper.c
b/target/i386/tcg/sysemu/seg_helper.c
index 82c0856c41..bf3444c26b 100644
--- a/target/i386/tcg/sysemu/seg_helper.c
+++ b/target/i386/tcg/sysemu/seg_helper.c
@@ -125,6 +125,68 @@ void x86_cpu_do_interrupt(CPUState *cs)
}
}
+bool x86_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
+{
+X86CPU *cpu = X86_CPU(cs);
+CPUX86State *env = >env;
+int intno;
+
+interrupt_request = x86_cpu_pending_interrupt(cs, interrupt_request);
+if (!interrupt_request) {
+return false;
+}
+
+/* Don't process multiple interrupt requests in a single call.
+ * This is required to make icount-driven execution deterministic.
+ */
+switch (interrupt_request) {
+case CPU_INTERRUPT_POLL:
+cs->interrupt_request &= ~CPU_INTERRUPT_POLL;
+apic_poll_irq(cpu->apic_state);
+break;
+case CPU_INTERRUPT_SIPI:
+do_cpu_sipi(cpu);
+break;
+case CPU_INTERRUPT_SMI:
+cpu_svm_check_intercept_param(env, SVM_EXIT_SMI, 0, 0);
+cs->interrupt_request &= ~CPU_INTERRUPT_SMI;
+do_smm_enter(cpu);
+break;
+case CPU_INTERRUPT_NMI:
+cpu_svm_check_intercept_param(env, SVM_EXIT_NMI, 0, 0);
+cs->interrupt_request &= ~CPU_INTERRUPT_NMI;
+env->hflags2 |= HF2_NMI_MASK;
+do_interrupt_x86_hardirq(env, EXCP02_NMI, 1);
+break;
+case CPU_INTERRUPT_MCE:
+cs->interrupt_request &= ~CPU_INTERRUPT_MCE;
+do_interrupt_x86_hardirq(env, EXCP12_MCHK, 0);
+break;
+case CPU_INTERRUPT_HARD:
+
[PULL 21/44] target/microblaze: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-14-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/microblaze/cpu.h| 2 ++
target/microblaze/cpu.c| 2 +-
target/microblaze/helper.c | 13 ++---
3 files changed, 5 insertions(+), 12 deletions(-)
diff --git a/target/microblaze/cpu.h b/target/microblaze/cpu.h
index e4bba8a755..40401c33b7 100644
--- a/target/microblaze/cpu.h
+++ b/target/microblaze/cpu.h
@@ -355,8 +355,10 @@ struct MicroBlazeCPU {
};
+#ifndef CONFIG_USER_ONLY
void mb_cpu_do_interrupt(CPUState *cs);
bool mb_cpu_exec_interrupt(CPUState *cs, int int_req);
+#endif /* !CONFIG_USER_ONLY */
void mb_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr,
MMUAccessType access_type,
int mmu_idx, uintptr_t retaddr);
diff --git a/target/microblaze/cpu.c b/target/microblaze/cpu.c
index 72d8f2a0da..15db277925 100644
--- a/target/microblaze/cpu.c
+++ b/target/microblaze/cpu.c
@@ -365,10 +365,10 @@ static const struct SysemuCPUOps mb_sysemu_ops = {
static const struct TCGCPUOps mb_tcg_ops = {
.initialize = mb_tcg_init,
.synchronize_from_tb = mb_cpu_synchronize_from_tb,
-.cpu_exec_interrupt = mb_cpu_exec_interrupt,
.tlb_fill = mb_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = mb_cpu_exec_interrupt,
.do_interrupt = mb_cpu_do_interrupt,
.do_transaction_failed = mb_cpu_transaction_failed,
.do_unaligned_access = mb_cpu_do_unaligned_access,
diff --git a/target/microblaze/helper.c b/target/microblaze/helper.c
index 20dbd67313..dd2aecd1d5 100644
--- a/target/microblaze/helper.c
+++ b/target/microblaze/helper.c
@@ -26,16 +26,6 @@
#if defined(CONFIG_USER_ONLY)
-void mb_cpu_do_interrupt(CPUState *cs)
-{
-MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
-CPUMBState *env = >env;
-
-cs->exception_index = -1;
-env->res_addr = RES_ADDR_NONE;
-env->regs[14] = env->pc;
-}
-
bool mb_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr)
@@ -271,7 +261,6 @@ hwaddr mb_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr
addr,
return paddr;
}
-#endif
bool mb_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
{
@@ -289,6 +278,8 @@ bool mb_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return false;
}
+#endif /* !CONFIG_USER_ONLY */
+
void mb_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
MMUAccessType access_type,
int mmu_idx, uintptr_t retaddr)
--
2.25.1
[PULL 04/44] accel/tcg: remove redundant TCG_KICK_PERIOD define
From: Luc Michel
The TCG_KICK_PERIOD macro is already defined in tcg-accel-ops-rr.h.
Remove it from tcg-accel-ops-rr.c.
Signed-off-by: Luc Michel
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Message-Id: <20210811141229.12470-1-lmic...@kalray.eu>
Signed-off-by: Richard Henderson
---
accel/tcg/tcg-accel-ops-rr.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/accel/tcg/tcg-accel-ops-rr.c b/accel/tcg/tcg-accel-ops-rr.c
index c02c061ecb..a5fd26190e 100644
--- a/accel/tcg/tcg-accel-ops-rr.c
+++ b/accel/tcg/tcg-accel-ops-rr.c
@@ -60,8 +60,6 @@ void rr_kick_vcpu_thread(CPUState *unused)
static QEMUTimer *rr_kick_vcpu_timer;
static CPUState *rr_current_cpu;
-#define TCG_KICK_PERIOD (NANOSECONDS_PER_SECOND / 10)
-
static inline int64_t rr_next_kick_time(void)
{
return qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + TCG_KICK_PERIOD;
--
2.25.1
[PULL 03/44] tcg/i386: Split P_VEXW from P_REXW
We need to be able to represent VEX.W on a 32-bit host, where REX.W
will always be zero. Fixes the encoding for VPSLLVQ and VPSRLVQ.
Fixes: a2ce146a068 ("tcg/i386: Support vector variable shift opcodes")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/385
Signed-off-by: Richard Henderson
---
tcg/i386/tcg-target.c.inc | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/tcg/i386/tcg-target.c.inc b/tcg/i386/tcg-target.c.inc
index 98d924b91a..997510109d 100644
--- a/tcg/i386/tcg-target.c.inc
+++ b/tcg/i386/tcg-target.c.inc
@@ -241,8 +241,9 @@ static bool tcg_target_const_match(int64_t val, TCGType
type, int ct)
#define P_EXT 0x100 /* 0x0f opcode prefix */
#define P_EXT38 0x200 /* 0x0f 0x38 opcode prefix */
#define P_DATA160x400 /* 0x66 opcode prefix */
+#define P_VEXW 0x1000 /* Set VEX.W = 1 */
#if TCG_TARGET_REG_BITS == 64
-# define P_REXW 0x1000 /* Set REX.W = 1 */
+# define P_REXW P_VEXW /* Set REX.W = 1; match VEXW */
# define P_REXB_R 0x2000 /* REG field as byte register */
# define P_REXB_RM 0x4000 /* R/M field as byte register */
# define P_GS 0x8000 /* gs segment override */
@@ -410,13 +411,13 @@ static bool tcg_target_const_match(int64_t val, TCGType
type, int ct)
#define OPC_VPBROADCASTW (0x79 | P_EXT38 | P_DATA16)
#define OPC_VPBROADCASTD (0x58 | P_EXT38 | P_DATA16)
#define OPC_VPBROADCASTQ (0x59 | P_EXT38 | P_DATA16)
-#define OPC_VPERMQ (0x00 | P_EXT3A | P_DATA16 | P_REXW)
+#define OPC_VPERMQ (0x00 | P_EXT3A | P_DATA16 | P_VEXW)
#define OPC_VPERM2I128 (0x46 | P_EXT3A | P_DATA16 | P_VEXL)
#define OPC_VPSLLVD (0x47 | P_EXT38 | P_DATA16)
-#define OPC_VPSLLVQ (0x47 | P_EXT38 | P_DATA16 | P_REXW)
+#define OPC_VPSLLVQ (0x47 | P_EXT38 | P_DATA16 | P_VEXW)
#define OPC_VPSRAVD (0x46 | P_EXT38 | P_DATA16)
#define OPC_VPSRLVD (0x45 | P_EXT38 | P_DATA16)
-#define OPC_VPSRLVQ (0x45 | P_EXT38 | P_DATA16 | P_REXW)
+#define OPC_VPSRLVQ (0x45 | P_EXT38 | P_DATA16 | P_VEXW)
#define OPC_VZEROUPPER (0x77 | P_EXT)
#define OPC_XCHG_ax_r32(0x90)
@@ -576,7 +577,7 @@ static void tcg_out_vex_opc(TCGContext *s, int opc, int r,
int v,
/* Use the two byte form if possible, which cannot encode
VEX.W, VEX.B, VEX.X, or an m- field other than P_EXT. */
-if ((opc & (P_EXT | P_EXT38 | P_EXT3A | P_REXW)) == P_EXT
+if ((opc & (P_EXT | P_EXT38 | P_EXT3A | P_VEXW)) == P_EXT
&& ((rm | index) & 8) == 0) {
/* Two byte VEX prefix. */
tcg_out8(s, 0xc5);
@@ -601,7 +602,7 @@ static void tcg_out_vex_opc(TCGContext *s, int opc, int r,
int v,
tmp |= (rm & 8 ? 0 : 0x20);/* VEX.B */
tcg_out8(s, tmp);
-tmp = (opc & P_REXW ? 0x80 : 0); /* VEX.W */
+tmp = (opc & P_VEXW ? 0x80 : 0); /* VEX.W */
}
tmp |= (opc & P_VEXL ? 0x04 : 0); /* VEX.L */
--
2.25.1
[PULL 31/44] accel/tcg: Restrict TCGCPUOps::cpu_exec_interrupt() to sysemu
From: Philippe Mathieu-Daudé
All targets call TCGCPUOps::cpu_exec_interrupt() from sysemu code.
Move its declaration to restrict it to system emulation.
Extend the code guarded.
Restrict the static inlined need_replay_interrupt() method to
avoid a "defined but not used" warning.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-24-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
include/hw/core/tcg-cpu-ops.h | 4 ++--
accel/tcg/cpu-exec.c | 10 +++---
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/include/hw/core/tcg-cpu-ops.h b/include/hw/core/tcg-cpu-ops.h
index 6c7ab9600b..55123cb4d2 100644
--- a/include/hw/core/tcg-cpu-ops.h
+++ b/include/hw/core/tcg-cpu-ops.h
@@ -35,8 +35,6 @@ struct TCGCPUOps {
void (*cpu_exec_enter)(CPUState *cpu);
/** @cpu_exec_exit: Callback for cpu_exec cleanup */
void (*cpu_exec_exit)(CPUState *cpu);
-/** @cpu_exec_interrupt: Callback for processing interrupts in cpu_exec */
-bool (*cpu_exec_interrupt)(CPUState *cpu, int interrupt_request);
/**
* @tlb_fill: Handle a softmmu tlb miss or user-only address fault
*
@@ -68,6 +66,8 @@ struct TCGCPUOps {
void (*do_interrupt)(CPUState *cpu);
#endif /* !CONFIG_USER_ONLY || !TARGET_I386 */
#ifdef CONFIG_SOFTMMU
+/** @cpu_exec_interrupt: Callback for processing interrupts in cpu_exec */
+bool (*cpu_exec_interrupt)(CPUState *cpu, int interrupt_request);
/**
* @do_transaction_failed: Callback for handling failed memory transactions
* (ie bus faults or external aborts; not MMU faults)
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 2838177e7f..75dbc1e4e3 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -685,6 +685,7 @@ static inline bool cpu_handle_exception(CPUState *cpu, int
*ret)
return false;
}
+#ifndef CONFIG_USER_ONLY
/*
* CPU_INTERRUPT_POLL is a virtual event which gets converted into a
* "real" interrupt event later. It does not need to be recorded for
@@ -698,12 +699,11 @@ static inline bool need_replay_interrupt(int
interrupt_request)
return true;
#endif
}
+#endif /* !CONFIG_USER_ONLY */
static inline bool cpu_handle_interrupt(CPUState *cpu,
TranslationBlock **last_tb)
{
-CPUClass *cc = CPU_GET_CLASS(cpu);
-
/* Clear the interrupt flag now since we're processing
* cpu->interrupt_request and cpu->exit_request.
* Ensure zeroing happens before reading cpu->exit_request or
@@ -725,6 +725,7 @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
qemu_mutex_unlock_iothread();
return true;
}
+#if !defined(CONFIG_USER_ONLY)
if (replay_mode == REPLAY_MODE_PLAY && !replay_has_interrupt()) {
/* Do nothing */
} else if (interrupt_request & CPU_INTERRUPT_HALT) {
@@ -753,12 +754,14 @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
qemu_mutex_unlock_iothread();
return true;
}
-#endif
+#endif /* !TARGET_I386 */
/* The target hook has 3 exit conditions:
False when the interrupt isn't processed,
True when it is, and we should restart on a new TB,
and via longjmp via cpu_loop_exit. */
else {
+CPUClass *cc = CPU_GET_CLASS(cpu);
+
if (cc->tcg_ops->cpu_exec_interrupt &&
cc->tcg_ops->cpu_exec_interrupt(cpu, interrupt_request)) {
if (need_replay_interrupt(interrupt_request)) {
@@ -777,6 +780,7 @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
* reload the 'interrupt_request' value */
interrupt_request = cpu->interrupt_request;
}
+#endif /* !CONFIG_USER_ONLY */
if (interrupt_request & CPU_INTERRUPT_EXITTB) {
cpu->interrupt_request &= ~CPU_INTERRUPT_EXITTB;
/* ensure that no TB jump will be modified as
--
2.25.1
[PULL 14/44] target/alpha: Restrict cpu_exec_interrupt() handler to sysemu
From: Philippe Mathieu-Daudé
Restrict cpu_exec_interrupt() and its callees to sysemu.
Signed-off-by: Philippe Mathieu-Daudé
Reviewed-by: Warner Losh
Reviewed-by: Richard Henderson
Message-Id: <20210911165434.531552-7-f4...@amsat.org>
Signed-off-by: Richard Henderson
---
target/alpha/cpu.h| 2 +-
target/alpha/cpu.c| 2 +-
target/alpha/helper.c | 5 ++---
3 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/target/alpha/cpu.h b/target/alpha/cpu.h
index 82df108967..4e993bd15b 100644
--- a/target/alpha/cpu.h
+++ b/target/alpha/cpu.h
@@ -274,10 +274,10 @@ struct AlphaCPU {
#ifndef CONFIG_USER_ONLY
extern const VMStateDescription vmstate_alpha_cpu;
-#endif
void alpha_cpu_do_interrupt(CPUState *cpu);
bool alpha_cpu_exec_interrupt(CPUState *cpu, int int_req);
+#endif /* !CONFIG_USER_ONLY */
void alpha_cpu_dump_state(CPUState *cs, FILE *f, int flags);
hwaddr alpha_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
int alpha_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
diff --git a/target/alpha/cpu.c b/target/alpha/cpu.c
index 4871ad0c0a..93e16a2ffb 100644
--- a/target/alpha/cpu.c
+++ b/target/alpha/cpu.c
@@ -218,10 +218,10 @@ static const struct SysemuCPUOps alpha_sysemu_ops = {
static const struct TCGCPUOps alpha_tcg_ops = {
.initialize = alpha_translate_init,
-.cpu_exec_interrupt = alpha_cpu_exec_interrupt,
.tlb_fill = alpha_cpu_tlb_fill,
#ifndef CONFIG_USER_ONLY
+.cpu_exec_interrupt = alpha_cpu_exec_interrupt,
.do_interrupt = alpha_cpu_do_interrupt,
.do_transaction_failed = alpha_cpu_do_transaction_failed,
.do_unaligned_access = alpha_cpu_do_unaligned_access,
diff --git a/target/alpha/helper.c b/target/alpha/helper.c
index 4f56fe4d23..81550d9e2f 100644
--- a/target/alpha/helper.c
+++ b/target/alpha/helper.c
@@ -293,7 +293,6 @@ bool alpha_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
prot, mmu_idx, TARGET_PAGE_SIZE);
return true;
}
-#endif /* USER_ONLY */
void alpha_cpu_do_interrupt(CPUState *cs)
{
@@ -348,7 +347,6 @@ void alpha_cpu_do_interrupt(CPUState *cs)
cs->exception_index = -1;
-#if !defined(CONFIG_USER_ONLY)
switch (i) {
case EXCP_RESET:
i = 0x;
@@ -404,7 +402,6 @@ void alpha_cpu_do_interrupt(CPUState *cs)
/* Switch to PALmode. */
env->flags |= ENV_FLAG_PAL_MODE;
-#endif /* !USER_ONLY */
}
bool alpha_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
@@ -451,6 +448,8 @@ bool alpha_cpu_exec_interrupt(CPUState *cs, int
interrupt_request)
return false;
}
+#endif /* !CONFIG_USER_ONLY */
+
void alpha_cpu_dump_state(CPUState *cs, FILE *f, int flags)
{
static const char linux_reg_names[31][4] = {
--
2.25.1
[PULL 02/44] accel/tcg: Clear PAGE_WRITE before translation
From: Ilya Leoshkevich
translate_insn() implementations fetch instruction bytes piecemeal,
which can cause qemu-user to generate inconsistent translations if
another thread modifies them concurrently [1].
Fix by making pages containing translated instruction non-writable
right before loading instruction bytes from them.
[1] https://lists.nongnu.org/archive/html/qemu-devel/2021-08/msg00644.html
Signed-off-by: Ilya Leoshkevich
Message-Id: <20210805204835.158918-1-...@linux.ibm.com>
Signed-off-by: Richard Henderson
---
include/exec/translate-all.h | 1 +
include/exec/translator.h| 39 ++--
accel/tcg/translate-all.c| 59 +---
accel/tcg/translator.c | 39
4 files changed, 97 insertions(+), 41 deletions(-)
diff --git a/include/exec/translate-all.h b/include/exec/translate-all.h
index a557b4e2bb..9f646389af 100644
--- a/include/exec/translate-all.h
+++ b/include/exec/translate-all.h
@@ -33,6 +33,7 @@ void tb_invalidate_phys_page_range(tb_page_addr_t start,
tb_page_addr_t end);
void tb_check_watchpoint(CPUState *cpu, uintptr_t retaddr);
#ifdef CONFIG_USER_ONLY
+void page_protect(tb_page_addr_t page_addr);
int page_unprotect(target_ulong address, uintptr_t pc);
#endif
diff --git a/include/exec/translator.h b/include/exec/translator.h
index 6c054e8d05..9bc46eda59 100644
--- a/include/exec/translator.h
+++ b/include/exec/translator.h
@@ -23,6 +23,7 @@
#include "exec/exec-all.h"
#include "exec/cpu_ldst.h"
#include "exec/plugin-gen.h"
+#include "exec/translate-all.h"
#include "tcg/tcg.h"
@@ -74,6 +75,17 @@ typedef struct DisasContextBase {
int num_insns;
int max_insns;
bool singlestep_enabled;
+#ifdef CONFIG_USER_ONLY
+/*
+ * Guest address of the last byte of the last protected page.
+ *
+ * Pages containing the translated instructions are made non-writable in
+ * order to achieve consistency in case another thread is modifying the
+ * code while translate_insn() fetches the instruction bytes piecemeal.
+ * Such writer threads are blocked on mmap_lock() in page_unprotect().
+ */
+target_ulong page_protect_end;
+#endif
} DisasContextBase;
/**
@@ -156,28 +168,23 @@ bool translator_use_goto_tb(DisasContextBase *db,
target_ulong dest);
*/
#define GEN_TRANSLATOR_LD(fullname, type, load_fn, swap_fn) \
-static inline type \
-fullname ## _swap(CPUArchState *env, DisasContextBase *dcbase, \
- abi_ptr pc, bool do_swap) \
-{ \
-type ret = load_fn(env, pc);\
-if (do_swap) { \
-ret = swap_fn(ret); \
-} \
-plugin_insn_append(, sizeof(ret)); \
-return ret; \
-} \
+type fullname ## _swap(CPUArchState *env, DisasContextBase *dcbase, \
+ abi_ptr pc, bool do_swap); \
static inline type fullname(CPUArchState *env, \
DisasContextBase *dcbase, abi_ptr pc) \
{ \
return fullname ## _swap(env, dcbase, pc, false); \
}
-GEN_TRANSLATOR_LD(translator_ldub, uint8_t, cpu_ldub_code, /* no swap */)
-GEN_TRANSLATOR_LD(translator_ldsw, int16_t, cpu_ldsw_code, bswap16)
-GEN_TRANSLATOR_LD(translator_lduw, uint16_t, cpu_lduw_code, bswap16)
-GEN_TRANSLATOR_LD(translator_ldl, uint32_t, cpu_ldl_code, bswap32)
-GEN_TRANSLATOR_LD(translator_ldq, uint64_t, cpu_ldq_code, bswap64)
+#define FOR_EACH_TRANSLATOR_LD(F) \
+F(translator_ldub, uint8_t, cpu_ldub_code, /* no swap */) \
+F(translator_ldsw, int16_t, cpu_ldsw_code, bswap16) \
+F(translator_lduw, uint16_t, cpu_lduw_code, bswap16)\
+F(translator_ldl, uint32_t, cpu_ldl_code, bswap32) \
+F(translator_ldq, uint64_t, cpu_ldq_code, bswap64)
+
+FOR_EACH_TRANSLATOR_LD(GEN_TRANSLATOR_LD)
+
#undef GEN_TRANSLATOR_LD
#endif /* EXEC__TRANSLATOR_H */
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index bbfcfb698c..fb9ebfad9e 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -1297,31 +1297,8 @@ static inline void tb_page_add(PageDesc *p,
TranslationBlock *tb,
invalidate_page_bitmap(p);
#if defined(CONFIG_USER_ONLY)
-if (p->flags & PAGE_WRITE) {
-target_ulong addr;
-PageDesc *p2;
-
[PULL 01/44] accel/tcg: Add DisasContextBase argument to translator_ld*
From: Ilya Leoshkevich
Signed-off-by: Ilya Leoshkevich
[rth: Split out of a larger patch.]
Signed-off-by: Richard Henderson
---
include/exec/translator.h | 9 +
target/arm/arm_ldst.h | 12 ++--
target/alpha/translate.c | 2 +-
target/arm/translate-a64.c| 2 +-
target/arm/translate.c| 9 +
target/hexagon/translate.c| 3 ++-
target/hppa/translate.c | 2 +-
target/i386/tcg/translate.c | 10 +-
target/m68k/translate.c | 2 +-
target/mips/tcg/translate.c | 8
target/openrisc/translate.c | 2 +-
target/ppc/translate.c| 5 +++--
target/riscv/translate.c | 5 +++--
target/s390x/tcg/translate.c | 16 +---
target/sh4/translate.c| 4 ++--
target/sparc/translate.c | 2 +-
target/xtensa/translate.c | 5 +++--
target/mips/tcg/micromips_translate.c.inc | 2 +-
target/mips/tcg/mips16e_translate.c.inc | 4 ++--
target/mips/tcg/nanomips_translate.c.inc | 4 ++--
20 files changed, 58 insertions(+), 50 deletions(-)
diff --git a/include/exec/translator.h b/include/exec/translator.h
index d318803267..6c054e8d05 100644
--- a/include/exec/translator.h
+++ b/include/exec/translator.h
@@ -157,7 +157,8 @@ bool translator_use_goto_tb(DisasContextBase *db,
target_ulong dest);
#define GEN_TRANSLATOR_LD(fullname, type, load_fn, swap_fn) \
static inline type \
-fullname ## _swap(CPUArchState *env, abi_ptr pc, bool do_swap) \
+fullname ## _swap(CPUArchState *env, DisasContextBase *dcbase, \
+ abi_ptr pc, bool do_swap) \
{ \
type ret = load_fn(env, pc);\
if (do_swap) { \
@@ -166,10 +167,10 @@ bool translator_use_goto_tb(DisasContextBase *db,
target_ulong dest);
plugin_insn_append(, sizeof(ret)); \
return ret; \
} \
-\
-static inline type fullname(CPUArchState *env, abi_ptr pc) \
+static inline type fullname(CPUArchState *env, \
+DisasContextBase *dcbase, abi_ptr pc) \
{ \
-return fullname ## _swap(env, pc, false); \
+return fullname ## _swap(env, dcbase, pc, false); \
}
GEN_TRANSLATOR_LD(translator_ldub, uint8_t, cpu_ldub_code, /* no swap */)
diff --git a/target/arm/arm_ldst.h b/target/arm/arm_ldst.h
index 057160e8da..cee0548a1c 100644
--- a/target/arm/arm_ldst.h
+++ b/target/arm/arm_ldst.h
@@ -24,15 +24,15 @@
#include "qemu/bswap.h"
/* Load an instruction and return it in the standard little-endian order */
-static inline uint32_t arm_ldl_code(CPUARMState *env, target_ulong addr,
-bool sctlr_b)
+static inline uint32_t arm_ldl_code(CPUARMState *env, DisasContextBase *s,
+target_ulong addr, bool sctlr_b)
{
-return translator_ldl_swap(env, addr, bswap_code(sctlr_b));
+return translator_ldl_swap(env, s, addr, bswap_code(sctlr_b));
}
/* Ditto, for a halfword (Thumb) instruction */
-static inline uint16_t arm_lduw_code(CPUARMState *env, target_ulong addr,
- bool sctlr_b)
+static inline uint16_t arm_lduw_code(CPUARMState *env, DisasContextBase* s,
+ target_ulong addr, bool sctlr_b)
{
#ifndef CONFIG_USER_ONLY
/* In big-endian (BE32) mode, adjacent Thumb instructions have been swapped
@@ -41,7 +41,7 @@ static inline uint16_t arm_lduw_code(CPUARMState *env,
target_ulong addr,
addr ^= 2;
}
#endif
-return translator_lduw_swap(env, addr, bswap_code(sctlr_b));
+return translator_lduw_swap(env, s, addr, bswap_code(sctlr_b));
}
#endif
diff --git a/target/alpha/translate.c b/target/alpha/translate.c
index de6c0a8439..b034206688 100644
--- a/target/alpha/translate.c
+++ b/target/alpha/translate.c
@@ -2971,7 +2971,7 @@ static void alpha_tr_translate_insn(DisasContextBase
*dcbase, CPUState *cpu)
{
DisasContext *ctx = container_of(dcbase, DisasContext, base);
CPUAlphaState *env = cpu->env_ptr;
-uint32_t insn = translator_ldl(env, ctx->base.pc_next);
+uint32_t insn = translator_ldl(env, >base, ctx->base.pc_next);
ctx->base.pc_next += 4;
[RFC v2 1/2] virtio-gpu: Add support for VIRTIO_GPU_F_RELEASE_FENCE
To support this feature, we add a new queue named rel_fenceq to
enqueue finished set_scanout_blob cmds.
Cc: Gerd Hoffmann
Signed-off-by: Vivek Kasireddy
---
hw/display/virtio-gpu-base.c| 3 ++
hw/display/virtio-gpu-udmabuf.c | 4 +-
hw/display/virtio-gpu.c | 54 -
include/hw/virtio/virtio-gpu.h | 6 +++
include/standard-headers/linux/virtio_gpu.h | 2 +
5 files changed, 66 insertions(+), 3 deletions(-)
diff --git a/hw/display/virtio-gpu-base.c b/hw/display/virtio-gpu-base.c
index c8da4806e0..0218a6d3d2 100644
--- a/hw/display/virtio-gpu-base.c
+++ b/hw/display/virtio-gpu-base.c
@@ -211,6 +211,9 @@ virtio_gpu_base_get_features(VirtIODevice *vdev, uint64_t
features,
if (virtio_gpu_blob_enabled(g->conf)) {
features |= (1 << VIRTIO_GPU_F_RESOURCE_BLOB);
}
+if (virtio_gpu_relfence_enabled(g->conf)) {
+features |= (1 << VIRTIO_GPU_F_RELEASE_FENCE);
+}
return features;
}
diff --git a/hw/display/virtio-gpu-udmabuf.c b/hw/display/virtio-gpu-udmabuf.c
index c6f7f58784..adb3fd4e0c 100644
--- a/hw/display/virtio-gpu-udmabuf.c
+++ b/hw/display/virtio-gpu-udmabuf.c
@@ -157,7 +157,7 @@ void virtio_gpu_fini_udmabuf(struct
virtio_gpu_simple_resource *res)
}
}
-static void virtio_gpu_free_dmabuf(VirtIOGPU *g, VGPUDMABuf *dmabuf)
+void virtio_gpu_free_dmabuf(VirtIOGPU *g, VGPUDMABuf *dmabuf)
{
struct virtio_gpu_scanout *scanout;
@@ -216,7 +216,7 @@ int virtio_gpu_update_dmabuf(VirtIOGPU *g,
new_primary->buf.height);
dpy_gl_scanout_dmabuf(scanout->con, _primary->buf);
-if (old_primary) {
+if (old_primary && !virtio_gpu_relfence_enabled(g->parent_obj.conf)) {
virtio_gpu_free_dmabuf(g, old_primary);
}
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
index 182e0868b0..115c7033aa 100644
--- a/hw/display/virtio-gpu.c
+++ b/hw/display/virtio-gpu.c
@@ -771,6 +771,11 @@ static void virtio_gpu_set_scanout_blob(VirtIOGPU *g,
virtio_gpu_do_set_scanout(g, ss.scanout_id,
, res, , >error);
+
+if (virtio_gpu_relfence_enabled(g->parent_obj.conf)) {
+cmd->finished = true;
+cmd->error = VIRTIO_GPU_RESP_OK_NODATA;
+}
}
int virtio_gpu_create_mapping_iov(VirtIOGPU *g,
@@ -1038,12 +1043,43 @@ void virtio_gpu_process_cmdq(VirtIOGPU *g)
fprintf(stderr, "inflight: %3d (+)\r", g->inflight);
}
} else {
-g_free(cmd);
+if (cmd->cmd_hdr.type == VIRTIO_GPU_CMD_SET_SCANOUT_BLOB &&
+cmd->error == VIRTIO_GPU_RESP_OK_NODATA) {
+QTAILQ_INSERT_TAIL(>rel_fenceq, cmd, next);
+} else {
+g_free(cmd);
+}
}
}
g->processing_cmdq = false;
}
+static void virtio_gpu_process_rel_fenceq(VirtIOGPU *g)
+{
+struct virtio_gpu_simple_resource *res;
+struct virtio_gpu_set_scanout_blob ss;
+struct virtio_gpu_ctrl_command *cmd, *tmp;
+VGPUDMABuf *dmabuf, *temp;
+
+QTAILQ_FOREACH_SAFE(dmabuf, >dmabuf.bufs, next, temp) {
+if (dmabuf->buf.fence_fd < 0) {
+QTAILQ_FOREACH_SAFE(cmd, >rel_fenceq, next, tmp) {
+VIRTIO_GPU_FILL_CMD(ss);
+virtio_gpu_bswap_32(, sizeof(ss));
+res = virtio_gpu_find_check_resource(g, ss.resource_id, true,
+ __func__, >error);
+if (res && dmabuf->buf.fd == res->dmabuf_fd) {
+virtio_gpu_ctrl_response_nodata(g, cmd,
+VIRTIO_GPU_RESP_OK_NODATA);
+QTAILQ_REMOVE(>rel_fenceq, cmd, next);
+g_free(cmd);
+}
+}
+virtio_gpu_free_dmabuf(g, dmabuf);
+}
+}
+}
+
static void virtio_gpu_process_fenceq(VirtIOGPU *g)
{
struct virtio_gpu_ctrl_command *cmd, *tmp;
@@ -1064,6 +1100,12 @@ static void virtio_gpu_handle_gl_flushed(VirtIOGPUBase
*b)
{
VirtIOGPU *g = container_of(b, VirtIOGPU, parent_obj);
+if (virtio_gpu_relfence_enabled(g->parent_obj.conf)) {
+virtio_gpu_process_rel_fenceq(g);
+}
+if (g->parent_obj.renderer_blocked) {
+return;
+}
virtio_gpu_process_fenceq(g);
virtio_gpu_process_cmdq(g);
}
@@ -1323,6 +1365,13 @@ void virtio_gpu_device_realize(DeviceState *qdev, Error
**errp)
}
}
+if (virtio_gpu_relfence_enabled(g->parent_obj.conf)) {
+if (!virtio_gpu_blob_enabled(g->parent_obj.conf)) {
+error_setg(errp, "cannot enable relfence without blob resources");
+return;
+}
+}
+
if (!virtio_gpu_base_device_realize(qdev,
virtio_gpu_handle_ctrl_cb,
virtio_gpu_handle_cursor_cb,
@@ -1337,6 +1386,7 @@ void
[RFC v2 2/2] ui: Add a plain Wayland backend for Qemu UI
Cc: Gerd Hoffmann
Signed-off-by: Vivek Kasireddy
---
configure | 8 +-
meson.build | 33 +++
meson_options.txt | 2 +
qapi/ui.json | 3 +
ui/meson.build| 52
ui/wayland.c | 628 ++
6 files changed, 725 insertions(+), 1 deletion(-)
create mode 100644 ui/wayland.c
diff --git a/configure b/configure
index da2501489f..02339681dc 100755
--- a/configure
+++ b/configure
@@ -406,6 +406,7 @@ cfi_debug="false"
seccomp="auto"
glusterfs="auto"
gtk="auto"
+wayland="auto"
tls_priority="NORMAL"
gnutls="auto"
nettle="auto"
@@ -1383,6 +1384,10 @@ for opt do
;;
--enable-gtk) gtk="enabled"
;;
+ --disable-wayland) wayland="disabled"
+ ;;
+ --enable-wayland) wayland="enabled"
+ ;;
--tls-priority=*) tls_priority="$optarg"
;;
--disable-gnutls) gnutls="disabled"
@@ -1868,6 +1873,7 @@ disabled with --disable-FEATURE, default is enabled if
available
sdl SDL UI
sdl-image SDL Image support for icons
gtk gtk UI
+ wayland Wayland UI
vte vte support for the gtk UI
curses curses UI
iconv font glyph conversion support
@@ -5191,7 +5197,7 @@ if test "$skip_meson" = no; then
-Dmalloc=$malloc -Dmalloc_trim=$malloc_trim -Dsparse=$sparse \
-Dkvm=$kvm -Dhax=$hax -Dwhpx=$whpx -Dhvf=$hvf -Dnvmm=$nvmm \
-Dxen=$xen -Dxen_pci_passthrough=$xen_pci_passthrough -Dtcg=$tcg \
--Dcocoa=$cocoa -Dgtk=$gtk -Dmpath=$mpath -Dsdl=$sdl
-Dsdl_image=$sdl_image \
+-Dcocoa=$cocoa -Dgtk=$gtk -Dmpath=$mpath -Dsdl=$sdl -Dwayland=$wayland
-Dsdl_image=$sdl_image \
-Dlibusb=$libusb -Dsmartcard=$smartcard -Dusb_redir=$usb_redir
-Dvte=$vte \
-Dvnc=$vnc -Dvnc_sasl=$vnc_sasl -Dvnc_jpeg=$vnc_jpeg
-Dvnc_png=$vnc_png \
-Dgettext=$gettext -Dxkbcommon=$xkbcommon -Du2f=$u2f
-Dvirtiofsd=$virtiofsd \
diff --git a/meson.build b/meson.build
index 7d7d14a4bc..cda10b7d0f 100644
--- a/meson.build
+++ b/meson.build
@@ -927,6 +927,37 @@ if gtkx11.found()
x11 = dependency('x11', method: 'pkg-config', required: gtkx11.found(),
kwargs: static_kwargs)
endif
+
+wayland = not_found
+if not get_option('wayland').auto()
+ wlclientdep = dependency('wayland-client', version: '>= 1.18.90',
+ method: 'pkg-config',
+ required: get_option('wayland'),
+ kwargs: static_kwargs)
+ wlprotocolsdep = dependency('wayland-protocols', version: '>= 1.14.91',
+ method: 'pkg-config',
+ required: get_option('wayland'),
+ kwargs: static_kwargs)
+
+ if not wlprotocolsdep.found()
+wlproto_dir =
subproject('wayland-protocols').get_variable('wayland_protocols_srcdir')
+ else
+wlproto_dir = wlprotocolsdep.get_pkgconfig_variable('pkgdatadir')
+ endif
+
+ wayland = declare_dependency(dependencies: [wlclientdep, wlprotocolsdep])
+endif
+
+if wayland.found() and get_option('sdl').enabled()
+ error('Wayland and SDL cannot be enabled at the same time')
+endif
+if wayland.found() and get_option('gtk').enabled()
+ error('Wayland and GTK+ cannot be enabled at the same time')
+endif
+if wayland.found() and get_option('cocoa').enabled()
+ error('Wayland and Cocoa cannot be enabled at the same time')
+endif
+
vnc = not_found
png = not_found
jpeg = not_found
@@ -1256,6 +1287,7 @@ if glusterfs.found()
config_host_data.set('CONFIG_GLUSTERFS_IOCB_HAS_STAT',
glusterfs_iocb_has_stat)
endif
config_host_data.set('CONFIG_GTK', gtk.found())
+config_host_data.set('CONFIG_WAYLAND', wayland.found())
config_host_data.set('CONFIG_VTE', vte.found())
config_host_data.set('CONFIG_LIBATTR', have_old_libattr)
config_host_data.set('CONFIG_LIBCAP_NG', libcap_ng.found())
@@ -3052,6 +3084,7 @@ summary_info += {'SDL support': sdl.found()}
summary_info += {'SDL image support': sdl_image.found()}
# TODO: add back version
summary_info += {'GTK support': gtk.found()}
+summary_info += {'Wayland support': wayland.found()}
summary_info += {'pixman':pixman.found()}
# TODO: add back version
summary_info += {'VTE support': vte.found()}
diff --git a/meson_options.txt b/meson_options.txt
index a9a9b8f4c6..6c0e27e83b 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -104,6 +104,8 @@ option('rbd', type : 'feature', value : 'auto',
description: 'Ceph block device driver')
option('gtk', type : 'feature', value : 'auto',
description: 'GTK+ user interface')
+option('wayland', type : 'feature', value : 'auto',
+ description: 'Wayland user interface')
option('sdl', type : 'feature', value : 'auto',
description: 'SDL user interface')
option('sdl_image', type : 'feature', value : 'auto',
diff --git a/qapi/ui.json b/qapi/ui.json
index b2cf7a6759..8da0baa0bd 100644
--- a/qapi/ui.json
+++ b/qapi/ui.json
@@ -1112,6
[RFC v2 0/2] ui: Add a Wayland backend for Qemu UI (v2)
Why does Qemu need a new Wayland UI backend? The main reason why there needs to be a plain and simple Wayland backend for Qemu UI is to eliminate the Blit (aka GPU copy) that happens if using a toolkit like GTK or SDL (because they use EGL). The Blit can be eliminated by sharing the dmabuf fd -- associated with the Guest scanout buffer -- directly with the Host compositor via the linux-dmabuf (unstable) protocol. Once properly integrated, it would be potentially possible to have the scanout buffer created by the Guest compositor be placed directly on a hardware plane on the Host thereby improving performance. Only Guest compositors that use multiple back buffers (at-least 1 front and 1 back) and virtio-gpu would benefit from this work. v2: - Add support for handling/forwarding keyboard and mouse events. - Augment handling of events to ensure that they are not lost in a multi-threaded environment. - Rebase Cc: Gerd Hoffmann Cc: Marc-André Lureau Cc: Dongwon Kim Cc: Tina Zhang Cc: Satyeshwar Singh Vivek Kasireddy (2): virtio-gpu: Add support for VIRTIO_GPU_F_RELEASE_FENCE ui: Add a plain Wayland backend for Qemu UI configure | 8 +- hw/display/virtio-gpu-base.c| 3 + hw/display/virtio-gpu-udmabuf.c | 4 +- hw/display/virtio-gpu.c | 54 +- include/hw/virtio/virtio-gpu.h | 6 + include/standard-headers/linux/virtio_gpu.h | 2 + meson.build | 33 + meson_options.txt | 2 + qapi/ui.json| 3 + ui/meson.build | 52 ++ ui/wayland.c| 628 11 files changed, 791 insertions(+), 4 deletions(-) create mode 100644 ui/wayland.c -- 2.30.2
[RFC v6] virtio/vsock: add two more queues for datagram types
Datagram sockets are connectionless and unreliable.
The sender does not know the capacity of the receiver
and may send more packets than the receiver can handle.
Add two more dedicate virtqueues for datagram sockets,
so that it will not unfairly steal resources from
stream and future connection-oriented sockets.
Signed-off-by: Jiang Wang
---
v1 -> v2: use qemu cmd option to control number of queues,
removed configuration settings for dgram.
v2 -> v3: use ioctl to get features and decide number of
virt queues, instead of qemu cmd option.
v3 -> v4: change DGRAM feature bit value to 2. Add an argument
in vhost_vsock_common_realize to indicate dgram is supported or not.
v4 -> v5: don't open dev to get vhostfd. Removed leftover definition of
enable_dgram
v5 -> v6: fix style errors. Imporve error handling of
vhost_vsock_dgram_supported. Rename MAX_VQS_WITH_DGRAM and another one.
hw/virtio/vhost-user-vsock.c | 2 +-
hw/virtio/vhost-vsock-common.c| 25 --
hw/virtio/vhost-vsock.c | 34 ++-
include/hw/virtio/vhost-vsock-common.h| 6 ++--
include/hw/virtio/vhost-vsock.h | 3 ++
include/standard-headers/linux/virtio_vsock.h | 1 +
6 files changed, 64 insertions(+), 7 deletions(-)
diff --git a/hw/virtio/vhost-user-vsock.c b/hw/virtio/vhost-user-vsock.c
index 6095ed7349..e9ec0e1c00 100644
--- a/hw/virtio/vhost-user-vsock.c
+++ b/hw/virtio/vhost-user-vsock.c
@@ -105,7 +105,7 @@ static void vuv_device_realize(DeviceState *dev, Error
**errp)
return;
}
-vhost_vsock_common_realize(vdev, "vhost-user-vsock");
+vhost_vsock_common_realize(vdev, "vhost-user-vsock", false);
vhost_dev_set_config_notifier(>vhost_dev, _ops);
diff --git a/hw/virtio/vhost-vsock-common.c b/hw/virtio/vhost-vsock-common.c
index 4ad6e234ad..d94636e04e 100644
--- a/hw/virtio/vhost-vsock-common.c
+++ b/hw/virtio/vhost-vsock-common.c
@@ -17,6 +17,8 @@
#include "hw/virtio/vhost-vsock.h"
#include "qemu/iov.h"
#include "monitor/monitor.h"
+#include
+#include
int vhost_vsock_common_start(VirtIODevice *vdev)
{
@@ -196,9 +198,11 @@ int vhost_vsock_common_post_load(void *opaque, int
version_id)
return 0;
}
-void vhost_vsock_common_realize(VirtIODevice *vdev, const char *name)
+void vhost_vsock_common_realize(VirtIODevice *vdev, const char *name,
+ bool enable_dgram)
{
VHostVSockCommon *vvc = VHOST_VSOCK_COMMON(vdev);
+int nvqs = VHOST_VSOCK_NVQS;
virtio_init(vdev, name, VIRTIO_ID_VSOCK,
sizeof(struct virtio_vsock_config));
@@ -209,12 +213,20 @@ void vhost_vsock_common_realize(VirtIODevice *vdev, const
char *name)
vvc->trans_vq = virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE,
vhost_vsock_common_handle_output);
+if (enable_dgram) {
+nvqs = VHOST_VSOCK_NVQS_DGRAM;
+vvc->dgram_recv_vq = virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE,
+
vhost_vsock_common_handle_output);
+vvc->dgram_trans_vq = virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE,
+
vhost_vsock_common_handle_output);
+}
+
/* The event queue belongs to QEMU */
vvc->event_vq = virtio_add_queue(vdev, VHOST_VSOCK_QUEUE_SIZE,
vhost_vsock_common_handle_output);
-vvc->vhost_dev.nvqs = ARRAY_SIZE(vvc->vhost_vqs);
-vvc->vhost_dev.vqs = vvc->vhost_vqs;
+vvc->vhost_dev.nvqs = nvqs;
+vvc->vhost_dev.vqs = g_new0(struct vhost_virtqueue, vvc->vhost_dev.nvqs);
vvc->post_load_timer = NULL;
}
@@ -227,6 +239,13 @@ void vhost_vsock_common_unrealize(VirtIODevice *vdev)
virtio_delete_queue(vvc->recv_vq);
virtio_delete_queue(vvc->trans_vq);
+if (vvc->vhost_dev.nvqs == VHOST_VSOCK_NVQS_DGRAM) {
+virtio_delete_queue(vvc->dgram_recv_vq);
+virtio_delete_queue(vvc->dgram_trans_vq);
+}
+
+g_free(vvc->vhost_dev.vqs);
+
virtio_delete_queue(vvc->event_vq);
virtio_cleanup(vdev);
}
diff --git a/hw/virtio/vhost-vsock.c b/hw/virtio/vhost-vsock.c
index 1b1a5c70ed..891d38e226 100644
--- a/hw/virtio/vhost-vsock.c
+++ b/hw/virtio/vhost-vsock.c
@@ -20,9 +20,12 @@
#include "hw/qdev-properties.h"
#include "hw/virtio/vhost-vsock.h"
#include "monitor/monitor.h"
+#include
+#include
const int feature_bits[] = {
VIRTIO_VSOCK_F_SEQPACKET,
+VIRTIO_VSOCK_F_DGRAM,
VHOST_INVALID_FEATURE_BIT
};
@@ -116,6 +119,9 @@ static uint64_t vhost_vsock_get_features(VirtIODevice *vdev,
VHostVSockCommon *vvc = VHOST_VSOCK_COMMON(vdev);
virtio_add_feature(_features, VIRTIO_VSOCK_F_SEQPACKET);
+if (vvc->vhost_dev.nvqs == VHOST_VSOCK_NVQS_DGRAM) {
+virtio_add_feature(_features, VIRTIO_VSOCK_F_DGRAM);
+}
return vhost_get_features(>vhost_dev, feature_bits,
[RFC PATCH 2/7] accel/tcg: Split out adjust_signal_pc
Split out a function to adjust the raw signal pc into a
value that could be passed to cpu_restore_state.
Signed-off-by: Richard Henderson
---
include/exec/exec-all.h | 8 +++
accel/tcg/user-exec.c | 50 ++---
2 files changed, 40 insertions(+), 18 deletions(-)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 9d5987ba04..7207912306 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -663,6 +663,14 @@ static inline tb_page_addr_t
get_page_addr_code_hostp(CPUArchState *env,
return addr;
}
+/**
+ * adjust_signal_pc:
+ * @pc: raw pc from the host signal ucontext_t.
+ *
+ * Return the pc to pass to cpu_restore_state.
+ */
+uintptr_t adjust_signal_pc(uintptr_t pc);
+
/**
* cpu_signal_handler
* @signum: host signal number
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 8fed542622..1f7b7a3692 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -57,18 +57,14 @@ static void QEMU_NORETURN
cpu_exit_tb_from_sighandler(CPUState *cpu,
cpu_loop_exit_noexc(cpu);
}
-/* 'pc' is the host PC at which the exception was raised. 'address' is
- the effective address of the memory exception. 'is_write' is 1 if a
- write caused the exception and otherwise 0'. 'old_set' is the
- signal set which should be restored */
-static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info,
-int is_write, sigset_t *old_set)
+/**
+ * adjust_signal_pc:
+ * @pc: raw pc from the host signal ucontext_t.
+ *
+ * Return the pc to pass to cpu_restore_state.
+ */
+uintptr_t adjust_signal_pc(uintptr_t pc)
{
-CPUState *cpu = current_cpu;
-CPUClass *cc;
-unsigned long address = (unsigned long)info->si_addr;
-MMUAccessType access_type = is_write ? MMU_DATA_STORE : MMU_DATA_LOAD;
-
switch (helper_retaddr) {
default:
/*
@@ -77,8 +73,7 @@ static inline int handle_cpu_signal(uintptr_t pc, siginfo_t
*info,
* pointer into the generated code that will unwind to the
* correct guest pc.
*/
-pc = helper_retaddr;
-break;
+return helper_retaddr;
case 0:
/*
@@ -97,8 +92,7 @@ static inline int handle_cpu_signal(uintptr_t pc, siginfo_t
*info,
* Therefore, adjust to compensate for what will be done later
* by cpu_restore_state_from_tb.
*/
-pc += GETPC_ADJ;
-break;
+return pc + GETPC_ADJ;
case 1:
/*
@@ -113,11 +107,31 @@ static inline int handle_cpu_signal(uintptr_t pc,
siginfo_t *info,
*
* Like tb_gen_code, release the memory lock before cpu_loop_exit.
*/
-pc = 0;
-access_type = MMU_INST_FETCH;
mmap_unlock();
-break;
+return 0;
}
+}
+
+/* 'pc' is the host PC at which the exception was raised. 'address' is
+ the effective address of the memory exception. 'is_write' is 1 if a
+ write caused the exception and otherwise 0'. 'old_set' is the
+ signal set which should be restored */
+static inline int handle_cpu_signal(uintptr_t pc, siginfo_t *info,
+int is_write, sigset_t *old_set)
+{
+CPUState *cpu = current_cpu;
+CPUClass *cc;
+unsigned long address = (unsigned long)info->si_addr;
+MMUAccessType access_type;
+
+if (is_write) {
+access_type = MMU_DATA_STORE;
+} else if (helper_retaddr == 1) {
+access_type = MMU_INST_FETCH;
+} else {
+access_type = MMU_DATA_LOAD;
+}
+pc = adjust_signal_pc(pc);
/* For synchronous signals we expect to be coming from the vCPU
* thread (so current_cpu should be valid) and either from running
--
2.25.1
[RFC PATCH 3/7] accel/tcg: Split out handle_sigsegv_accerr_write
This is the major portion of handle_cpu_signal which is specific
to tcg, handling the page protections for the translations.
Most of the rest will migrate to linux-user/ shortly.
Signed-off-by: Richard Henderson
---
include/exec/exec-all.h | 12 ++
accel/tcg/user-exec.c | 96 +
2 files changed, 72 insertions(+), 36 deletions(-)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 7207912306..f582d3e688 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -671,6 +671,18 @@ static inline tb_page_addr_t
get_page_addr_code_hostp(CPUArchState *env,
*/
uintptr_t adjust_signal_pc(uintptr_t pc);
+/**
+ * handle_sigsegv_accerr_write:
+ * @cpu: the cpu context
+ * @old_set: the sigset_t from the signal ucontext_t
+ * @host_pc: the host pc, adjusted for the signal
+ * @host_addr: the host address of the fault
+ *
+ * Return true if the write fault has been handled, and should be re-tried.
+ */
+bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,
+ uintptr_t host_pc, uintptr_t host_addr);
+
/**
* cpu_signal_handler
* @signum: host signal number
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 1f7b7a3692..daef34a426 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -112,6 +112,60 @@ uintptr_t adjust_signal_pc(uintptr_t pc)
}
}
+/**
+ * handle_sigsegv_accerr_write:
+ * @cpu: the cpu context
+ * @old_set: the sigset_t from the signal ucontext_t
+ * @host_pc: the host pc, adjusted for the signal
+ * @host_addr: the host address of the fault
+ *
+ * Return true if the write fault has been handled, and should be re-tried.
+ *
+ * Note that it is important that we don't call page_unprotect() unless
+ * this is really a "write to nonwriteable page" fault, because
+ * page_unprotect() assumes that if it is called for an access to
+ * a page that's writeable this means we had two threads racing and
+ * another thread got there first and already made the page writeable;
+ * so we will retry the access. If we were to call page_unprotect()
+ * for some other kind of fault that should really be passed to the
+ * guest, we'd end up in an infinite loop of retrying the faulting access.
+ */
+bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,
+ uintptr_t host_pc, uintptr_t host_addr)
+{
+if (!h2g_valid(host_addr)) {
+return false;
+}
+
+switch (page_unprotect(h2g(host_addr), host_pc)) {
+case 0:
+/*
+ * Fault not caused by a page marked unwritable to protect
+ * cached translations, must be the guest binary's problem.
+ */
+return false;
+case 1:
+/*
+ * Fault caused by protection of cached translation; TBs
+ * invalidated, so resume execution. Retain helper_retaddr
+ * for a possible second fault.
+ */
+return true;
+case 2:
+/*
+ * Fault caused by protection of cached translation, and the
+ * currently executing TB was modified and must be exited
+ * immediately. Clear helper_retaddr for next execution.
+ */
+clear_helper_retaddr();
+cpu_exit_tb_from_sighandler(cpu, old_set);
+/* NORETURN */
+
+default:
+g_assert_not_reached();
+}
+}
+
/* 'pc' is the host PC at which the exception was raised. 'address' is
the effective address of the memory exception. 'is_write' is 1 if a
write caused the exception and otherwise 0'. 'old_set' is the
@@ -150,43 +204,13 @@ static inline int handle_cpu_signal(uintptr_t pc,
siginfo_t *info,
printf("qemu: SIGSEGV pc=0x%08lx address=%08lx w=%d oldset=0x%08lx\n",
pc, address, is_write, *(unsigned long *)old_set);
#endif
-/* XXX: locking issue */
-/* Note that it is important that we don't call page_unprotect() unless
- * this is really a "write to nonwriteable page" fault, because
- * page_unprotect() assumes that if it is called for an access to
- * a page that's writeable this means we had two threads racing and
- * another thread got there first and already made the page writeable;
- * so we will retry the access. If we were to call page_unprotect()
- * for some other kind of fault that should really be passed to the
- * guest, we'd end up in an infinite loop of retrying the faulting
- * access.
- */
-if (is_write && info->si_signo == SIGSEGV && info->si_code == SEGV_ACCERR
&&
-h2g_valid(address)) {
-switch (page_unprotect(h2g(address), pc)) {
-case 0:
-/* Fault not caused by a page marked unwritable to protect
- * cached translations, must be the guest binary's problem.
- */
-break;
-case 1:
-/* Fault caused by protection of cached translation; TBs
- * invalidated, so resume execution. Retain
[RFC PATCH 6/7] linux-user: Handle SIGSEGV/SIGBUS in host_to_target_siginfo_noswap
Remap the faulting address from the host address space into the guest address space. Signed-off-by: Richard Henderson --- linux-user/signal.c | 9 + 1 file changed, 9 insertions(+) diff --git a/linux-user/signal.c b/linux-user/signal.c index a8faea6f09..73c0f9066b 100644 --- a/linux-user/signal.c +++ b/linux-user/signal.c @@ -405,6 +405,15 @@ static inline void host_to_target_siginfo_noswap(target_siginfo_t *tinfo, tinfo->_sifields._sigpoll._fd = info->si_fd; si_type = QEMU_SI_POLL; break; +case TARGET_SIGSEGV: +case TARGET_SIGBUS: +/* + * Remap the host address into the target space. + * Even an invalid guest address is still valid for a fault. + */ +tinfo->_sifields._sigfault._addr = h2g_nocheck(info->si_addr); +si_type = QEMU_SI_FAULT; +break; default: /* Assume a sigqueue()/mq_notify()/rt_sigqueueinfo() source. */ tinfo->_sifields._rt._pid = info->si_pid; -- 2.25.1
[RFC PATCH 7/7] linux-user: Reorg cpu_signal_handler
Split out two functions into linux-user/host/arch/host-signal.h.
Since linux-user requires a linux host, drop all of the BSD and
Solaris ifdefs. These should be recreated under bsd-user/ when
the current blanks there are filled.
Fold the remnants of handle_cpu_signal into host_signal_handler.
Drop the call to cc->tcg_ops->tlb_fill. This was simply an indirect
method to raise SIGSEGV; it is far easier to pass the host siginfo_t
along to the guest. This fixes all of the guest cpu_loop code that
currently fails to properly fill in SEGV_MAPERR vs SEGV_ACCERR.
Signed-off-by: Richard Henderson
---
include/exec/exec-all.h | 12 -
linux-user/host/aarch64/host-signal.h | 73 +++
linux-user/host/alpha/host-signal.h | 41 ++
linux-user/host/arm/host-signal.h | 30 ++
linux-user/host/i386/host-signal.h| 24 +
linux-user/host/mips/host-signal.h| 61 +++
linux-user/host/ppc/host-signal.h | 24 +
linux-user/host/ppc64/host-signal.h | 1 +
linux-user/host/riscv32/host-signal.h | 57 +++
linux-user/host/riscv64/host-signal.h | 1 +
linux-user/host/s390/host-signal.h| 92
linux-user/host/s390x/host-signal.h | 1 +
linux-user/host/sparc/host-signal.h | 53 ++
linux-user/host/sparc64/host-signal.h | 1 +
linux-user/host/x86_64/host-signal.h | 24 +
accel/tcg/user-exec.c | 712 --
linux-user/signal.c | 93 ++--
17 files changed, 543 insertions(+), 757 deletions(-)
create mode 100644 linux-user/host/aarch64/host-signal.h
create mode 100644 linux-user/host/alpha/host-signal.h
create mode 100644 linux-user/host/arm/host-signal.h
create mode 100644 linux-user/host/i386/host-signal.h
create mode 100644 linux-user/host/mips/host-signal.h
create mode 100644 linux-user/host/ppc/host-signal.h
create mode 100644 linux-user/host/ppc64/host-signal.h
create mode 100644 linux-user/host/riscv32/host-signal.h
create mode 100644 linux-user/host/riscv64/host-signal.h
create mode 100644 linux-user/host/s390/host-signal.h
create mode 100644 linux-user/host/s390x/host-signal.h
create mode 100644 linux-user/host/sparc/host-signal.h
create mode 100644 linux-user/host/sparc64/host-signal.h
create mode 100644 linux-user/host/x86_64/host-signal.h
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index f582d3e688..addcec6381 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -683,18 +683,6 @@ uintptr_t adjust_signal_pc(uintptr_t pc);
bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t *old_set,
uintptr_t host_pc, uintptr_t host_addr);
-/**
- * cpu_signal_handler
- * @signum: host signal number
- * @pinfo: host siginfo_t
- * @puc: host ucontext_t
- *
- * To be called from the SIGBUS and SIGSEGV signal handler to inform the
- * virtual cpu of exceptions. Returns true if the signal was handled by
- * the virtual CPU.
- */
-int cpu_signal_handler(int signum, void *pinfo, void *puc);
-
#else
static inline void mmap_lock(void) {}
static inline void mmap_unlock(void) {}
diff --git a/linux-user/host/aarch64/host-signal.h
b/linux-user/host/aarch64/host-signal.h
new file mode 100644
index 00..818da17a21
--- /dev/null
+++ b/linux-user/host/aarch64/host-signal.h
@@ -0,0 +1,73 @@
+/*
+ * host-signal.h: signal info dependent on the host architecture
+ *
+ * Copyright (C) 2021 Linaro Limited
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef AARCH64_HOST_SIGNAL_H
+#define AARCH64_HOST_SIGNAL_H
+
+/* Pre-3.16 kernel headers don't have these, so provide fallback definitions */
+#ifndef ESR_MAGIC
+#define ESR_MAGIC 0x45535201
+struct esr_context {
+struct _aarch64_ctx head;
+uint64_t esr;
+};
+#endif
+
+static inline struct _aarch64_ctx *first_ctx(ucontext_t *uc)
+{
+return (struct _aarch64_ctx *)>uc_mcontext.__reserved;
+}
+
+static inline struct _aarch64_ctx *next_ctx(struct _aarch64_ctx *hdr)
+{
+return (struct _aarch64_ctx *)((char *)hdr + hdr->size);
+}
+
+static inline uintptr_t host_signal_pc(ucontext_t *uc)
+{
+return uc->uc_mcontext.pc;
+}
+
+static inline bool host_sigsegv_write(siginfo_t *info, ucontext_t *uc)
+{
+struct _aarch64_ctx *hdr;
+uint32_t insn;
+
+/* Find the esr_context, which has the WnR bit in it */
+for (hdr = first_ctx(uc); hdr->magic; hdr = next_ctx(hdr)) {
+if (hdr->magic == ESR_MAGIC) {
+struct esr_context const *esrctx = (struct esr_context const *)hdr;
+uint64_t esr = esrctx->esr;
+
+/* For data aborts ESR.EC is 0b10010x: then bit 6 is the WnR bit */
+return extract32(esr, 27, 5) == 0x12 && extract32(esr, 6, 1) == 1;
+}
+}
+
+/*
+ * Fall back to parsing instructions; will only be needed
+ * for really ancient (pre-3.16) kernels.
+ */
+insn = *(uint32_t *)host_signal_pc(uc);
+
+return
[RFC PATCH 1/7] include/exec: Move cpu_signal_handler declaration
There is nothing target specific about this. The implementation
is host specific, but the declaration is 100% common.
Reviewed-by: Alistair Francis
Signed-off-by: Richard Henderson
---
include/exec/exec-all.h | 13 +
target/alpha/cpu.h | 6 --
target/arm/cpu.h| 7 ---
target/avr/cpu.h| 2 --
target/cris/cpu.h | 8
target/hexagon/cpu.h| 3 ---
target/hppa/cpu.h | 3 ---
target/i386/cpu.h | 7 ---
target/m68k/cpu.h | 8
target/microblaze/cpu.h | 7 ---
target/mips/cpu.h | 3 ---
target/mips/internal.h | 2 --
target/nios2/cpu.h | 2 --
target/openrisc/cpu.h | 2 --
target/ppc/cpu.h| 7 ---
target/riscv/cpu.h | 2 --
target/rx/cpu.h | 4
target/s390x/cpu.h | 7 ---
target/sh4/cpu.h| 3 ---
target/sparc/cpu.h | 2 --
target/tricore/cpu.h| 2 --
target/xtensa/cpu.h | 2 --
22 files changed, 13 insertions(+), 89 deletions(-)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 5d1b6d80fb..9d5987ba04 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -662,6 +662,19 @@ static inline tb_page_addr_t
get_page_addr_code_hostp(CPUArchState *env,
}
return addr;
}
+
+/**
+ * cpu_signal_handler
+ * @signum: host signal number
+ * @pinfo: host siginfo_t
+ * @puc: host ucontext_t
+ *
+ * To be called from the SIGBUS and SIGSEGV signal handler to inform the
+ * virtual cpu of exceptions. Returns true if the signal was handled by
+ * the virtual CPU.
+ */
+int cpu_signal_handler(int signum, void *pinfo, void *puc);
+
#else
static inline void mmap_lock(void) {}
static inline void mmap_unlock(void) {}
diff --git a/target/alpha/cpu.h b/target/alpha/cpu.h
index 4e993bd15b..ce9ec32199 100644
--- a/target/alpha/cpu.h
+++ b/target/alpha/cpu.h
@@ -287,7 +287,6 @@ void alpha_cpu_do_unaligned_access(CPUState *cpu, vaddr
addr,
int mmu_idx, uintptr_t retaddr);
#define cpu_list alpha_cpu_list
-#define cpu_signal_handler cpu_alpha_signal_handler
typedef CPUAlphaState CPUArchState;
typedef AlphaCPU ArchCPU;
@@ -440,11 +439,6 @@ void alpha_translate_init(void);
#define CPU_RESOLVING_TYPE TYPE_ALPHA_CPU
void alpha_cpu_list(void);
-/* you can call this signal handler from your SIGBUS and SIGSEGV
- signal handlers to inform the virtual CPU of exceptions. non zero
- is returned if the signal was handled by the virtual CPU. */
-int cpu_alpha_signal_handler(int host_signum, void *pinfo,
- void *puc);
bool alpha_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
MMUAccessType access_type, int mmu_idx,
bool probe, uintptr_t retaddr);
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index cfd755cff9..6c78957e54 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1121,12 +1121,6 @@ static inline bool is_a64(CPUARMState *env)
return env->aarch64;
}
-/* you can call this signal handler from your SIGBUS and SIGSEGV
- signal handlers to inform the virtual CPU of exceptions. non zero
- is returned if the signal was handled by the virtual CPU. */
-int cpu_arm_signal_handler(int host_signum, void *pinfo,
- void *puc);
-
/**
* pmu_op_start/finish
* @env: CPUARMState
@@ -3015,7 +3009,6 @@ bool write_cpustate_to_list(ARMCPU *cpu, bool kvm_sync);
#define ARM_CPU_TYPE_NAME(name) (name ARM_CPU_TYPE_SUFFIX)
#define CPU_RESOLVING_TYPE TYPE_ARM_CPU
-#define cpu_signal_handler cpu_arm_signal_handler
#define cpu_list arm_cpu_list
/* ARM has the following "translation regimes" (as the ARM ARM calls them):
diff --git a/target/avr/cpu.h b/target/avr/cpu.h
index 93e3faa0a9..dceacf3cd7 100644
--- a/target/avr/cpu.h
+++ b/target/avr/cpu.h
@@ -175,7 +175,6 @@ static inline void set_avr_feature(CPUAVRState *env, int
feature)
}
#define cpu_list avr_cpu_list
-#define cpu_signal_handler cpu_avr_signal_handler
#define cpu_mmu_index avr_cpu_mmu_index
static inline int avr_cpu_mmu_index(CPUAVRState *env, bool ifetch)
@@ -187,7 +186,6 @@ void avr_cpu_tcg_init(void);
void avr_cpu_list(void);
int cpu_avr_exec(CPUState *cpu);
-int cpu_avr_signal_handler(int host_signum, void *pinfo, void *puc);
int avr_cpu_memory_rw_debug(CPUState *cs, vaddr address, uint8_t *buf,
int len, bool is_write);
diff --git a/target/cris/cpu.h b/target/cris/cpu.h
index be021899ae..6603565f83 100644
--- a/target/cris/cpu.h
+++ b/target/cris/cpu.h
@@ -199,12 +199,6 @@ int crisv10_cpu_gdb_read_register(CPUState *cpu,
GByteArray *buf, int reg);
int cris_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
int cris_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
-/* you can call this signal handler from your SIGBUS and SIGSEGV
- signal handlers to inform the virtual CPU of exceptions. non zero
- is returned
[RFC PATCH 0/7] linux-user: Streamline handling of SIGSEGV/SIGBUS
Our current setup is: host_signal_handler cpu_signal_handler handle_cpu_signal cc->tcg_ops->tlb_fill raise_exception cpu_loop queue_signal and in the process lose information from the host siginfo_t, which we (mostly) do not recreate properly. Moreover, the intermediate cpu_signal_handler handles the host-specific portions of extracting pc + is_write from the ucontext_t. I'm replacing this with host_signal_handler host_signal_pc host_sigsegv_write adjust_signal_pc handle_sigsegv_accerr_write queue_signal raise_exception cpu_loop All of the really tcg-specific portions are still in user-exec.c, and all of the really host-specific portions are now ditributed across linux-user/host//. Importantly, SEGV_MAPERR and SEGV_ACCERR are now passed through from the host kernel -- or at least there's a single place from which to manage it [1]. Note that I've dropped all of the BSD (and Solaris!) code from user-exec.c. I thought about moving it similar to linux-user, but I've caught Warner in the middle of his re-org and the whole of bsd-user/signal.c is currently empty. I think it will be easier to create the new interfaces from scratch when ready. Still to-do: * Make cc->tcg_ops->tlb_fill sysemu only (once again). * Drop all of the code from cpu_loop that interfaced with tlb_fill. r~ [1] I've just this minute realized that the reserved_va mapping that we do for emulating 32-bit guests will incorrectly give SEGV_ACCERR for pages that are not mapped by the guest, and should result in SEGV_MAPERR. Richard Henderson (7): include/exec: Move cpu_signal_handler declaration accel/tcg: Split out adjust_signal_pc accel/tcg: Split out handle_sigsegv_accerr_write accel/tcg: Move clear_helper_retaddr to cpu loop accel/tcg: Fold cpu_exit_tb_from_sighandler into caller linux-user: Handle SIGSEGV/SIGBUS in host_to_target_siginfo_noswap linux-user: Reorg cpu_signal_handler include/exec/exec-all.h | 21 + linux-user/host/aarch64/host-signal.h | 73 +++ linux-user/host/alpha/host-signal.h | 41 ++ linux-user/host/arm/host-signal.h | 30 + linux-user/host/i386/host-signal.h| 24 + linux-user/host/mips/host-signal.h| 61 ++ linux-user/host/ppc/host-signal.h | 24 + linux-user/host/ppc64/host-signal.h | 1 + linux-user/host/riscv32/host-signal.h | 57 ++ linux-user/host/riscv64/host-signal.h | 1 + linux-user/host/s390/host-signal.h| 92 +++ linux-user/host/s390x/host-signal.h | 1 + linux-user/host/sparc/host-signal.h | 53 ++ linux-user/host/sparc64/host-signal.h | 1 + linux-user/host/x86_64/host-signal.h | 24 + target/alpha/cpu.h| 6 - target/arm/cpu.h | 7 - target/avr/cpu.h | 2 - target/cris/cpu.h | 8 - target/hexagon/cpu.h | 3 - target/hppa/cpu.h | 3 - target/i386/cpu.h | 7 - target/m68k/cpu.h | 8 - target/microblaze/cpu.h | 7 - target/mips/cpu.h | 3 - target/mips/internal.h| 2 - target/nios2/cpu.h| 2 - target/openrisc/cpu.h | 2 - target/ppc/cpu.h | 7 - target/riscv/cpu.h| 2 - target/rx/cpu.h | 4 - target/s390x/cpu.h| 7 - target/sh4/cpu.h | 3 - target/sparc/cpu.h| 2 - target/tricore/cpu.h | 2 - target/xtensa/cpu.h | 2 - accel/tcg/cpu-exec.c | 3 +- accel/tcg/user-exec.c | 807 ++ linux-user/signal.c | 102 ++-- 39 files changed, 635 insertions(+), 870 deletions(-) create mode 100644 linux-user/host/aarch64/host-signal.h create mode 100644 linux-user/host/alpha/host-signal.h create mode 100644 linux-user/host/arm/host-signal.h create mode 100644 linux-user/host/i386/host-signal.h create mode 100644 linux-user/host/mips/host-signal.h create mode 100644 linux-user/host/ppc/host-signal.h create mode 100644 linux-user/host/ppc64/host-signal.h create mode 100644 linux-user/host/riscv32/host-signal.h create mode 100644 linux-user/host/riscv64/host-signal.h create mode 100644 linux-user/host/s390/host-signal.h create mode 100644 linux-user/host/s390x/host-signal.h create mode 100644 linux-user/host/sparc/host-signal.h create mode 100644 linux-user/host/sparc64/host-signal.h create mode 100644 linux-user/host/x86_64/host-signal.h -- 2.25.1
[RFC PATCH 5/7] accel/tcg: Fold cpu_exit_tb_from_sighandler into caller
Remove the comment about siglongjmp. We do use sigsetjmp
in the main cpu loop, but we do not save the signal mask
as most exits from the cpu loop do not require them.
Signed-off-by: Richard Henderson
---
accel/tcg/user-exec.c | 15 ++-
1 file changed, 2 insertions(+), 13 deletions(-)
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 83351db719..ad6b4f6abf 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -46,17 +46,6 @@ __thread uintptr_t helper_retaddr;
//#define DEBUG_SIGNAL
-/* exit the current TB from a signal handler. The host registers are
- restored in a state compatible with the CPU emulator
- */
-static void QEMU_NORETURN cpu_exit_tb_from_sighandler(CPUState *cpu,
- sigset_t *old_set)
-{
-/* XXX: use siglongjmp ? */
-sigprocmask(SIG_SETMASK, old_set, NULL);
-cpu_loop_exit_noexc(cpu);
-}
-
/**
* adjust_signal_pc:
* @pc: raw pc from the host signal ucontext_t.
@@ -157,9 +146,9 @@ bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t
*old_set,
* currently executing TB was modified and must be exited
* immediately. Clear helper_retaddr for next execution.
*/
-cpu_exit_tb_from_sighandler(cpu, old_set);
+sigprocmask(SIG_SETMASK, old_set, NULL);
+cpu_loop_exit_noexc(cpu);
/* NORETURN */
-
default:
g_assert_not_reached();
}
--
2.25.1
[RFC PATCH 4/7] accel/tcg: Move clear_helper_retaddr to cpu loop
Currently there are only two places that require we reset this
value before exiting to the main loop, but that will change.
Signed-off-by: Richard Henderson
---
accel/tcg/cpu-exec.c | 3 ++-
accel/tcg/user-exec.c | 2 --
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 75dbc1e4e3..13c4436e5d 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -451,6 +451,7 @@ void cpu_exec_step_atomic(CPUState *cpu)
* memory.
*/
#ifndef CONFIG_SOFTMMU
+clear_helper_retaddr();
tcg_debug_assert(!have_mmap_lock());
#endif
if (qemu_mutex_iothread_locked()) {
@@ -460,7 +461,6 @@ void cpu_exec_step_atomic(CPUState *cpu)
qemu_plugin_disable_mem_helpers(cpu);
}
-
/*
* As we start the exclusive region before codegen we must still
* be in the region if we longjump out of either the codegen or
@@ -903,6 +903,7 @@ int cpu_exec(CPUState *cpu)
#endif
#ifndef CONFIG_SOFTMMU
+clear_helper_retaddr();
tcg_debug_assert(!have_mmap_lock());
#endif
if (qemu_mutex_iothread_locked()) {
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index daef34a426..83351db719 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -157,7 +157,6 @@ bool handle_sigsegv_accerr_write(CPUState *cpu, sigset_t
*old_set,
* currently executing TB was modified and must be exited
* immediately. Clear helper_retaddr for next execution.
*/
-clear_helper_retaddr();
cpu_exit_tb_from_sighandler(cpu, old_set);
/* NORETURN */
@@ -222,7 +221,6 @@ static inline int handle_cpu_signal(uintptr_t pc, siginfo_t
*info,
* an exception. Undo signal and retaddr state prior to longjmp.
*/
sigprocmask(SIG_SETMASK, old_set, NULL);
-clear_helper_retaddr();
cc = CPU_GET_CLASS(cpu);
cc->tcg_ops->tlb_fill(cpu, address, 0, access_type,
--
2.25.1
Re: question on vhost, limiting kernel threads and NPROC
On Mon, Sep 13, 2021 at 12:04:04PM -0500, Mike Christie wrote: > I just realized I forgot to cc the virt list so adding now. > > Christian see the very bottom for a different fork patch. > > On 7/12/21 7:05 AM, Stefan Hajnoczi wrote: > > On Fri, Jul 09, 2021 at 11:25:37AM -0500, Mike Christie wrote: > >> Hi, > >> > >> The goal of this email is to try and figure how we want to track/limit the > >> number of kernel threads created by vhost devices. > >> > >> Background: > >> --- > >> For vhost-scsi, we've hit a issue where the single vhost worker thread > >> can't > >> handle all IO the being sent from multiple queues. IOPs is stuck at around > >> 500K. To fix this, we did this patchset: > >> > >> https://lore.kernel.org/linux-scsi/20210525180600.6349-1-michael.chris...@oracle.com/ > >> > >> which allows userspace to create N threads and map them to a dev's > >> virtqueues. > >> With this we can get around 1.4M IOPs. > >> > >> Problem: > >> > >> While those patches were being reviewed, a concern about tracking all these > >> new possible threads was raised here: > >> > >> https://lore.kernel.org/linux-scsi/YL45CfpHyzSEcAJv@stefanha-x1.localdomain/ > >> > >> To save you some time, the question is what does other kernel code using > >> the > >> kthread API do to track the number of kernel threads created on behalf of > >> a userspace thread. The answer is they don't do anything so we will have to > >> add that code. > >> > >> I started to do that here: > >> > >> https://lkml.org/lkml/2021/6/23/1233 > >> > >> where those patches would charge/check the vhost device owner's > >> RLIMIT_NPROC > >> value. But, the question of if we really want to do this has come up which > >> is > >> why I'm bugging lists like libvirt now. > >> > >> Question/Solution: > >> -- > >> I'm bugging everyone so we can figure out: > >> > >> If we need to specifically track the number of kernel threads being made > >> for the vhost kernel use case by the RLIMIT_NPROC limit? > >> > >> Or, is it ok to limit the number of devices with the RLIMIT_NOFILE limit. > >> Then each device has a limit on the number of threads it can create. > > > > Do we want to add an interface where an unprivileged userspace process > > can create large numbers of kthreads? The number is indirectly bounded > > by RLIMIT_NOFILE * num_virtqueues, but there is no practical way to > > use that rlimit since num_virtqueues various across vhost devices and > > RLIMIT_NOFILE might need to have a specific value to control file > > descriptors. > > > > io_uring worker threads are limited by RLIMIT_NPROC. I think it makes > > sense in vhost too where the device instance is owned by a specific > > userspace process and can be accounted against that process' rlimit. > > > > I don't have a specific use case other than that I think vhost should be > > safe and well-behaved. > > > > Sorry for the late reply. I finally got to go on PTO and used like 2 > years worth in one super long vacation :) > > I still don't have a RLIMIT_NPROC use case and it wasn't not clear to > me if that has to be handled before merging. However, I might have got > lucky and found a bug where the fix will handle your request too. > > It looks like cgroup v2 is supposed to work, but for vhost threads > it doesn't because the kernel functions we use just support v1. If > we change the vhost layer to create threads like how io_uring does > then we get the RLIMIT_NPROC checks and also cgroup v2 support. > > Christian, If you didn't like this patch > > https://lkml.org/lkml/2021/6/23/1233 > > then I'm not sure how much you will like what is needed to support the > above. Here is a patch which includes what we would need from the fork > related code. On one hand, it's nicer because it fits into the PF FLAG > code like you requested. But, I have to add a no_files arg. See below: > > > -- > > > >From 351d476e8db0a78b9bdf22d77dd1abe66c0eac40 Mon Sep 17 00:00:00 2001 > From: Mike Christie > Date: Mon, 13 Sep 2021 11:20:20 -0500 > Subject: [PATCH] fork: allow cloning of userspace procs from kernel > > Userspace apps/processes like Qemu call into the vhost layer to create > worker threads which execute IO on behalf of VMs. If users set RIMIT > or cgroup limits or setup v2 cgroups or namespaces, the worker thread > is not accounted for or even setup correctly. The reason is that vhost > uses the kthread api which inherits those attributes/values from the > kthreadd thread. This patch allows kernel modules to work like the > io_uring code which can call kernel_clone from the userspace thread's > context and directly inherit its attributes like cgroups from and will > check limits like RLIMIT_NPROC against that userspace thread. > > Note: this patch combines 2 changes that should be separate patches. I'm > including both in one patch to just make it easier to get an idea of what > needs to be done. If we are ok with this
Re: [PATCH v9 07/11] hvf: arm: Implement PSCI handling
On 13.09.21 14:30, Peter Maydell wrote: > On Mon, 13 Sept 2021 at 13:02, Alexander Graf wrote: >> >> On 13.09.21 13:44, Peter Maydell wrote: >>> On Mon, 13 Sept 2021 at 12:07, Alexander Graf wrote: To keep your train of thought though, what would you do if we encounter a conduit that is different from the chosen one? Today, I am aware of 2 different implementations: TCG injects #UD [1] while KVM sets x0 to -1 [2]. >>> If the SMC or HVC insn isn't being used for PSCI then it should >>> have its standard architectural behaviour. >> Why? > QEMU's assumption here is that there are basically two scenarios > for these instructions: > (1) we're providing an emulation of firmware that uses this > instruction (and only this insn, not the other one) to > provide PSCI services > (2) we're not emulating any firmware at all, we're running it > in the guest, and that guest firmware is providing PSCI > > In case (1) we provide a PSCI ABI on the end of the insn. > In case (2) we provide the architectural behaviour for the insn > so that the guest firmware can use it. > > We don't currently have > (3) we're providing an emulation of firmware that does something > other than providing PSCI services on this instruction > > which is what I think you're asking for. (Alternatively, you might > be after "provide PSCI via SMC, not HVC", ie use a different conduit. > If hvf documents that SMC is guaranteed to trap that would be > possible, I guess.) Hvf doesn't document anything. The only documentation it has are its C headers. However, M1 does not implement EL3, but traps SMC calls. It's the only chip Apple has out for hvf on ARM today. I would be very surprised if they started to regress on that functionality. So, would you be open to changing the default conduit to SMC for hvf_enabled()? Is that really a better experience than just modeling behavior after KVM? > >> Also, why does KVM behave differently? > Looks like Marc made KVM set x0 to -1 for SMC calls in kernel commit > c0938c72f8070aa; conveniently he's on the cc list here so we can > ask him :-) > >> And why does Windows rely on >> SMC availability on boot? > Ask Microsoft, but probably either they don't realize that > SMC might not exist and be trappable, or they only have a limited > set of hosts they care about. CPUs with no EL3 are not that common. I'm pretty sure it's the latter :). > >> If you really insist that you don't care about users running Windows >> with TCG and EL2=0, so be it. At least you can enable EL2 and it works >> then. But I can't on hvf. It's one of the most useful use cases for hvf >> on QEMU and I won't break it just because you insist that "SMC behavior >> is IMPDEF, so it must be UNDEF". If it's IMPDEF, it may as well be "set >> x0 to -1 and add 4 to pc". > I am not putting in random hacks for the benefit of specific guest OSes. > If there's a good reason why QEMU's behaviour is wrong then we can change > it, but "I want Windows to boot" doesn't count. Ok, so today we have 2 implementations for SMC traps in an EL0/1 only VM: * TCG injects #UD * KVM sets x0 = -1 and pc += 4. With v10 of the HVF patch set, I'm following what KVM is doing. Can we leave it at that for now and sort out with Marc (and maybe ARM spec writers) what we want to do consistently across all implementations as a follow-up? Thanks, Alex
Re: [PATCH v4 22/33] hostmem-epc: Add the reset interface for EPC backend reset
On Mon, 2021-09-13 at 20:37 +, Sean Christopherson wrote:
> On Mon, Sep 13, 2021, Jarkko Sakkinen wrote:
> > On Fri, 2021-09-10 at 17:10 +0200, Paolo Bonzini wrote:
> > > On 19/07/21 13:21, Yang Zhong wrote:
> > > > +void sgx_memory_backend_reset(HostMemoryBackend *backend, int fd,
> > > > + Error **errp)
> > > > +{
> > > > +MemoryRegion *mr = >mr;
> > > > +
> > > > +mr->enabled = false;
> > > > +
> > > > +/* destroy the old memory region if it exist */
> > > > +if (fd > 0 && mr->destructor) {
> > > > +mr->destructor(mr);
> > > > +}
> > > > +
> > > > +sgx_epc_backend_memory_alloc(backend, errp);
> > > > +}
> > > > +
> > >
> > > Jarkko, Sean, Kai,
> > >
> > > this I think is problematic because it has a race window while
> > > /dev/sgx_vepc is closed and then reopened. First, the vEPC space could
> > > be exhausted by somebody doing another mmap in the meanwhile. Second,
> > > somebody might (for whatever reason) remove /dev/sgx_vepc while QEMU runs.
> >
> > 1: Why is it a problem that mmap() could fail?
>
> The flow in question is QEMU's emulation of a guest RESET. If mmap() fails,
> QEMU
> either has to kill the VM or disable SGX. In either case, it's fatal to a
> running
> workload/VM.
Thanks for the explanations.
Isn't this more about badly configured system/workloads? That's
at least for me the existential question.
I'm interested of legit workloads where this behaviour could still
cause any issues.
I'd guess than in e.g. data center environment, you'd have firly
strict orchestration for this type of resource so that you know
that workloads have an appropriate bandwidth.
/Jarkko
RE: [qemu-hexagon] Error mapping file: Invalid argument
Thanks for pointing me to the toolchain. I'll give it a try to see how it works. However, I'm more interested in being able to use qemu-hexagon as shown in my example below (QuRT). Is it possible? What kind of modifications qemu would require to make it happen? Cheers, Lukasz. -Original Message- From: Brian Cain Sent: poniedziałek, 13 września 2021 22:53 To: Philippe Mathieu-Daudé ; Waksmanski, Lukasz ; qemu-devel@nongnu.org Cc: Taylor Simpson Subject: RE: [qemu-hexagon] Error mapping file: Invalid argument > -Original Message- > From: Philippe Mathieu-Daudé On > Behalf Of Philippe Mathieu-Daudé > Sent: Monday, September 13, 2021 3:19 PM > To: Waksmanski, Lukasz ; qemu- > de...@nongnu.org > Cc: Taylor Simpson ; Brian Cain > > Subject: Re: [qemu-hexagon] Error mapping file: Invalid argument > > WARNING: This email originated from outside of Qualcomm. Please be > wary of any links or attachments, and do not enable macros. > > Cc'ing Hexagon team. > > On 9/13/21 8:38 PM, Waksmanski, Lukasz wrote: ... > > Running in qemu produces error somewhere in mmap > > > > ➜ ~ qemu-hexagon > > ./test > > > > qemu-hexagon: ./test: Error mapping file: Invalid argument ... > > > > Could you tell me where the problem is? Is it because I’m compiling > > for QuRT, and qemu uses is linux-user? Or is something else? Yes, that's roughly it. In order to build Linux userspace binaries, you can use the toolchain in the QEMU container or this one https://github.com/quic/toolchain_for_hexagon/releases/tag/v2021.09.10 -Brian
RE: [qemu-hexagon] Error mapping file: Invalid argument
> -Original Message- > From: Philippe Mathieu-Daudé On > Behalf Of Philippe Mathieu-Daudé > Sent: Monday, September 13, 2021 3:19 PM > To: Waksmanski, Lukasz ; qemu- > de...@nongnu.org > Cc: Taylor Simpson ; Brian Cain > > Subject: Re: [qemu-hexagon] Error mapping file: Invalid argument > > WARNING: This email originated from outside of Qualcomm. Please be wary of > any links or attachments, and do not enable macros. > > Cc'ing Hexagon team. > > On 9/13/21 8:38 PM, Waksmanski, Lukasz wrote: ... > > Running in qemu produces error somewhere in mmap > > > > ➜ ~ qemu-hexagon > > ./test > > > > qemu-hexagon: ./test: Error mapping file: Invalid argument ... > > > > Could you tell me where the problem is? Is it because I’m compiling for > > QuRT, and qemu uses is linux-user? Or is something else? Yes, that's roughly it. In order to build Linux userspace binaries, you can use the toolchain in the QEMU container or this one https://github.com/quic/toolchain_for_hexagon/releases/tag/v2021.09.10 -Brian
Re: [PATCH v4 22/33] hostmem-epc: Add the reset interface for EPC backend reset
On Mon, Sep 13, 2021, Jarkko Sakkinen wrote:
> On Fri, 2021-09-10 at 17:10 +0200, Paolo Bonzini wrote:
> > On 19/07/21 13:21, Yang Zhong wrote:
> > > +void sgx_memory_backend_reset(HostMemoryBackend *backend, int fd,
> > > + Error **errp)
> > > +{
> > > +MemoryRegion *mr = >mr;
> > > +
> > > +mr->enabled = false;
> > > +
> > > +/* destroy the old memory region if it exist */
> > > +if (fd > 0 && mr->destructor) {
> > > +mr->destructor(mr);
> > > +}
> > > +
> > > +sgx_epc_backend_memory_alloc(backend, errp);
> > > +}
> > > +
> >
> > Jarkko, Sean, Kai,
> >
> > this I think is problematic because it has a race window while
> > /dev/sgx_vepc is closed and then reopened. First, the vEPC space could
> > be exhausted by somebody doing another mmap in the meanwhile. Second,
> > somebody might (for whatever reason) remove /dev/sgx_vepc while QEMU runs.
>
> 1: Why is it a problem that mmap() could fail?
The flow in question is QEMU's emulation of a guest RESET. If mmap() fails,
QEMU
either has to kill the VM or disable SGX. In either case, it's fatal to a
running
workload/VM.
> 2: Are you speaking about removing device node? If you have succesfully
>mapped /dev/sgx_vepc, that should not have much effect (file refcount).
Paolo was calling out that doing munmap() before mmap() would allow
/dev/sgx_vepc
to be removed because QEMU would no longer hold a reference to /dev/sgx_vepc.
That
would again be fatal to the VM as QEMU would not be able to re-mmap() guest EPC.
Re: [PATCH] target/ppc: Fix 64-bit decrementer
On Mon, 13 Sept 2021 at 19:09, Luis Fernando Fujita Pires wrote: > > > > value = extract64(value, 0, nr_bits); > > > value = ((target_long)value << (64 - nr_bits)) >> (64 - nr_bits); > > > > Oops, sorry. 64 might not be correct here. It would depend on the target > > being > > either 32 or 64. > > In fact, sextract already does the sign extension, so this should be all > that's needed, right? > value = sextract<32,64>(value, 0, nr_bits); Indeed, sextract64() is the preferred way to do a sign extension. (The one thing to watch out for is that you mustn't try to extract a zero-width field; it will assert if you do. It also asserts if you specify a field whose start,length would put either end to the left of bit 63 or the right of bit 0, but that's less likely than the zero-width case.) -- PMM
Re: [qemu-hexagon] Error mapping file: Invalid argument
Cc'ing Hexagon team.
On 9/13/21 8:38 PM, Waksmanski, Lukasz wrote:
> Hello,
>
>
>
> I’m trying to run Hexagon executables in qemu-hexagon. I’m using
> official stable version v6.1. Here’s my rather simple program:
>
> ➜ ~ cat test.c
>
> #include
>
> int main()
>
> { printf("Hello Hexagon!");
>
> return 0;
>
> }
>
>
>
> I’m using Hexagon SDK 4.0.2 toolchain:
>
> ➜ ~ ~/tools/Hexagon4/tools/HEXAGON_Tools/8.4.09/Tools/bin/hexagon-clang
> -mv67 -o test test.c
>
>
>
> Running in qemu produces error somewhere in mmap
>
> ➜ ~ qemu-hexagon
> ./test
>
> qemu-hexagon: ./test: Error mapping file: Invalid argument
>
>
>
> Am I doing something naively wrong here?
>
>
>
> Here’s are the some details about the executable
>
> ➜ ~
> ~/tools/Hexagon4/tools/HEXAGON_Tools/8.4.09/Tools/bin/hexagon-llvm-readelf
> -h ./test
>
> ELF Header:
>
> Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
>
> Class: ELF32
>
> Data: 2's complement, little endian
>
> Version: 1 (current)
>
> OS/ABI: UNIX - System V
>
> ABI Version: 0x0
>
> Type: EXEC (Executable file)
>
> Machine: Qualcomm Hexagon
>
> Version: 0x1
>
> Entry point address: 0x0
>
> Start of program headers: 52 (bytes into file)
>
> Start of section headers: 78848 (bytes into file)
>
> Flags: 0x67, V67
>
> Size of this header: 52 (bytes)
>
> Size of program headers: 32 (bytes)
>
> Number of program headers: 3
>
> Size of section headers: 40 (bytes)
>
> Number of section headers: 16
>
> Section header string table index: 13
>
>
>
> Section Headers:
>
> [Nr] Name Type Address Off Size ES Flg
> Lk Inf Al
>
> [ 0] NULL 00 00 00
> 0 0 0
>
> [ 1] .start PROGBITS 001000 004680 00 WAX
> 0 0 64
>
> [ 2] .init PROGBITS 5000 006000 64 00 AX
> 0 0 32
>
> [ 3] .text PROGBITS 6000 007000 005a88 00 AX
> 0 0 4096
>
> [ 4] .fini PROGBITS baa0 00caa0 30 00 AX
> 0 0 32
>
> [ 5] .rodata PROGBITS bad0 00cad0 000678 00 A
> 0 0 8
>
> [ 6] .eh_frame PROGBITS c160 00d160 04 00 A
> 0 0 32
>
> [ 7] .data PROGBITS d000 00e000 000708 00 WA
> 0 0 8
>
> [ 8] .ctors PROGBITS d708 00e708 10 00 WA
> 0 0 4
>
> [ 9] .dtors PROGBITS d718 00e718 14 00 WA
> 0 0 4
>
> [10] .sdata PROGBITS e000 00f000 a8 00 WAp
> 0 0 4096
>
> [11] .bss NOBITS e0a8 00f0a8 000e5c 00 WA
> 0 0 8
>
> [12] .comment PROGBITS 00f0a8 d4 00 MS
> 0 0 1
>
> [13] .shstrtab STRTAB 00f17c 6f 00
> 0 0 1
>
> [14] .symtab SYMTAB 00f1ec 0024e0 10
> 15 248 4
>
> [15] .strtab STRTAB 0116cc 001d19 00
> 0 0 1
>
>
>
>
>
> Could you tell me where the problem is? Is it because I’m compiling for
> QuRT, and qemu uses is linux-user? Or is something else?
>
>
>
> Best regards,
>
> *Łukasz Waksmański***
>
> M +48 668 282 017
>
> www.dolby.com __
>
>
>
Re: [PATCH v4 22/33] hostmem-epc: Add the reset interface for EPC backend reset
On Fri, 2021-09-10 at 17:10 +0200, Paolo Bonzini wrote:
> On 19/07/21 13:21, Yang Zhong wrote:
> > +void sgx_memory_backend_reset(HostMemoryBackend *backend, int fd,
> > + Error **errp)
> > +{
> > +MemoryRegion *mr = >mr;
> > +
> > +mr->enabled = false;
> > +
> > +/* destroy the old memory region if it exist */
> > +if (fd > 0 && mr->destructor) {
> > +mr->destructor(mr);
> > +}
> > +
> > +sgx_epc_backend_memory_alloc(backend, errp);
> > +}
> > +
>
> Jarkko, Sean, Kai,
>
> this I think is problematic because it has a race window while
> /dev/sgx_vepc is closed and then reopened. First, the vEPC space could
> be exhausted by somebody doing another mmap in the meanwhile. Second,
> somebody might (for whatever reason) remove /dev/sgx_vepc while QEMU runs.
1: Why is it a problem that mmap() could fail?
2: Are you speaking about removing device node? If you have succesfully
mapped /dev/sgx_vepc, that should not have much effect (file refcount).
/Jarkko
[PULL v4 00/23] target-arm queue
v3->v4: Windows headers define an INT type which clashed
with an enum value name in arm_gicv3_its.c...
The following changes since commit eae587e8e3694b1aceab23239493fb4c7e1a80f5:
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-09-13' into
staging (2021-09-13 11:00:30 +0100)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git
tags/pull-target-arm-20210913-3
for you to fetch changes up to 28e987a7e7edaa3ca7feeac65edca26145df8814:
hw/arm/mps2.c: Mark internal-only I2C buses as 'full' (2021-09-13 21:01:08
+0100)
target-arm queue:
* mark MPS2/MPS3 board-internal i2c buses as 'full' so that command
line user-created devices are not plugged into them
* Take an exception if PSTATE.IL is set
* Support an emulated ITS in the virt board
* Add support for kudo-bmc board
* Probe for KVM_CAP_ARM_VM_IPA_SIZE when creating scratch VM
* cadence_uart: Fix clock handling issues that prevented
u-boot from running
Bin Meng (6):
hw/misc: zynq_slcr: Correctly compute output clocks in the reset exit
phase
hw/char: cadence_uart: Disable transmit when input clock is disabled
hw/char: cadence_uart: Move clock/reset check to uart_can_receive()
hw/char: cadence_uart: Convert to memop_with_attrs() ops
hw/char: cadence_uart: Ignore access when unclocked or in reset for
uart_{read, write}()
hw/char: cadence_uart: Log a guest error when device is unclocked or in
reset
Chris Rauer (1):
hw/arm: Add support for kudo-bmc board.
Marc Zyngier (1):
hw/arm/virt: KVM: Probe for KVM_CAP_ARM_VM_IPA_SIZE when creating scratch
VM
Peter Maydell (5):
target/arm: Take an exception if PSTATE.IL is set
qdev: Support marking individual buses as 'full'
hw/arm/mps2-tz.c: Add extra data parameter to MakeDevFn
hw/arm/mps2-tz.c: Mark internal-only I2C buses as 'full'
hw/arm/mps2.c: Mark internal-only I2C buses as 'full'
Richard Henderson (1):
target/arm: Merge disas_a64_insn into aarch64_tr_translate_insn
Shashi Mallela (9):
hw/intc: GICv3 ITS initial framework
hw/intc: GICv3 ITS register definitions added
hw/intc: GICv3 ITS command queue framework
hw/intc: GICv3 ITS Command processing
hw/intc: GICv3 ITS Feature enablement
hw/intc: GICv3 redistributor ITS processing
tests/data/acpi/virt: Add IORT files for ITS
hw/arm/virt: add ITS support in virt GIC
tests/data/acpi/virt: Update IORT files for ITS
docs/system/arm/nuvoton.rst|1 +
hw/intc/gicv3_internal.h | 188 -
include/hw/arm/virt.h |2 +
include/hw/intc/arm_gicv3_common.h | 13 +
include/hw/intc/arm_gicv3_its_common.h | 32 +-
include/hw/qdev-core.h | 24 +
target/arm/cpu.h |1 +
target/arm/kvm_arm.h |4 +-
target/arm/syndrome.h |5 +
target/arm/translate.h |2 +
hw/arm/mps2-tz.c | 92 ++-
hw/arm/mps2.c | 12 +-
hw/arm/npcm7xx_boards.c| 34 +
hw/arm/virt.c | 29 +-
hw/char/cadence_uart.c | 61 +-
hw/intc/arm_gicv3.c| 14 +
hw/intc/arm_gicv3_common.c | 13 +
hw/intc/arm_gicv3_cpuif.c |7 +-
hw/intc/arm_gicv3_dist.c |5 +-
hw/intc/arm_gicv3_its.c| 1322
hw/intc/arm_gicv3_its_common.c |7 +-
hw/intc/arm_gicv3_its_kvm.c|2 +-
hw/intc/arm_gicv3_redist.c | 153 +++-
hw/misc/zynq_slcr.c| 31 +-
softmmu/qdev-monitor.c |7 +-
target/arm/helper-a64.c|1 +
target/arm/helper.c|8 +
target/arm/kvm.c |7 +-
target/arm/translate-a64.c | 255 +++---
target/arm/translate.c | 21 +
hw/intc/meson.build|1 +
tests/data/acpi/virt/IORT | Bin 0 -> 124 bytes
tests/data/acpi/virt/IORT.memhp| Bin 0 -> 124 bytes
tests/data/acpi/virt/IORT.numamem | Bin 0 -> 124 bytes
tests/data/acpi/virt/IORT.pxb | Bin 0 -> 124 bytes
35 files changed, 2144 insertions(+), 210 deletions(-)
create mode 100644 hw/intc/arm_gicv3_its.c
create mode 100644 tests/data/acpi/virt/IORT
create mode 100644 tests/data/acpi/virt/IORT.memhp
create mode 100644 tests/data/acpi/virt/IORT.numamem
create mode 100644 tests/data/acpi/virt/IORT.pxb
[qemu-hexagon] Error mapping file: Invalid argument
Hello,
I’m trying to run Hexagon executables in qemu-hexagon. I’m using official
stable version v6.1. Here’s my rather simple program:
➜ ~ cat test.c
#include
int main()
{ printf("Hello Hexagon!");
return 0;
}
I’m using Hexagon SDK 4.0.2 toolchain:
➜ ~ ~/tools/Hexagon4/tools/HEXAGON_Tools/8.4.09/Tools/bin/hexagon-clang -mv67
-o test test.c
Running in qemu produces error somewhere in mmap
➜ ~ qemu-hexagon ./test
qemu-hexagon: ./test: Error mapping file: Invalid argument
Am I doing something naively wrong here?
Here’s are the some details about the executable
➜ ~ ~/tools/Hexagon4/tools/HEXAGON_Tools/8.4.09/Tools/bin/hexagon-llvm-readelf
-h ./test
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI:UNIX - System V
ABI Version: 0x0
Type: EXEC (Executable file)
Machine: Qualcomm Hexagon
Version: 0x1
Entry point address: 0x0
Start of program headers: 52 (bytes into file)
Start of section headers: 78848 (bytes into file)
Flags: 0x67, V67
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 3
Size of section headers: 40 (bytes)
Number of section headers: 16
Section header string table index: 13
Section Headers:
[Nr] Name TypeAddress OffSize ES Flg Lk Inf Al
[ 0] NULL 00 00 00 0 0 0
[ 1] .startPROGBITS 001000 004680 00 WAX 0 0 64
[ 2] .init PROGBITS5000 006000 64 00 AX 0 0 32
[ 3] .text PROGBITS6000 007000 005a88 00 AX 0 0
4096
[ 4] .fini PROGBITSbaa0 00caa0 30 00 AX 0 0 32
[ 5] .rodata PROGBITSbad0 00cad0 000678 00 A 0 0 8
[ 6] .eh_frame PROGBITSc160 00d160 04 00 A 0 0 32
[ 7] .data PROGBITSd000 00e000 000708 00 WA 0 0 8
[ 8] .ctorsPROGBITSd708 00e708 10 00 WA 0 0 4
[ 9] .dtorsPROGBITSd718 00e718 14 00 WA 0 0 4
[10] .sdataPROGBITSe000 00f000 a8 00 WAp 0 0
4096
[11] .bss NOBITS e0a8 00f0a8 000e5c 00 WA 0 0 8
[12] .comment PROGBITS 00f0a8 d4 00 MS 0 0 1
[13] .shstrtab STRTAB 00f17c 6f 00 0 0 1
[14] .symtab SYMTAB 00f1ec 0024e0 10 15 248 4
[15] .strtab STRTAB 0116cc 001d19 00 0 0 1
Could you tell me where the problem is? Is it because I’m compiling for QuRT,
and qemu uses is linux-user? Or is something else?
Best regards,
Łukasz Waksmański
M +48 668 282 017
www.dolby.com
Re: [PATCH] target/ppc: Fix 64-bit decrementer
On 9/13/21 8:05 PM, Luis Fernando Fujita Pires wrote: >>> value = extract64(value, 0, nr_bits); >>> value = ((target_long)value << (64 - nr_bits)) >> (64 - nr_bits); >> >> Oops, sorry. 64 might not be correct here. It would depend on the target >> being >> either 32 or 64. > > In fact, sextract already does the sign extension, so this should be all > that's needed, right? > value = sextract<32,64>(value, 0, nr_bits); I am fine with any solution ! Please give a try to this machine : https://github.com/legoater/qemu/tree/microwatt It's the only one with a 64 bit decrementer :) (We should come up with a simpler test case) Thanks, C.
Re: [PATCH 2/2] target/ppc: Check privilege level based on PSR and LPCR[HR] in tlbie[l]
On 9/9/21 5:34 PM, matheus.fe...@eldorado.org.br wrote:
From: Matheus Ferst
PowerISA v3.0B made tlbie[l] hypervisor privileged when PSR=0 and HR=1.
To allow the check at translation time, we'll use the HR bit of LPCR to
check the MMU mode instead of the PATE.HR.
Signed-off-by: Matheus Ferst
---
target/ppc/translate.c | 21 -
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 909a092fde..154ab26872 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -5517,7 +5517,15 @@ static void gen_tlbiel(DisasContext *ctx)
#if defined(CONFIG_USER_ONLY)
GEN_PRIV;
#else
-CHK_SV;
+bool psr = (ctx->opcode >> 17) & 0x1;
+
+if (ctx->pr) {
+GEN_PRIV;
+} else if (!ctx->hv) {
+if (!psr && ctx->hr) {
+GEN_PRIV;
+}
+}
You can avoid the third 'if' clause by adding all the conditions of the
second GEN_PRIV in the second if:
+if (ctx->pr) {
+GEN_PRIV;
+} else if (!ctx->hv && !psr && ctx->hr) {
+GEN_PRIV;
+}
Or, since all the code is doing is executing GEN_PRIV anyways:
+ if (ctx->pr || (!ctx->hv && !psr && ctx->hr)) {
+ GEN_PRIV;
+ }
I think this is clearer than chaining 'if' clauses.
gen_helper_tlbie(cpu_env, cpu_gpr[rB(ctx->opcode)]);
#endif /* defined(CONFIG_USER_ONLY) */
@@ -5529,12 +5537,15 @@ static void gen_tlbie(DisasContext *ctx)
#if defined(CONFIG_USER_ONLY)
GEN_PRIV;
#else
+bool psr = (ctx->opcode >> 17) & 0x1;
TCGv_i32 t1;
-if (ctx->gtse) {
-CHK_SV; /* If gtse is set then tlbie is supervisor privileged */
-} else {
-CHK_HV; /* Else hypervisor privileged */
+if (ctx->pr) {
+GEN_PRIV;
+} else if (!ctx->hv) {
+if (!ctx->gtse || (!psr && ctx->hr)) {
+GEN_PRIV;
+}
}
The same idea I mentioned above could be done here as well, but these are
not straightforward conditions to be done in a single IF clause and will
impact code reading. This is fine as is.
Thanks,
Daniel
if (NARROW_MODE(ctx)) {
Re: [PATCH 1/2] target/ppc: add LPCR[HR] to DisasContext and hflags
On 9/9/21 5:34 PM, matheus.fe...@eldorado.org.br wrote:
From: Matheus Ferst
Add a Host Radix field (hr) in DisasContext with LPCR[HR] value to allow
us to decide between Radix and HPT while validating instructions
arguments. Note that PowerISA v3.1 does not require LPCR[HR] and PATE.HR
to match if the thread is in ultravisor/hypervisor real addressing mode,
so ctx->hr may be invalid if ctx->hv and ctx->dr are set.
Signed-off-by: Matheus Ferst
---
Reviewed-by: Daniel Henrique Barboza
target/ppc/cpu.h | 1 +
target/ppc/helper_regs.c | 3 +++
target/ppc/translate.c | 2 ++
3 files changed, 6 insertions(+)
diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
index 500205229c..e1b8d343cd 100644
--- a/target/ppc/cpu.h
+++ b/target/ppc/cpu.h
@@ -600,6 +600,7 @@ enum {
HFLAGS_64 = 2, /* computed from MSR_CE and MSR_SF */
HFLAGS_GTSE = 3, /* computed from SPR_LPCR[GTSE] */
HFLAGS_DR = 4, /* MSR_DR */
+HFLAGS_HR = 5, /* computed from SPR_LPCR[HR] */
HFLAGS_SPE = 6, /* from MSR_SPE if cpu has SPE; avoid overlap w/ MSR_VR
*/
HFLAGS_TM = 8, /* computed from MSR_TM */
HFLAGS_BE = 9, /* MSR_BE -- from elsewhere on embedded ppc */
diff --git a/target/ppc/helper_regs.c b/target/ppc/helper_regs.c
index 405450d863..1bfb480ecf 100644
--- a/target/ppc/helper_regs.c
+++ b/target/ppc/helper_regs.c
@@ -106,6 +106,9 @@ static uint32_t hreg_compute_hflags_value(CPUPPCState *env)
if (env->spr[SPR_LPCR] & LPCR_GTSE) {
hflags |= 1 << HFLAGS_GTSE;
}
+if (env->spr[SPR_LPCR] & LPCR_HR) {
+hflags |= 1 << HFLAGS_HR;
+}
#ifndef CONFIG_USER_ONLY
if (!env->has_hv_mode || (msr & (1ull << MSR_HV))) {
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 171b216e17..909a092fde 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -175,6 +175,7 @@ struct DisasContext {
bool spe_enabled;
bool tm_enabled;
bool gtse;
+bool hr;
ppc_spr_t *spr_cb; /* Needed to check rights for mfspr/mtspr */
int singlestep_enabled;
uint32_t flags;
@@ -8539,6 +8540,7 @@ static void ppc_tr_init_disas_context(DisasContextBase
*dcbase, CPUState *cs)
ctx->vsx_enabled = (hflags >> HFLAGS_VSX) & 1;
ctx->tm_enabled = (hflags >> HFLAGS_TM) & 1;
ctx->gtse = (hflags >> HFLAGS_GTSE) & 1;
+ctx->hr = (hflags >> HFLAGS_HR) & 1;
ctx->singlestep_enabled = 0;
if ((hflags >> HFLAGS_SE) & 1) {
Re: [PATCH] hw/i386/acpi-build: adjust q35 IO addr range for acpi pci hotplug
On Wed, Sep 08, 2021 at 10:43:51AM +0200, Igor Mammedov wrote:
> On Wed, 8 Sep 2021 12:51:04 +0530 (IST)
> Ani Sinha wrote:
>
> > On Wed, 8 Sep 2021, Igor Mammedov wrote:
> >
> > > On Wed, 8 Sep 2021 09:41:39 +0530
> > > Ani Sinha wrote:
> > >
> > > > Change caf108bc58790 ("hw/i386/acpi-build: Add ACPI PCI hot-plug
> > > > methods to Q35")
> > > > selects an IO address range for acpi based PCI hotplug for q35
> > > > arbitrarily. It
> > > > starts at address 0x0cc4 and ends at 0x0cdb. It was assumed that this
> > > > address
> > > > range was free and available. However, upon more testing, it seems this
> > > > address
> > > > range to be not available for some latest versions of windows.
> > >
> > > The range is something assigned by QEMU, and guest has no say where it
> > > should be.
> > > but perhaps we failed to describe it properly or something similar, so
> > > one gets
> > > 'no resource' error.
> >
> > OK dug deeper. The existing range of IO address conflicts with the CPU
> > hotplug range.
> >
> > CPU hotplug range (ICH9_CPU_HOTPLUG_IO_BASE) is 0x0cd8 to 0x0ce3
> >
> > This intersects with range 0x0cc4 to 0x0cdb for ACPI_PCIHP_ADDR_ICH9 .
>
> Looking at 'info mtree' it's indeed wrong:
>
> 0cc4-0cdb (prio 0, i/o): acpi-pci-hotplug
> 0cd8-0cf7 (prio 0, i/o): acpi-cpu-hotplug
>
> which of them eventually handles IO request in intersection range?
>
> Please, add to commit message your findings, so it would point out
> where problem comes from and what it breaks(doesn't work as expect).
>
> Given it's broken to begin with (and possibly regression if it broke cpu
> hotplug),
> I'm inclined to fix it without adding compat stuff.
> Michael, what do you think?
Agreed.
> > We need to change one or the other.
> >
> > From the windows device manager, I see that the other IO address range is
> > 0x0620 to 0x062F which is reserved for GPE0.
> >
> > .
> > > We need a find out a reason why Windows doesn't like it. You might get
> > > more
> > > detailed error running Windows debug build with ACPI debugger attached.
> >
> > bummer. This is beyond my expertize and I do not have a windows debug
> > build.
> never mind, you already found the issue.
>
> > > > Hence, this
> > > > change modifies the IO address range so that windows can allocate the
> > > > address
> > > > range without any conflict. The new address range would start at 0x0dd4
> > > > and end
> > > > at address 0x0deb.
> > > >
> > > > This change has been tested using a Windows Server 2019 guest VM.
> > > >
> > > > Fixes: caf108bc58790 ("hw/i386/acpi-build: Add ACPI PCI hot-plug
> > > > methods to Q35")
> > > > Resolves: https://gitlab.com/qemu-project/qemu/-/issues/561
> > > >
> > > > Signed-off-by: Ani Sinha
> > > > ---
> > > > include/hw/acpi/ich9.h | 2 +-
> > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > >
> > > > diff --git a/include/hw/acpi/ich9.h b/include/hw/acpi/ich9.h
> > > > index a329ce43ab..b68c5a2174 100644
> > > > --- a/include/hw/acpi/ich9.h
> > > > +++ b/include/hw/acpi/ich9.h
> > > > @@ -29,7 +29,7 @@
> > > > #include "hw/acpi/acpi_dev_interface.h"
> > > > #include "hw/acpi/tco.h"
> > > >
> > > > -#define ACPI_PCIHP_ADDR_ICH9 0x0cc4
> > > > +#define ACPI_PCIHP_ADDR_ICH9 0x0dd4
> maybe 0xcc0 to fit right under acpi-cpu-hotplug as it was intended?
>
> > >
> > > that's ABI change, it must be versioned
> > >
> > > >
> > > > typedef struct ICH9LPCPMRegs {
> > > > /*
> > >
> > >
> >
Re: [PATCH] linux-user: Check lock_user result for ip_mreq_source sockopts
Le 09/08/2021 à 17:54, Peter Maydell a écrit :
> In do_setsockopt(), the code path for the options which take a struct
> ip_mreq_source (IP_BLOCK_SOURCE, IP_UNBLOCK_SOURCE,
> IP_ADD_SOURCE_MEMBERSHIP and IP_DROP_SOURCE_MEMBERSHIP) fails to
> check the return value from lock_user(). Handle this in the usual
> way by returning -TARGET_EFAULT.
>
> (In practice this was probably harmless because we'd pass a NULL
> pointer to setsockopt() and the kernel would then return EFAULT.)
>
> Fixes: Coverity CID 1459987
> Signed-off-by: Peter Maydell
> ---
> Compile-tested only; I don't have a test case to hand that
> uses these socket options.
>
> linux-user/syscall.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index ccd3892b2df..d2b062ea5a9 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -2121,6 +2121,9 @@ static abi_long do_setsockopt(int sockfd, int level,
> int optname,
> return -TARGET_EINVAL;
>
> ip_mreq_source = lock_user(VERIFY_READ, optval_addr, optlen, 1);
> +if (!ip_mreq_source) {
> +return -TARGET_EFAULT;
> +}
> ret = get_errno(setsockopt(sockfd, level, optname,
> ip_mreq_source, optlen));
> unlock_user (ip_mreq_source, optval_addr, 0);
> break;
>
Applied to my linux-user-for-6.2 branch.
Thanks,
Laurent
Re: [PATCH v2] linux-user: Correct host errno for IP[V6]_RECVERR socket options
Le 11/09/2021 à 19:08, Philippe Mathieu-Daudé a écrit :
> Host errno must be converted to target errno in IP_RECVERR
> and IPV6_RECVERR socket options.
>
> Fixes: ee1ac3a1822 ("linux-user: Add sockopts for IPv6")
> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/602
> Reported-by: Conrad Meyer
> Signed-off-by: Philippe Mathieu-Daudé
> ---
> v2: Corrected patch description
> ---
> linux-user/syscall.c | 6 --
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index ccd3892b2df..edc9d6b5ba2 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -1967,7 +1967,8 @@ static inline abi_long host_to_target_cmsg(struct
> target_msghdr *target_msgh,
> tgt_len != sizeof(struct errhdr_t)) {
> goto unimplemented;
> }
> -__put_user(errh->ee.ee_errno, _errh->ee.ee_errno);
> +__put_user(get_errno(errh->ee.ee_errno),
> + _errh->ee.ee_errno);
> __put_user(errh->ee.ee_origin, _errh->ee.ee_origin);
> __put_user(errh->ee.ee_type, _errh->ee.ee_type);
> __put_user(errh->ee.ee_code, _errh->ee.ee_code);
> @@ -2011,7 +2012,8 @@ static inline abi_long host_to_target_cmsg(struct
> target_msghdr *target_msgh,
> tgt_len != sizeof(struct errhdr6_t)) {
> goto unimplemented;
> }
> -__put_user(errh->ee.ee_errno, _errh->ee.ee_errno);
> +__put_user(get_errno(errh->ee.ee_errno),
> + _errh->ee.ee_errno);
> __put_user(errh->ee.ee_origin, _errh->ee.ee_origin);
> __put_user(errh->ee.ee_type, _errh->ee.ee_type);
> __put_user(errh->ee.ee_code, _errh->ee.ee_code);
>
I don't think it's the correct use of get_errno() here.
get_errno() is:
static inline abi_long get_errno(abi_long ret)
{
if (ret == -1)
return -host_to_target_errno(errno);
else
return ret;
}
and ee_errno is:
struct sock_extended_err {
__u32 ee_errno;
__u8ee_origin;
__u8ee_type;
__u8ee_code;
__u8ee_pad;
__u32 ee_info;
union {
__u32 ee_data;
struct sock_ee_data_rfc4884 ee_rfc4884;
};
};
https://man7.org/linux/man-pages/man7/ip.7.html
ee_errno contains the errno number of the queued error.
so ee_errno is never negative.
You should use "host_to_target_errno(errh->ee.ee_errno)"
Thanks,
Laurent
Re: [PATCH v2 0/9] linux-user: split internals out of qemu.h
Le 08/09/2021 à 17:43, Peter Maydell a écrit : > linux-user/qemu.h is an awkward header, for two reasons: > (1) its name suggests it's a rather common generic header, > but it's actually specific to the usermode emulators > (2) it is a mix of: >* lots of things internal to the implementation of linux-user >* functions that a few files outside linux-user want > (mostly the user-access functions like lock_user, > get/put_user_*, etc, and also the TaskStruct definition) > > This patchset tries to clean it up a bit by at least splitting > most of the "just internal to linux-user" parts out of qemu.h > and putting them in a handful of different .h files that are > then included by the linux-user files that need them. > > I think the ideal would probably be to eventually junk > qemu.h entirely and have a few separate headers specifically > for the bits that non-linux-user code needs (eg a 'user-access.h' > for the get/put_user stuff), perhaps located somewhere that > means we don't need to put linux-user/ on the include path. > But that's awkward as it needs interaction with bsd-user too. > So this much cleanup seemed like a reasonable start... > > Changes v1->v2: > * rebased > * fixed a few minor niggles spotted in v1 during review > * use existing signal-common.h rather than creating a new >header for signal-related functions > > Patches still needing review: 3, 4, 5, 7 > > thanks > -- PMM > > Peter Maydell (9): > linux-user: Fix coding style nits in qemu.h > linux-user: Split strace prototypes into strace.h > linux-user: Split signal-related prototypes into signal-common.h > linux-user: Split loader-related prototypes into loader.h > linux-user: Split mmap prototypes into user-mmap.h > linux-user: Split safe-syscall macro into its own header > linux-user: Split linux-user internals out of qemu.h > linux-user: Don't include gdbstub.h in qemu.h > linux-user: Drop unneeded includes from qemu.h > > linux-user/loader.h | 59 + > linux-user/qemu.h| 429 ++- > linux-user/safe-syscall.h| 154 +++ > linux-user/signal-common.h | 36 +++ > linux-user/strace.h | 38 +++ > linux-user/user-internals.h | 186 ++ > linux-user/user-mmap.h | 34 +++ > gdbstub.c| 2 +- > linux-user/aarch64/cpu_loop.c| 2 + > linux-user/aarch64/signal.c | 1 + > linux-user/alpha/cpu_loop.c | 2 + > linux-user/alpha/signal.c| 1 + > linux-user/arm/cpu_loop.c| 2 + > linux-user/arm/signal.c | 1 + > linux-user/cris/cpu_loop.c | 2 + > linux-user/cris/signal.c | 1 + > linux-user/elfload.c | 3 + > linux-user/exit.c| 2 + > linux-user/fd-trans.c| 2 + > linux-user/flatload.c| 3 + > linux-user/hexagon/cpu_loop.c| 2 + > linux-user/hexagon/signal.c | 1 + > linux-user/hppa/cpu_loop.c | 2 + > linux-user/hppa/signal.c | 1 + > linux-user/i386/cpu_loop.c | 3 + > linux-user/i386/signal.c | 1 + > linux-user/linuxload.c | 2 + > linux-user/m68k/cpu_loop.c | 2 + > linux-user/m68k/signal.c | 1 + > linux-user/main.c| 5 + > linux-user/microblaze/cpu_loop.c | 2 + > linux-user/microblaze/signal.c | 1 + > linux-user/mips/cpu_loop.c | 2 + > linux-user/mips/signal.c | 1 + > linux-user/mmap.c| 2 + > linux-user/nios2/cpu_loop.c | 2 + > linux-user/nios2/signal.c| 1 + > linux-user/openrisc/cpu_loop.c | 2 + > linux-user/openrisc/signal.c | 1 + > linux-user/ppc/cpu_loop.c| 2 + > linux-user/ppc/signal.c | 1 + > linux-user/riscv/cpu_loop.c | 2 + > linux-user/riscv/signal.c| 1 + > linux-user/s390x/cpu_loop.c | 2 + > linux-user/s390x/signal.c| 1 + > linux-user/semihost.c| 1 + > linux-user/sh4/cpu_loop.c| 2 + > linux-user/sh4/signal.c | 1 + > linux-user/signal.c | 5 + > linux-user/sparc/cpu_loop.c | 2 + > linux-user/sparc/signal.c| 1 + > linux-user/strace.c | 3 + > linux-user/syscall.c | 6 + > linux-user/uaccess.c | 1 + > linux-user/uname.c | 1 + > linux-user/vm86.c| 1 + > linux-user/xtensa/cpu_loop.c | 2 + > linux-user/xtensa/signal.c | 1 + > semihosting/arm-compat-semi.c| 2 +- > target/m68k/m68k-semi.c | 2 +- > target/nios2/nios2-semi.c| 2 +- > thunk.c | 1 + > 62 files changed, 620 insertions(+), 417 deletions(-) > create mode 100644 linux-user/loader.h > create mode 100644 linux-user/safe-syscall.h > create mode 100644 linux-user/strace.h > create mode 100644
[PULL v3 00/23] target-arm queue
v3: really fix the format string nit (oops)
The following changes since commit eae587e8e3694b1aceab23239493fb4c7e1a80f5:
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-09-13' into
staging (2021-09-13 11:00:30 +0100)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git
tags/pull-target-arm-20210913-2
for you to fetch changes up to eec607843ca81eccab238fce86222be9c78b3675:
hw/arm/mps2.c: Mark internal-only I2C buses as 'full' (2021-09-13 19:45:02
+0100)
target-arm queue:
* mark MPS2/MPS3 board-internal i2c buses as 'full' so that command
line user-created devices are not plugged into them
* Take an exception if PSTATE.IL is set
* Support an emulated ITS in the virt board
* Add support for kudo-bmc board
* Probe for KVM_CAP_ARM_VM_IPA_SIZE when creating scratch VM
* cadence_uart: Fix clock handling issues that prevented
u-boot from running
Bin Meng (6):
hw/misc: zynq_slcr: Correctly compute output clocks in the reset exit
phase
hw/char: cadence_uart: Disable transmit when input clock is disabled
hw/char: cadence_uart: Move clock/reset check to uart_can_receive()
hw/char: cadence_uart: Convert to memop_with_attrs() ops
hw/char: cadence_uart: Ignore access when unclocked or in reset for
uart_{read, write}()
hw/char: cadence_uart: Log a guest error when device is unclocked or in
reset
Chris Rauer (1):
hw/arm: Add support for kudo-bmc board.
Marc Zyngier (1):
hw/arm/virt: KVM: Probe for KVM_CAP_ARM_VM_IPA_SIZE when creating scratch
VM
Peter Maydell (5):
target/arm: Take an exception if PSTATE.IL is set
qdev: Support marking individual buses as 'full'
hw/arm/mps2-tz.c: Add extra data parameter to MakeDevFn
hw/arm/mps2-tz.c: Mark internal-only I2C buses as 'full'
hw/arm/mps2.c: Mark internal-only I2C buses as 'full'
Richard Henderson (1):
target/arm: Merge disas_a64_insn into aarch64_tr_translate_insn
Shashi Mallela (9):
hw/intc: GICv3 ITS initial framework
hw/intc: GICv3 ITS register definitions added
hw/intc: GICv3 ITS command queue framework
hw/intc: GICv3 ITS Command processing
hw/intc: GICv3 ITS Feature enablement
hw/intc: GICv3 redistributor ITS processing
tests/data/acpi/virt: Add IORT files for ITS
hw/arm/virt: add ITS support in virt GIC
tests/data/acpi/virt: Update IORT files for ITS
docs/system/arm/nuvoton.rst|1 +
hw/intc/gicv3_internal.h | 188 -
include/hw/arm/virt.h |2 +
include/hw/intc/arm_gicv3_common.h | 13 +
include/hw/intc/arm_gicv3_its_common.h | 32 +-
include/hw/qdev-core.h | 24 +
target/arm/cpu.h |1 +
target/arm/kvm_arm.h |4 +-
target/arm/syndrome.h |5 +
target/arm/translate.h |2 +
hw/arm/mps2-tz.c | 92 ++-
hw/arm/mps2.c | 12 +-
hw/arm/npcm7xx_boards.c| 34 +
hw/arm/virt.c | 29 +-
hw/char/cadence_uart.c | 61 +-
hw/intc/arm_gicv3.c| 14 +
hw/intc/arm_gicv3_common.c | 13 +
hw/intc/arm_gicv3_cpuif.c |7 +-
hw/intc/arm_gicv3_dist.c |5 +-
hw/intc/arm_gicv3_its.c| 1322
hw/intc/arm_gicv3_its_common.c |7 +-
hw/intc/arm_gicv3_its_kvm.c|2 +-
hw/intc/arm_gicv3_redist.c | 153 +++-
hw/misc/zynq_slcr.c| 31 +-
softmmu/qdev-monitor.c |7 +-
target/arm/helper-a64.c|1 +
target/arm/helper.c|8 +
target/arm/kvm.c |7 +-
target/arm/translate-a64.c | 255 +++---
target/arm/translate.c | 21 +
hw/intc/meson.build|1 +
tests/data/acpi/virt/IORT | Bin 0 -> 124 bytes
tests/data/acpi/virt/IORT.memhp| Bin 0 -> 124 bytes
tests/data/acpi/virt/IORT.numamem | Bin 0 -> 124 bytes
tests/data/acpi/virt/IORT.pxb | Bin 0 -> 124 bytes
35 files changed, 2144 insertions(+), 210 deletions(-)
create mode 100644 hw/intc/arm_gicv3_its.c
create mode 100644 tests/data/acpi/virt/IORT
create mode 100644 tests/data/acpi/virt/IORT.memhp
create mode 100644 tests/data/acpi/virt/IORT.numamem
create mode 100644 tests/data/acpi/virt/IORT.pxb
