RE: [PATCH v10 7/7] Versal: Connect DWC3 controller with virt-versal

[Sai Pavan Boddu]

Hi Edgar,

> -Original Message-
> From: Edgar E. Iglesias 
> Sent: Saturday, September 26, 2020 12:10 AM
> To: Sai Pavan Boddu 
> Cc: Peter Maydell ; Markus Armbruster
> ; 'Marc-André Lureau'
> ; Paolo Bonzini ;
> Gerd Hoffmann ; Edgar Iglesias ;
> Francisco Eduardo Iglesias ; qemu-devel@nongnu.org;
> Alistair Francis ; Eduardo Habkost
> ; Ying Fang ; 'Philippe
> Mathieu-Daudé' ; Vikram Garhwal
> ; Paul Zimmerman ; Sai Pavan
> Boddu 
> Subject: Re: [PATCH v10 7/7] Versal: Connect DWC3 controller with virt-versal
> 
> On Thu, Sep 24, 2020 at 07:50:56PM +0530, Sai Pavan Boddu wrote:
> > From: Vikram Garhwal 
> >
> > Connect dwc3 controller and usb2-reg module to xlnx-versal SOC, its
> > placed in iou of lpd domain and configure it as dual port host
> > controller. Add the respective guest dts nodes for "xlnx-versal-virt"
> machine.
> 
> Hi Sai,
> 
> One minor comment inline.
> 
> And a question, could you please post an example command-line for this?
[Sai Pavan Boddu] Below is the command to plug a usb storage device on qemu 
command line

-device usb-storage,bus=usb-bus.0,port=1,drive=usb-stick -drive 
file=./usb-stick.img,id=usb-stick


> 
> 
> >
> > Signed-off-by: Vikram Garhwal 
> > Signed-off-by: Sai Pavan Boddu 
> > ---
> >  hw/arm/xlnx-versal-virt.c| 58
> 
> >  hw/arm/xlnx-versal.c | 34 ++
> >  include/hw/arm/xlnx-versal.h | 14 +++
> >  3 files changed, 106 insertions(+)
> >
> > diff --git a/hw/arm/xlnx-versal-virt.c b/hw/arm/xlnx-versal-virt.c
> > index 03e2320..f0ac5ba 100644
> > --- a/hw/arm/xlnx-versal-virt.c
> > +++ b/hw/arm/xlnx-versal-virt.c
> > @@ -39,6 +39,8 @@ struct VersalVirt {
> >  uint32_t ethernet_phy[2];
> >  uint32_t clk_125Mhz;
> >  uint32_t clk_25Mhz;
> > +uint32_t usb;
> > +uint32_t dwc;
> >  } phandle;
> >  struct arm_boot_info binfo;
> >
> > @@ -66,6 +68,8 @@ static void fdt_create(VersalVirt *s)
> >  s->phandle.clk_25Mhz = qemu_fdt_alloc_phandle(s->fdt);
> >  s->phandle.clk_125Mhz = qemu_fdt_alloc_phandle(s->fdt);
> >
> > +s->phandle.usb = qemu_fdt_alloc_phandle(s->fdt);
> > +s->phandle.dwc = qemu_fdt_alloc_phandle(s->fdt);
> >  /* Create /chosen node for load_dtb.  */
> >  qemu_fdt_add_subnode(s->fdt, "/chosen");
> >
> > @@ -148,6 +152,59 @@ static void fdt_add_timer_nodes(VersalVirt *s)
> >   compat, sizeof(compat));  }
> >
> > +static void fdt_add_usb_xhci_nodes(VersalVirt *s) {
> > +const char clocknames[] = "bus_clk\0ref_clk";
> > +char *name = g_strdup_printf("/usb@%" PRIx32,
> MM_USB2_CTRL_REGS);
> > +const char compat[] = "xlnx,versal-dwc3";
> > +
> > +qemu_fdt_add_subnode(s->fdt, name);
> > +qemu_fdt_setprop(s->fdt, name, "compatible",
> > + compat, sizeof(compat));
> > +qemu_fdt_setprop_sized_cells(s->fdt, name, "reg",
> > + 2, MM_USB2_CTRL_REGS,
> > + 2, MM_USB2_CTRL_REGS_SIZE);
> > +qemu_fdt_setprop(s->fdt, name, "clock-names",
> > + clocknames, sizeof(clocknames));
> > +qemu_fdt_setprop_cells(s->fdt, name, "clocks",
> > +   s->phandle.clk_25Mhz, 
> > s->phandle.clk_125Mhz);
> > +qemu_fdt_setprop(s->fdt, name, "ranges", NULL, 0);
> > +qemu_fdt_setprop_cell(s->fdt, name, "#address-cells", 2);
> > +qemu_fdt_setprop_cell(s->fdt, name, "#size-cells", 2);
> > +qemu_fdt_setprop_cell(s->fdt, name, "phandle", s->phandle.usb);
> > +g_free(name);
> > +
> > +{
> > +const char irq_name[] = "dwc_usb3";
> > +const char compat[] = "snps,dwc3";
> > +
> > +name = g_strdup_printf("/usb@%" PRIx32 "/dwc3@%" PRIx32,
> > +   MM_USB2_CTRL_REGS, MM_USB_XHCI_0);
> > +qemu_fdt_add_subnode(s->fdt, name);
> > +qemu_fdt_setprop(s->fdt, name, "compatible",
> > + compat, sizeof(compat));
> > +qemu_fdt_setprop_sized_cells(s->fdt, name, "reg",
> > + 2, MM_USB_XHCI_0, 2, 
> > MM_USB_XHCI_0_SIZE);
> > +qemu_fdt_setprop(s->fdt, name, "interrupt-names",
> > + irq_name, sizeof(irq_name));
> > +qemu_fdt_setprop_cells(s->fdt, name, "interrupts",
> > +   GIC_FDT_IRQ_TYPE_SPI, VERSAL_USB0_IRQ_0,
> > +   GIC_FDT_IRQ_FLAGS_LEVEL_HI);
> > +qemu_fdt_setprop_cell(s->fdt, name,
> > +  "snps,quirk-frame-length-adjustment", 0x20);
> > +qemu_fdt_setprop_cells(s->fdt, name, "#stream-id-cells", 1);
> > +qemu_fdt_setprop_string(s->fdt, name, "dr_mode", "host");
> > +qemu_fdt_setprop_string(s->fdt, name, "phy-names", "usb3-phy");
> > +qemu_fdt_setprop(s->fdt, name, "snps,dis_u2_susphy_quirk", NULL,
> 0);
> > +qemu_fdt_setprop(s->fdt, 

[PATCH 2/2] aspeed: Add support for the g220a-bmc board

[John Wang]

G220A is a 2 socket x86 motherboard supported by OpenBMC.
Strapping configuration was obtained from hardware.

Signed-off-by: John Wang 
---
 hw/arm/aspeed.c | 60 +
 1 file changed, 60 insertions(+)

diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
index bdb981d2f8..04c8ad2bcd 100644
--- a/hw/arm/aspeed.c
+++ b/hw/arm/aspeed.c
@@ -120,6 +120,20 @@ struct AspeedMachineState {
 SCU_AST2500_HW_STRAP_ACPI_ENABLE |  \
 SCU_HW_STRAP_SPI_MODE(SCU_HW_STRAP_SPI_MASTER))
 
+#define G220A_BMC_HW_STRAP1 (  \
+SCU_AST2500_HW_STRAP_SPI_AUTOFETCH_ENABLE | \
+SCU_AST2500_HW_STRAP_GPIO_STRAP_ENABLE |\
+SCU_AST2500_HW_STRAP_UART_DEBUG |   \
+SCU_AST2500_HW_STRAP_RESERVED28 |   \
+SCU_AST2500_HW_STRAP_DDR4_ENABLE |  \
+SCU_HW_STRAP_2ND_BOOT_WDT | \
+SCU_HW_STRAP_VGA_CLASS_CODE |   \
+SCU_HW_STRAP_LPC_RESET_PIN |\
+SCU_HW_STRAP_SPI_MODE(SCU_HW_STRAP_SPI_MASTER) |\
+SCU_AST2500_HW_STRAP_SET_AXI_AHB_RATIO(AXI_AHB_RATIO_2_1) | \
+SCU_HW_STRAP_VGA_SIZE_SET(VGA_64M_DRAM) |   \
+SCU_AST2500_HW_STRAP_RESERVED1)
+
 /* Witherspoon hardware value: 0xF10AD216 (but use romulus definition) */
 #define WITHERSPOON_BMC_HW_STRAP1 ROMULUS_BMC_HW_STRAP1
 
@@ -559,6 +573,30 @@ static void witherspoon_bmc_i2c_init(AspeedMachineState 
*bmc)
 /* Bus 11: TODO ucd90160@64 */
 }
 
+static void g220a_bmc_i2c_init(AspeedMachineState *bmc)
+{
+AspeedSoCState *soc = >soc;
+DeviceState *dev;
+
+dev = DEVICE(i2c_slave_create_simple(aspeed_i2c_get_bus(>i2c, 3),
+ "emc1413", 0x4c));
+object_property_set_int(OBJECT(dev), "temperature0", 31000, _abort);
+object_property_set_int(OBJECT(dev), "temperature1", 28000, _abort);
+object_property_set_int(OBJECT(dev), "temperature2", 2, _abort);
+
+dev = DEVICE(i2c_slave_create_simple(aspeed_i2c_get_bus(>i2c, 12),
+ "emc1413", 0x4c));
+object_property_set_int(OBJECT(dev), "temperature0", 31000, _abort);
+object_property_set_int(OBJECT(dev), "temperature1", 28000, _abort);
+object_property_set_int(OBJECT(dev), "temperature2", 2, _abort);
+
+dev = DEVICE(i2c_slave_create_simple(aspeed_i2c_get_bus(>i2c, 13),
+ "emc1413", 0x4c));
+object_property_set_int(OBJECT(dev), "temperature0", 31000, _abort);
+object_property_set_int(OBJECT(dev), "temperature1", 28000, _abort);
+object_property_set_int(OBJECT(dev), "temperature2", 2, _abort);
+}
+
 static bool aspeed_get_mmio_exec(Object *obj, Error **errp)
 {
 return ASPEED_MACHINE(obj)->mmio_exec;
@@ -798,6 +836,24 @@ static void aspeed_machine_tacoma_class_init(ObjectClass 
*oc, void *data)
 aspeed_soc_num_cpus(amc->soc_name);
 };
 
+static void aspeed_machine_g220a_class_init(ObjectClass *oc, void *data)
+{
+MachineClass *mc = MACHINE_CLASS(oc);
+AspeedMachineClass *amc = ASPEED_MACHINE_CLASS(oc);
+
+mc->desc   = "Bytedance G220A BMC (ARM1176)";
+amc->soc_name  = "ast2500-a1";
+amc->hw_strap1 = G220A_BMC_HW_STRAP1;
+amc->fmc_model = "n25q512a";
+amc->spi_model = "mx25l25635e";
+amc->num_cs= 2;
+amc->macs_mask  = ASPEED_MAC1_ON | ASPEED_MAC2_ON;
+amc->i2c_init  = g220a_bmc_i2c_init;
+mc->default_ram_size = 1024 * MiB;
+mc->default_cpus = mc->min_cpus = mc->max_cpus =
+aspeed_soc_num_cpus(amc->soc_name);
+};
+
 static const TypeInfo aspeed_machine_types[] = {
 {
 .name  = MACHINE_TYPE_NAME("palmetto-bmc"),
@@ -835,6 +891,10 @@ static const TypeInfo aspeed_machine_types[] = {
 .name  = MACHINE_TYPE_NAME("tacoma-bmc"),
 .parent= TYPE_ASPEED_MACHINE,
 .class_init= aspeed_machine_tacoma_class_init,
+}, {
+.name  = MACHINE_TYPE_NAME("g220a-bmc"),
+.parent= TYPE_ASPEED_MACHINE,
+.class_init= aspeed_machine_g220a_class_init,
 }, {
 .name  = TYPE_ASPEED_MACHINE,
 .parent= TYPE_MACHINE,
-- 
2.25.1

[PATCH 1/2] hw/misc: add an EMC141{3,4} device model

[John Wang]

Largely inspired by the TMP423 temperature sensor, here is a model for
the EMC1413 temperature sensors.

Specs can be found here :
  https://pdf1.alldatasheet.com/datasheet-pdf/view/533713/SMSC/EMC1413.html

Signed-off-by: John Wang 
---
 hw/arm/Kconfig  |   1 +
 hw/misc/Kconfig |   4 +
 hw/misc/emc1413.c   | 309 
 hw/misc/meson.build |   1 +
 4 files changed, 315 insertions(+)
 create mode 100644 hw/misc/emc1413.c

diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index f303c6bead..8801ada145 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -402,6 +402,7 @@ config ASPEED_SOC
 select SSI_M25P80
 select TMP105
 select TMP421
+select EMC1413
 select UNIMP
 
 config MPS2
diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index 3185456110..91badf2d4d 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -13,6 +13,10 @@ config TMP421
 bool
 depends on I2C
 
+config EMC1413
+bool
+depends on I2C
+
 config ISA_DEBUG
 bool
 depends on ISA_BUS
diff --git a/hw/misc/emc1413.c b/hw/misc/emc1413.c
new file mode 100644
index 00..2430c3f074
--- /dev/null
+++ b/hw/misc/emc1413.c
@@ -0,0 +1,309 @@
+/*
+ * SMSC EMC1413 temperature sensor.
+ *
+ * Copyright (c) 2020 Bytedance Corporation
+ * Written by John Wang 
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 or
+ * (at your option) version 3 of the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "hw/i2c/i2c.h"
+#include "migration/vmstate.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "qemu/module.h"
+#include "qom/object.h"
+
+#define DEVICE_ID_REG0xfd
+#define MANUFACTURER_ID_REG  0xfe
+#define REVISION_REG 0xff
+#define EMC1413_DEVICE_ID0x21
+#define EMC1414_DEVICE_ID0x25
+
+typedef struct DeviceInfo {
+uint8_t model;
+const char *name;
+} DeviceInfo;
+
+static const DeviceInfo devices[] = {
+{ EMC1413_DEVICE_ID, "emc1413" },
+{ EMC1414_DEVICE_ID, "emc1414" },
+};
+
+struct EMC1413State {
+I2CSlave i2c;
+uint8_t temperature[4];
+uint8_t min[4];
+uint8_t max[4];
+uint8_t len;
+uint8_t data;
+uint8_t pointer;
+
+};
+
+struct EMC1413Class {
+I2CSlaveClass parent_class;
+DeviceInfo *dev;
+};
+
+#define TYPE_EMC1413 "emc1413-generic"
+OBJECT_DECLARE_TYPE(EMC1413State, EMC1413Class, EMC1413)
+
+
+/* the EMC1413 registers */
+#define EMC1413_TEMP_HIGH0   0x00
+#define EMC1413_TEMP_HIGH1   0x01
+#define EMC1413_TEMP_HIGH2   0x23
+#define EMC1413_TEMP_HIGH3   0x2a
+#define EMC1413_TEMP_MAX_HIGH0   0x05
+#define EMC1413_TEMP_MIN_HIGH0   0x06
+#define EMC1413_TEMP_MAX_HIGH1   0x07
+#define EMC1413_TEMP_MIN_HIGH1   0x08
+#define EMC1413_TEMP_MAX_HIGH2   0x15
+#define EMC1413_TEMP_MIN_HIGH2   0x16
+#define EMC1413_TEMP_MAX_HIGH3   0x2c
+#define EMC1413_TEMP_MIN_HIGH3   0x2d
+
+static void emc1413_get_temperature(Object *obj, Visitor *v, const char *name,
+   void *opaque, Error **errp)
+{
+EMC1413State *s = EMC1413(obj);
+int64_t value;
+int tempid;
+
+if (sscanf(name, "temperature%d", ) != 1) {
+error_setg(errp, "error reading %s: %s", name, g_strerror(errno));
+return;
+}
+
+if (tempid >= 4 || tempid < 0) {
+error_setg(errp, "error reading %s", name);
+return;
+}
+
+value = s->temperature[tempid] * 1000;
+
+visit_type_int(v, name, , errp);
+}
+
+static void emc1413_set_temperature(Object *obj, Visitor *v, const char *name,
+   void *opaque, Error **errp)
+{
+EMC1413State *s = EMC1413(obj);
+int64_t temp;
+int tempid;
+
+if (!visit_type_int(v, name, , errp)) {
+return;
+}
+
+if (sscanf(name, "temperature%d", ) != 1) {
+error_setg(errp, "error reading %s: %s", name, g_strerror(errno));
+return;
+}
+
+if (tempid >= 4 || tempid < 0) {
+error_setg(errp, "error reading %s", name);
+return;
+}
+
+s->temperature[tempid] = temp / 1000;
+}
+
+struct emc1413_reg {
+uint8_t addr;
+uint8_t *data;
+};
+
+static void emc1413_read(EMC1413State *s)
+{
+EMC1413Class *sc = EMC1413_GET_CLASS(s);
+uint8_t smsc_manufacturer_id = 0x5d;
+uint8_t revision = 0x04;
+

Re: [External] Re: [PATCH] aspeed: Add support for the g220a-bmc board

[John Wang]

On Mon, Sep 28, 2020 at 6:11 PM Cédric Le Goater  wrote:
>
> >> Isn't it possible to add some default I2C devices ? temperature sensors ?
> >
> > hmm, G220A BMC uses emc1413 as the temperature sensor. I can not find
> > it in qemu.
>
> Could it be compatible with the tm105 or TM421 ?

It isn't, I think. but I try to model an emc1413, so I will send a patchset :)

>
> > I can't find an i2c chip that qemu has and that the g220a uses. :(
>
> Try to model them ! :)

Yes!

>
> Thanks,
>
> C.

Re: [RFC 0/3] QEMU as IPMI BMC emulator

[Cédric Le Goater]

On 9/29/20 2:39 AM, Havard Skinnemoen wrote:
> This series briefly documents the existing IPMI device support for main
> processor emulation, and goes on to propose a similar device structure to
> emulate IPMI responder devices in BMC machines. This would allow a qemu
> instance running BMC firmware to serve as an external BMC for a qemu instance
> running server software.

Great idea ! 

I started working on this topic some years ago with the QEMU PowerNV machine 
and the Aspeed machine. They can communicate over network with this iBT device 
patch :

  
https://github.com/legoater/qemu/commit/3677ee52f75065b0f65f36382a62f080ac74d683

This is good enough for the IPMI needs of OpenPOWER systems but the overall
system lacks a few bus. An important one being the LPC bus which we use for 
PNOR mappings.

So, we added a little PNOR device in the QEMU PowerNV machine and mapped
its contents in the FW address space of the LPC bus. With the internal IPMI 
BMC simulator, it mimics well enough an OpenPOWER system from the host 
perspective.

All this to say, that if the goal is full system emulation, we should may 
be take another approach and work on the QEMU internals to run multiple 
architectures in the same QEMU binary. 

According to Peter, this is mostly a configure/build issue and cleanups
are needed to remove the assumptions that were done with single arch
binaries. A big task but not necessarily difficult. I will help for 
ARM and PPC ! 


Anyhow, the IPMI documentation you provided is good to have. 

Thanks,

C. 



> RFC only at this point because the series does not include actual code to
> implement this. I'd appreciate some initial feedback on
> 
> 1. Whether anyone else is interested in something like this.
> 2. Completeness (i.e. anything that could be explained in more detail in the
>docs).
> 3. Naming, and whether 'specs' is the right place to put this.
> 4. Whether it's OK to enable the blockdiag sphinx extension (if not, I'll just
>toss the block diagrams and turn the docs into walls of text).
> 
> If this seems reasonable, I'll start working with one of my team mates on
> implementing the common part, as well as the Nuvoton-specific responder 
> device.
> Possibly also an Aspeed device.
> 
> Havard Skinnemoen (3):
>   docs: enable sphinx blockdiag extension
>   docs/specs: IPMI device emulation: main processor
>   docs/specs: IPMI device emulation: BMC
> 
>  docs/conf.py |   5 +-
>  docs/specs/index.rst |   1 +
>  docs/specs/ipmi.rst  | 183 +++
>  3 files changed, 188 insertions(+), 1 deletion(-)
>  create mode 100644 docs/specs/ipmi.rst
> 

Re: [PATCH v6 06/21] qapi/machine.json: Escape a literal '*' in doc comment

[Markus Armbruster]

Peter Maydell  writes:

> For rST, '*' is a kind of inline markup (for emphasis), so
> "*-softmmu" is a syntax error because of the missing closing '*'.
> Escape the '*' with a '\'.
>
> The texinfo document generator will leave the '\' in the
> output, which is not ideal, but that generator is going to
> go away in a subsequent commit.

Yes, in PATCH 09.  Tolerable.

> Reviewed-by: Richard Henderson 
> Signed-off-by: Peter Maydell 
> ---
>  qapi/machine.json | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/qapi/machine.json b/qapi/machine.json
> index 0ac1880e4a4..9c45b04363c 100644
> --- a/qapi/machine.json
> +++ b/qapi/machine.json
> @@ -13,7 +13,7 @@
>  #
>  # The comprehensive enumeration of QEMU system emulation ("softmmu")
>  # targets. Run "./configure --help" in the project root directory, and
> -# look for the *-softmmu targets near the "--target-list" option. The
> +# look for the \*-softmmu targets near the "--target-list" option. The
>  # individual target constants are not documented here, for the time
>  # being.
>  #

A better markup might be 

# The comprehensive enumeration of QEMU system emulation ("softmmu")
# targets. Run ``./configure --help`` in the project root directory, and
# look for the ``*-softmmu`` targets near the ``--target-list``
# option. The individual target constants are not documented here, for
# the time being.

But that should be done systematically, not just here, which makes it
worse than your patch at this point of the conversion.

Reviewed-by: Markus Armbruster 

Re: [PATCH v3 31/47] qapi/gen.py: Fix edge-case of _is_user_module

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:44PM -0400, John Snow wrote:
> The edge case is that if the name is '', this expression returns a
> string instead of a bool, which violates our declared type.
> 
> Signed-off-by: John Snow 

Reviewed-by: Cleber Rosa 


signature.asc
Description: PGP signature

Re: [PATCH v3 29/47] qapi/source.py: add type hint annotations

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:42PM -0400, John Snow wrote:
> Annotations do not change runtime behavior.
> This commit *only* adds annotations.
> 
> Signed-off-by: John Snow 
> Reviewed-by: Eduardo Habkost 

Reviewed-by: Cleber Rosa 
Tested-by: Cleber Rosa 


signature.asc
Description: PGP signature

Re: [PATCH v3 23/47] qapi: establish mypy type-checking baseline

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:36PM -0400, John Snow wrote:
> Fix two very minor issues, and then establish a mypy type-checking
> baseline.
> 
> Like pylint, this should be run from the folder above:
> 
>  > mypy --config-file=qapi/mypy.ini qapi/
> 
> This is designed and tested for mypy 0.770 or greater.
> 
> Signed-off-by: John Snow 
> Tested-by: Eduardo Habkost 

Reviewed-by: Cleber Rosa 
Tested-by: Cleber Rosa 


signature.asc
Description: PGP signature

Re: [PATCH v3 12/47] qapi: enforce import order/styling with isort

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:25PM -0400, John Snow wrote:
> While we're mucking around with imports, we might as well formalize the
> style we use. Let's use isort to do it for us.
> 
> force_sort_within_sections: Intermingles "from x" and "import x" style
> statements, such that sorting is always performed strictly on the module
> name itself.
> 
> force_grid_wrap=4: Four or more imports from a single module will force
> the one-per-line style that's more git-friendly. This will generally
> happen for 'typing' imports.
> 
> multi_line_output=3: Uses the one-per-line indented style for long
> imports.
> 
> include_trailing_comma: Adds a comma to the last import in a group,
> which makes git conflicts nicer to deal with, generally.
> 
> Suggested-by: Cleber Rosa 
> Signed-off-by: John Snow 

Reviewed-by: Cleber Rosa 
Tested-by: Cleber Rosa 


signature.asc
Description: PGP signature

Re: [PATCH v3 12/47] qapi: enforce import order/styling with isort

[Cleber Rosa]

On Mon, Sep 28, 2020 at 10:34:42AM -0400, John Snow wrote:
> On 9/28/20 8:13 AM, Markus Armbruster wrote:
> > PEP 8: "Surround top-level function and class definitions with two blank
> > lines."
> > 
> > [...]
> > 
> > 
> 
> Yep, but flake8 does not complain about the first definitions that occur
> below imports. Why not? I don't know.
> 
> Regardless, I can change it and fold the changes in; they won't affect much
> here.
> 

Well, on all of the cases here, it's not function or class definition
that follows, so that aspect of PEP 8 is not being violated.

- Cleber.


signature.asc
Description: PGP signature

Re: [PATCH 4/6 v3] KVM: VMX: Fill in conforming vmx_x86_ops via macro

[Sean Christopherson]

On Tue, Jul 28, 2020 at 12:10:48AM +, Krish Sadhukhan wrote:
> The names of some of the vmx_x86_ops functions do not have a corresponding
> 'vmx_' prefix. Generate the names using a macro so that the names are
> conformant. Fixing the naming will help in better readability and
> maintenance of the code.
> 
> Suggested-by: Vitaly Kuznetsov 
> Suggested-by: Paolo Bonzini 
> Signed-off-by: Sean Christopherson 
> Signed-off-by: Krish Sadhukhan 
> ---
>  arch/x86/kvm/vmx/nested.c |   2 +-
>  arch/x86/kvm/vmx/vmx.c| 234 
> +++---
>  arch/x86/kvm/vmx/vmx.h|   2 +-
>  3 files changed, 120 insertions(+), 118 deletions(-)
> 
> diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
> index d1af20b..a898b53 100644
> --- a/arch/x86/kvm/vmx/nested.c
> +++ b/arch/x86/kvm/vmx/nested.c
> @@ -3016,7 +3016,7 @@ static int nested_vmx_check_vmentry_hw(struct kvm_vcpu 
> *vcpu)
>  
>   preempt_disable();
>  
> - vmx_prepare_switch_to_guest(vcpu);
> + vmx_prepare_guest_switch(vcpu);

I very strongly prefer the VMX version, i.e. rename 
kvm_x86_ops.prepare_guest_switch()
instead of renamed vmx_prepare_switch_to_guest().  prepare_guest_switch() can be
misinterpreted as switching to a different guest, and 
vmx_prepare_switch_to_guest()
explicitly pairs with vmx_prepare_switch_to_host().

>  
>   /*
>* Induce a consistency check VMExit by clearing bit 1 in GUEST_RFLAGS,

Re: [PATCH 2/6 v3] KVM: SVM: Fill in conforming svm_x86_ops via macro

[Sean Christopherson]

On Tue, Jul 28, 2020 at 12:10:46AM +, Krish Sadhukhan wrote:
> The names of some of the svm_x86_ops functions do not have a corresponding
> 'svm_' prefix. Generate the names using a macro so that the names are
> conformant. Fixing the naming will help in better readability and
> maintenance of the code.

I'd probably prefer to split this into two patches, one to rename all the
functions and then the second to introduce the autofill macros.  Ditto for
VMX.

> Suggested-by: Vitaly Kuznetsov 
> Suggested-by: Paolo Bonzini 
> Signed-off-by: Sean Christopherson 

All of the patches with my SOB need

  Co-developed-by: Sean Christopherson 

> Signed-off-by: Krish Sadhukhan 
> ---

Re: [PATCH 1/6 v3] KVM: x86: Change names of some of the kvm_x86_ops functions to make them more semantical and readable

[Sean Christopherson]

This needs a changelog.

I would also split the non-x86 parts, i.e. the kvm_arch_* renames, to a
separate patch.

On Tue, Jul 28, 2020 at 12:10:45AM +, Krish Sadhukhan wrote:
> Suggested-by: Vitaly Kuznetsov 
> Suggested-by: Paolo Bonzini 
> Signed-off-by: Sean Christopherson 
> Signed-off-by: Krish Sadhukhan 
> ---
> @@ -4016,15 +4016,15 @@ static int svm_vm_init(struct kvm *kvm)
>   .tlb_flush_gva = svm_flush_tlb_gva,
>   .tlb_flush_guest = svm_flush_tlb,
>  
> - .run = svm_vcpu_run,
> + .vcpu_run = svm_vcpu_run,
>   .handle_exit = handle_exit,
>   .skip_emulated_instruction = skip_emulated_instruction,
>   .update_emulated_instruction = NULL,
>   .set_interrupt_shadow = svm_set_interrupt_shadow,
>   .get_interrupt_shadow = svm_get_interrupt_shadow,
>   .patch_hypercall = svm_patch_hypercall,
> - .set_irq = svm_set_irq,
> - .set_nmi = svm_inject_nmi,
> + .inject_irq = svm_set_irq,

I would strongly prefer these renames to be fully recursive within a single
patch, i.e. rename svm_set_irq() as well.

Ditto for the unsetup->teardown change.

> + .inject_nmi = svm_inject_nmi,
>   .queue_exception = svm_queue_exception,
>   .cancel_injection = svm_cancel_injection,
>   .interrupt_allowed = svm_interrupt_allowed,
> @@ -4080,8 +4080,8 @@ static int svm_vm_init(struct kvm *kvm)
>   .enable_smi_window = enable_smi_window,
>  
>   .mem_enc_op = svm_mem_enc_op,
> - .mem_enc_reg_region = svm_register_enc_region,
> - .mem_enc_unreg_region = svm_unregister_enc_region,
> + .mem_enc_register_region = svm_register_enc_region,
> + .mem_enc_unregister_region = svm_unregister_enc_region,
>  
>   .need_emulation_on_page_fault = svm_need_emulation_on_page_fault,
>  

...

> diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
> index 4fdf303..cb6f153 100644
> --- a/include/uapi/linux/kvm.h
> +++ b/include/uapi/linux/kvm.h
> @@ -1469,15 +1469,15 @@ struct kvm_s390_ucas_mapping {
>  #define KVM_S390_GET_CMMA_BITS  _IOWR(KVMIO, 0xb8, struct 
> kvm_s390_cmma_log)
>  #define KVM_S390_SET_CMMA_BITS  _IOW(KVMIO, 0xb9, struct 
> kvm_s390_cmma_log)
>  /* Memory Encryption Commands */
> -#define KVM_MEMORY_ENCRYPT_OP  _IOWR(KVMIO, 0xba, unsigned long)
> +#define KVM_MEM_ENC_OP   _IOWR(KVMIO, 0xba, unsigned long)

Renaming macros in uapi headers will break userspace.

We could do

  #define KVM_MEMORY_ENCRYPT_OP KVM_MEM_ENC_OP

internally, but personally I think it would do more harm than good.

>  struct kvm_enc_region {
>   __u64 addr;
>   __u64 size;
>  };
>  
> -#define KVM_MEMORY_ENCRYPT_REG_REGION_IOR(KVMIO, 0xbb, struct 
> kvm_enc_region)
> -#define KVM_MEMORY_ENCRYPT_UNREG_REGION  _IOR(KVMIO, 0xbc, struct 
> kvm_enc_region)
> +#define KVM_MEM_ENC_REGISTER_REGION_IOR(KVMIO, 0xbb, struct 
> kvm_enc_region)
> +#define KVM_MEM_ENC_UNREGISTER_REGION  _IOR(KVMIO, 0xbc, struct 
> kvm_enc_region)
>  
>  /* Available with KVM_CAP_HYPERV_EVENTFD */
>  #define KVM_HYPERV_EVENTFD_IOW(KVMIO,  0xbd, struct 
> kvm_hyperv_eventfd)

Re: [PATCH v3 07/47] qapi-gen: Separate arg-parsing from generation

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:20PM -0400, John Snow wrote:
> This is a minor re-work of the entrypoint script. It isolates a
> generate() method from the actual command-line mechanism.
> 
> The regex match error checking was modified slightly to check that we
> actually got a regex match.
> 
> Signed-off-by: John Snow 
> Reviewed-by: Eduardo Habkost 

Reviewed-by: Cleber Rosa 
Tested-by: Cleber Rosa 


signature.asc
Description: PGP signature

Re: [PATCH v3 06/47] [DO-NOT-MERGE] docs: enable sphinx-autodoc for scripts/qapi

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:19PM -0400, John Snow wrote:
> Signed-off-by: John Snow 
> ---
>  docs/conf.py  |  6 +-
>  docs/devel/index.rst  |  1 +
>  docs/devel/python/index.rst   |  7 +++
>  docs/devel/python/qapi.commands.rst   |  7 +++
>  docs/devel/python/qapi.common.rst |  7 +++
>  docs/devel/python/qapi.doc.rst|  7 +++
>  docs/devel/python/qapi.error.rst  |  7 +++
>  docs/devel/python/qapi.events.rst |  7 +++
>  docs/devel/python/qapi.expr.rst   |  7 +++
>  docs/devel/python/qapi.gen.rst|  7 +++
>  docs/devel/python/qapi.introspect.rst |  7 +++
>  docs/devel/python/qapi.parser.rst |  8 
>  docs/devel/python/qapi.rst| 26 ++
>  docs/devel/python/qapi.schema.rst |  7 +++
>  docs/devel/python/qapi.source.rst |  7 +++
>  docs/devel/python/qapi.types.rst  |  7 +++
>  docs/devel/python/qapi.visit.rst  |  7 +++
>  17 files changed, 131 insertions(+), 1 deletion(-)
>  create mode 100644 docs/devel/python/index.rst
>  create mode 100644 docs/devel/python/qapi.commands.rst
>  create mode 100644 docs/devel/python/qapi.common.rst
>  create mode 100644 docs/devel/python/qapi.doc.rst
>  create mode 100644 docs/devel/python/qapi.error.rst
>  create mode 100644 docs/devel/python/qapi.events.rst
>  create mode 100644 docs/devel/python/qapi.expr.rst
>  create mode 100644 docs/devel/python/qapi.gen.rst
>  create mode 100644 docs/devel/python/qapi.introspect.rst
>  create mode 100644 docs/devel/python/qapi.parser.rst
>  create mode 100644 docs/devel/python/qapi.rst
>  create mode 100644 docs/devel/python/qapi.schema.rst
>  create mode 100644 docs/devel/python/qapi.source.rst
>  create mode 100644 docs/devel/python/qapi.types.rst
>  create mode 100644 docs/devel/python/qapi.visit.rst
> 
> diff --git a/docs/conf.py b/docs/conf.py
> index a68f616d5a..d03ef465a6 100644
> --- a/docs/conf.py
> +++ b/docs/conf.py
> @@ -54,6 +54,9 @@
>  #
>  sys.path.insert(0, os.path.join(qemu_docdir, "sphinx"))
>  
> +# Make scripts/qapi module available for autodoc
> +sys.path.insert(0, os.path.join(qemu_docdir, "../scripts"))
> +

Do I hear qapi asking to moved out of "scripts" and becoming more like
"python/qemu"?

>  
>  # -- General configuration 
>  
> @@ -67,7 +70,8 @@
>  # Add any Sphinx extension module names here, as strings. They can be
>  # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
>  # ones.
> -extensions = ['kerneldoc', 'qmp_lexer', 'hxtool', 'depfile']
> +extensions = ['kerneldoc', 'qmp_lexer', 'hxtool',
> +  'depfile', 'sphinx.ext.autodoc']
>  
>  # Add any paths that contain templates here, relative to this directory.
>  templates_path = ['_templates']
> diff --git a/docs/devel/index.rst b/docs/devel/index.rst
> index 04773ce076..04726ca787 100644
> --- a/docs/devel/index.rst
> +++ b/docs/devel/index.rst
> @@ -31,3 +31,4 @@ Contents:
> reset
> s390-dasd-ipl
> clocks
> +   python/index
> diff --git a/docs/devel/python/index.rst b/docs/devel/python/index.rst
> new file mode 100644
> index 00..31c470154b
> --- /dev/null
> +++ b/docs/devel/python/index.rst
> @@ -0,0 +1,7 @@
> +qapi
> +
> +
> +.. toctree::
> +   :maxdepth: 4
> +
> +   qapi
> diff --git a/docs/devel/python/qapi.commands.rst 
> b/docs/devel/python/qapi.commands.rst
> new file mode 100644
> index 00..018f7b08a9
> --- /dev/null
> +++ b/docs/devel/python/qapi.commands.rst
> @@ -0,0 +1,7 @@
> +qapi.commands module
> +
> +
> +.. automodule:: qapi.commands
> +   :members:
> +   :undoc-members:
> +   :show-inheritance:
> diff --git a/docs/devel/python/qapi.common.rst 
> b/docs/devel/python/qapi.common.rst
> new file mode 100644
> index 00..128a90d74b
> --- /dev/null
> +++ b/docs/devel/python/qapi.common.rst
> @@ -0,0 +1,7 @@
> +qapi.common module
> +==
> +
> +.. automodule:: qapi.common
> +   :members:
> +   :undoc-members:
> +   :show-inheritance:
> diff --git a/docs/devel/python/qapi.doc.rst b/docs/devel/python/qapi.doc.rst
> new file mode 100644
> index 00..556c2bca1f
> --- /dev/null
> +++ b/docs/devel/python/qapi.doc.rst
> @@ -0,0 +1,7 @@
> +qapi.doc module
> +===
> +
> +.. automodule:: qapi.doc
> +   :members:
> +   :undoc-members:
> +   :show-inheritance:
> diff --git a/docs/devel/python/qapi.error.rst 
> b/docs/devel/python/qapi.error.rst
> new file mode 100644
> index 00..980e32b63d
> --- /dev/null
> +++ b/docs/devel/python/qapi.error.rst
> @@ -0,0 +1,7 @@
> +qapi.error module
> +=
> +
> +.. automodule:: qapi.error
> +   :members:
> +   :undoc-members:
> +   :show-inheritance:
> diff --git a/docs/devel/python/qapi.events.rst 
> b/docs/devel/python/qapi.events.rst
> new file mode 100644
> index 00..1fce85b044
> --- /dev/null
> +++ 

Re: [PATCH v3 05/47] qapi/doc.py: Change code templates from function to string

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:18PM -0400, John Snow wrote:
> For whatever reason, when these are stored as functions instead of
> strings, it confuses sphinx-autodoc into believing them to be
> docstrings, and it chokes on the syntax.
>

Interesting...

> Keeping them as dumb strings instead avoids the problem.
>

I actually think it's a more honest approach, and easier to read.

> Signed-off-by: John Snow 
> ---
>  scripts/qapi/doc.py | 40 
>  1 file changed, 20 insertions(+), 20 deletions(-)
> 
> diff --git a/scripts/qapi/doc.py b/scripts/qapi/doc.py
> index c41e9d29f5..d12eda9e1e 100644
> --- a/scripts/qapi/doc.py
> +++ b/scripts/qapi/doc.py
> @@ -8,26 +8,26 @@
>  from qapi.gen import QAPIGenDoc, QAPISchemaVisitor
>  
>  
> -MSG_FMT = """
> +_MSG = '''
>  @deftypefn {type} {{}} {name}
>  
>  {body}{members}{features}{sections}
>  @end deftypefn
>  
> -""".format
> +'''
>

I know it doesn't make syntactic difference, but is there a reson for
also changing the quote style?

- Cleber.


signature.asc
Description: PGP signature

Re: [PATCH v1 1/3] i386: Remove the limitation of IP payloads for Intel PT

[Eduardo Habkost]

On Tue, Sep 29, 2020 at 02:28:48AM +, Kang, Luwei wrote:
> > > >  No, it's not possible.  KVM doesn't have a say on what the
> > > >  processor writes in the tracing packets.
> > > > >>> Can KVM refuse to enable packet generation if CSbase is not zero
> > > > >>> and CPUID.(EAX=14H,ECX=0)[bit 31] seen by guest is different from
> > host?
> > > > >>
> > > > >> Yes, but the processor could change operating mode (and hence
> > > > >> CSbase) while tracing is active.  This is very unlikely, since it
> > > > >> would require nonzero CS-base and a 32-bit host, but in principle
> > > > >> not impossible (could be a firmware call, for example).
> > > > >>
> > > > >> The only solution is for KVM to accept both, and for QEMU to
> > > > >> refuse a setting that does not match the host.
> > > > >>
> > > > >
> > > > > So I need to add a patch in KVM to disabled the Intel PT when the
> > > > > CSbase is not zero and the guest LIP different from the host. And
> > > > > this limitation in qemu (disabled the PT when LIP is enabled in
> > > > > the host) can be remove. Is that right?
> > > >
> > > > No, if a feature cannot be emulated, that means it cannot be enabled
> > > > unless it matches the host.  That's generally not a problem since
> > > > Intel PT is usually used only with "-cpu host".
> > > >
> > >
> > > The limitation of LIP in qemu will mask off the Intel PT in KVM guest
> > > even with "-cpu host". e.g. This bit will be set in SnowRidge HW and
> > > later.
> > 
> > This behavior can and should be changed.
> > 
> > >
> > > How about "-cpu cpu_model, +intel-pt" use case? The current value of
> > > Intel PT CPUID is a constant. Can we make the ICX CPUID as basic
> > > inforation(LIP is 0) and using "+intel-pt-lip"
> > > to make Intel PT work on the CPU which LIP is 1 on the host? As you
> > > mentioned before, Intel PT cannot be enabled in guest unless it
> > > matches the host.
> > 
> > This makes sense, but you can also make each CPU model set a default for the
> > LIP bit.  "-cpu SnowRidge,+intel-pt" could set
> > LIP=1 by default.
> 
> I have a question on how to set LIP=1 in SnowRidge by default. 
> 1. Set LIP in "builtin_x86_defs[]" SnowRidge CPU model. The LIP included in 
> CPUID.(eax=14x,ecx=0)ecx[bit31] and a new leaf needs to be added.
> 2. Checking the CPU model in the later software flow and set the LIP bit if 
> the CPU model is Snowridge. And we also need to add more CPU model's checking 
> for new CPUs.
> 
> What is your opinion?
> 

1 is preferred.  Any CPU-model-specific data should be
represented as data inside builtin_x86_defs, not code.

-- 
Eduardo

Re: [PATCH v3 04/47] qapi: modify docstrings to be sphinx-compatible

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:17PM -0400, John Snow wrote:
> I did not say "sphinx beautiful", just "sphinx compatible". They will
> not throw errors when parsed and interpreted as ReST.
> 
> Signed-off-by: John Snow 
> ---
>  scripts/qapi/doc.py| 10 +-
>  scripts/qapi/gen.py|  6 --
>  scripts/qapi/parser.py |  9 +
>  3 files changed, 14 insertions(+), 11 deletions(-)
> 
> diff --git a/scripts/qapi/doc.py b/scripts/qapi/doc.py
> index 92f584edcf..c41e9d29f5 100644
> --- a/scripts/qapi/doc.py
> +++ b/scripts/qapi/doc.py
> @@ -65,11 +65,11 @@ def texi_format(doc):
>  Format documentation
>  
>  Lines starting with:
> -- |: generates an @example
> -- =: generates @section
> -- ==: generates @subsection
> -- 1. or 1): generates an @enumerate @item
> -- */-: generates an @itemize list
> +- ``|:`` generates an @example
> +- ``=:`` generates @section
> +- ``==:`` generates @subsection
> +- ``1.`` or ``1):`` generates an @enumerate @item
> +- ``*/-:`` generates an @itemize list
>  """
>  ret = ''
>  doc = subst_braces(doc)
> diff --git a/scripts/qapi/gen.py b/scripts/qapi/gen.py
> index bf5552a4e7..3d25a8cff4 100644
> --- a/scripts/qapi/gen.py
> +++ b/scripts/qapi/gen.py
> @@ -154,9 +154,11 @@ def _bottom(self):
>  
>  @contextmanager
>  def ifcontext(ifcond, *args):
> -"""A 'with' statement context manager to wrap with start_if()/end_if()
> +"""
> +A 'with' statement context manager to wrap with start_if()/end_if()
>  

If you're making it compatible, why not take the time to give
backticks to start_if and end_if?

Bonus points for setting the "meth" role, but not lost points for not
doing it, as I understand this is beyond what you're attempting at
this time.

> -*args: any number of QAPIGenCCode
> +:param ifcond: List of conditionals
> +:param args: any number of QAPIGenCCode
>  

I would argue that this is not a strict sphinx compatibility change,
but a fix to a broken docstring.

- Cleber.


signature.asc
Description: PGP signature

[PATCH v2 0/2] migration/dirtyrate: optimizations for showing of querying dirtyrate

[Chuan Zheng]

This series include two optimizations showing of dirtyrate against v1
1) show start_time and calc_time when query while at the measuring state
2) do not show dirtyrate when measuring is not finished

Chuan Zheng (2):
  migration/dirtyrate: record start_time and calc_time while at the
measuring state
  migration/dirtyrate: present dirty rate only when querying the rate
has completed

 migration/dirtyrate.c | 16 ++--
 qapi/migration.json   |  8 +++-
 2 files changed, 13 insertions(+), 11 deletions(-)

-- 
1.8.3.1

Re: [PATCH v3 03/47] [DO-NOT-MERGE] docs/sphinx: change default role to "any"

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:16PM -0400, John Snow wrote:
> Signed-off-by: John Snow 
> ---
>  docs/conf.py | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/docs/conf.py b/docs/conf.py
> index 0dbd90dc11..a68f616d5a 100644
> --- a/docs/conf.py
> +++ b/docs/conf.py
> @@ -81,6 +81,9 @@
>  # The master toctree document.
>  master_doc = 'index'
>  
> +# Interpret `this` to be a cross-reference to "anything".
> +default_role = 'any'
> +
>  # General information about the project.
>  project = u'QEMU'
>  copyright = u'2020, The QEMU Project Developers'
> -- 
> 2.26.2
> 

After this I get:

  qemu/docs/cpu-hotplug.rst:81: WARNING: 'any' reference target not found: 
query-cpus-fast

So I missed it during the review of the first patch ("docs: replace
single backtick (`) with double-backtick (``)").

- Cleber.


signature.asc
Description: PGP signature

[PATCH v2 2/2] migration/dirtyrate: present dirty rate only when querying the rate has completed

[Chuan Zheng]

Make dirty_rate field optional, present dirty rate only when querying
the rate has completed.
The qmp results is shown as follow:
@unstarted:
{"return":{"status":"unstarted","start-time":0,"calc-time":0},"id":"libvirt-12"}
@measuring:
{"return":{"status":"measuring","start-time":102931,"calc-time":1},"id":"libvirt-85"}
@measured:
{"return":{"status":"measured","dirty-rate":4,"start-time":150146,"calc-time":1},"id":"libvirt-15"}

Signed-off-by: Chuan Zheng 
Reviewed-by: David Edmondson 
---
 migration/dirtyrate.c | 3 +--
 qapi/migration.json   | 8 +++-
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/migration/dirtyrate.c b/migration/dirtyrate.c
index 40e41e7..ab9e130 100644
--- a/migration/dirtyrate.c
+++ b/migration/dirtyrate.c
@@ -69,9 +69,8 @@ static struct DirtyRateInfo *query_dirty_rate_info(void)
 struct DirtyRateInfo *info = g_malloc0(sizeof(DirtyRateInfo));
 
 if (qatomic_read() == DIRTY_RATE_STATUS_MEASURED) {
+info->has_dirty_rate = true;
 info->dirty_rate = dirty_rate;
-} else {
-info->dirty_rate = -1;
 }
 
 info->status = CalculatingState;
diff --git a/qapi/migration.json b/qapi/migration.json
index ce2216c..715c210 100644
--- a/qapi/migration.json
+++ b/qapi/migration.json
@@ -1743,10 +1743,8 @@
 #
 # Information about current dirty page rate of vm.
 #
-# @dirty-rate: @dirtyrate describing the dirty page rate of vm
-#  in units of MB/s.
-#  If this field returns '-1', it means querying has not
-#  yet started or completed.
+# @dirty-rate: an estimate of the dirty page rate of the VM in units of
+#  MB/s, present only when estimating the rate has completed.
 #
 # @status: status containing dirtyrate query status includes
 #  'unstarted' or 'measuring' or 'measured'
@@ -1759,7 +1757,7 @@
 #
 ##
 { 'struct': 'DirtyRateInfo',
-  'data': {'dirty-rate': 'int64',
+  'data': {'*dirty-rate': 'int64',
'status': 'DirtyRateStatus',
'start-time': 'int64',
'calc-time': 'int64'} }
-- 
1.8.3.1

[PATCH v2 1/2] migration/dirtyrate: record start_time and calc_time while at the measuring state

[Chuan Zheng]

Querying could include both the start-time and the calc-time while at the 
measuring
state, allowing a caller to determine when they should expect to come back 
looking
for a result.

Signed-off-by: Chuan Zheng 
---
 migration/dirtyrate.c | 13 +
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/migration/dirtyrate.c b/migration/dirtyrate.c
index 68577ef..40e41e7 100644
--- a/migration/dirtyrate.c
+++ b/migration/dirtyrate.c
@@ -83,14 +83,14 @@ static struct DirtyRateInfo *query_dirty_rate_info(void)
 return info;
 }
 
-static void reset_dirtyrate_stat(void)
+static void init_dirtyrate_stat(int64_t start_time, int64_t calc_time)
 {
 DirtyStat.total_dirty_samples = 0;
 DirtyStat.total_sample_count = 0;
 DirtyStat.total_block_mem_MB = 0;
 DirtyStat.dirty_rate = -1;
-DirtyStat.start_time = 0;
-DirtyStat.calc_time = 0;
+DirtyStat.start_time = start_time;
+DirtyStat.calc_time = calc_time;
 }
 
 static void update_dirtyrate_stat(struct RamblockDirtyInfo *info)
@@ -335,7 +335,6 @@ static void calculate_dirtyrate(struct DirtyRateConfig 
config)
 int64_t initial_time;
 
 rcu_register_thread();
-reset_dirtyrate_stat();
 rcu_read_lock();
 initial_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME);
 if (!record_ramblock_hash_info(_dinfo, config, _count)) {
@@ -365,6 +364,8 @@ void *get_dirtyrate_thread(void *arg)
 {
 struct DirtyRateConfig config = *(struct DirtyRateConfig *)arg;
 int ret;
+int64_t start_time;
+int64_t calc_time;
 
 ret = dirtyrate_set_state(, DIRTY_RATE_STATUS_UNSTARTED,
   DIRTY_RATE_STATUS_MEASURING);
@@ -373,6 +374,10 @@ void *get_dirtyrate_thread(void *arg)
 return NULL;
 }
 
+start_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME) / 1000;
+calc_time = config.sample_period_seconds;
+init_dirtyrate_stat(start_time, calc_time);
+
 calculate_dirtyrate(config);
 
 ret = dirtyrate_set_state(, DIRTY_RATE_STATUS_MEASURING,
-- 
1.8.3.1

PING: [PATCH 2/2] coroutine: take exactly one batch from global pool at a time

[王洪浩]

Hi, I'd like to know if there are any other problems with this patch,
or if there is a better implement to improve coroutine pool.

王洪浩  于2020年8月26日周三 下午2:06写道：

>
> The purpose of this patch is to improve performance without increasing
> memory consumption.
>
> My test case:
> QEMU command line arguments
> -drive file=/dev/nvme2n1p1,format=raw,if=none,id=local0,cache=none,aio=native 
> \
> -device virtio-blk,id=blk0,drive=local0,iothread=iothread0,num-queues=4 \
> -drive file=/dev/nvme3n1p1,format=raw,if=none,id=local1,cache=none,aio=native 
> \
> -device virtio-blk,id=blk1,drive=local1,iothread=iothread1,num-queues=4 \
>
> run these two fio jobs at the same time
> [job-vda]
> filename=/dev/vda
> iodepth=64
> ioengine=libaio
> rw=randrw
> bs=4k
> size=300G
> rwmixread=80
> direct=1
> numjobs=2
> runtime=60
>
> [job-vdb]
> filename=/dev/vdb
> iodepth=64
> ioengine=libaio
> rw=randrw
> bs=4k
> size=300G
> rwmixread=90
> direct=1
> numjobs=2
> loops=1
> runtime=60
>
> without this patch, test 3 times:
> total iops: 278548.1, 312374.1, 276638.2
> with this patch, test 3 times:
> total iops: 368370.9, 335693.2, 327693.1
>
> 18.9% improvement in average.
>
> In addition, we are also using a distributed block storage, of which
> the io latency is much more than local nvme devices because of the
> network overhead. So it needs higher iodepth(>=256) to reach its max
> throughput.
> Without this patch, it has more than 5% chance of calling
> `qemu_coroutine_new` and the iops is less than 100K, while the iops is
> about 260K with this patch.
>
> On the other hand, there's a simpler way to reduce or eliminate the
> cost of `qemu_coroutine_new` is to increase POOL_BATCH_SIZE. But it
> will also bring much more memory consumption which we don't expect.
> So it's the purpose of this patch.
>
> Stefan Hajnoczi  于2020年8月25日周二 下午10:52写道：
> >
> > On Mon, Aug 24, 2020 at 12:31:21PM +0800, wanghonghao wrote:
> > > This patch replace the global coroutine queue with a lock-free stack of 
> > > which
> > > the elements are coroutine queues. Threads can put coroutine queues into 
> > > the
> > > stack or take queues from it and each coroutine queue has exactly
> > > POOL_BATCH_SIZE coroutines. Note that the stack is not strictly LIFO, but 
> > > it's
> > > enough for buffer pool.
> > >
> > > Coroutines will be put into thread-local pools first while release. Now 
> > > the
> > > fast pathes of both allocation and release are atomic-free, and there 
> > > won't
> > > be too many coroutines remain in a single thread since POOL_BATCH_SIZE 
> > > has been
> > > reduced to 16.
> > >
> > > In practice, I've run a VM with two block devices binding to two different
> > > iothreads, and run fio with iodepth 128 on each device. It maintains 
> > > around
> > > 400 coroutines and has about 1% chance of calling to `qemu_coroutine_new`
> > > without this patch. And with this patch, it maintains no more than 273
> > > coroutines and doesn't call `qemu_coroutine_new` after initial 
> > > allocations.
> >
> > Does throughput or IOPS change?
> >
> > Is the main purpose of this patch to reduce memory consumption?
> >
> > Stefan

Re: [PATCH v3 02/47] [DO-NOT-MERGE] docs: repair broken references

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:15PM -0400, John Snow wrote:
> Signed-off-by: John Snow 
> ---
>  docs/devel/multi-thread-tcg.rst | 2 +-
>  docs/devel/testing.rst  | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/docs/devel/multi-thread-tcg.rst b/docs/devel/multi-thread-tcg.rst
> index 21483870db..92a9eba13c 100644
> --- a/docs/devel/multi-thread-tcg.rst
> +++ b/docs/devel/multi-thread-tcg.rst
> @@ -267,7 +267,7 @@ of view of external observers (e.g. another processor 
> core). They can
>  apply to any memory operations as well as just loads or stores.
>  
>  The Linux kernel has an excellent `write-up
> -`
> +`_
>  on the various forms of memory barrier and the guarantees they can
>  provide.
>  
> diff --git a/docs/devel/testing.rst b/docs/devel/testing.rst
> index 666c4d7240..f21f3f58eb 100644
> --- a/docs/devel/testing.rst
> +++ b/docs/devel/testing.rst
> @@ -953,7 +953,7 @@ compiler flags are needed to build for a given target.
>  If you have the ability to run containers as the user you can also
>  take advantage of the build systems "Docker" support. It will then use
>  containers to build any test case for an enabled guest where there is
> -no system compiler available. See :ref: `_docker-ref` for details.
> +no system compiler available. See `docker-ref` for details.
>

Actually, I take the "r-b" back because I missed this line... it
should be:

   no system compiler available. See `docker-ref`_ for details.

- Cleber.


signature.asc
Description: PGP signature

Re: [RFC 0/3] QEMU as IPMI BMC emulator

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200929003916.4183696-1-hskinnem...@google.com/



Hi,

This series failed the docker-mingw@fedora build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#! /bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-mingw@fedora J=14 NETWORK=1
=== TEST SCRIPT END ===

--enable-werror --target-list=x86_64-softmmu,aarch64-softmmu 
--prefix=/tmp/qemu-test/install --python=/usr/bin/python3 
--cross-prefix=x86_64-w64-mingw32- --enable-trace-backends=simple 
--enable-gnutls --enable-nettle --enable-curl --enable-vnc --enable-bzip2 
--enable-guest-agent --enable-docs
Warning: /usr/bin/sphinx-build-3 exists but it is either too old or uses too 
old a Python version

ERROR: User requested feature docs
   configure was not able to find it.
   Install texinfo, Perl/perl-podlators and a Python 3 version of 
python-sphinx

---
funcs: do_compiler do_cc compile_object check_define main
lines: 141 173 652 678 0
x86_64-w64-mingw32-gcc -std=gnu99 -Wall -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef 
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv 
-c -o config-temp/qemu-conf.o config-temp/qemu-conf.c
config-temp/qemu-conf.c:2:2: error: #error __linux__ not defined
2 | #error __linux__ not defined
  |  ^

---
funcs: do_compiler do_cc compile_object check_define main
lines: 141 173 652 730 0
x86_64-w64-mingw32-gcc -std=gnu99 -Wall -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef 
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv 
-c -o config-temp/qemu-conf.o config-temp/qemu-conf.c
config-temp/qemu-conf.c:2:2: error: #error __i386__ not defined
2 | #error __i386__ not defined
  |  ^

---
funcs: do_compiler do_cc compile_object check_define main
lines: 141 173 652 733 0
x86_64-w64-mingw32-gcc -std=gnu99 -Wall -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 
-D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wundef 
-Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv 
-c -o config-temp/qemu-conf.o config-temp/qemu-conf.c
config-temp/qemu-conf.c:2:2: error: #error __ILP32__ not defined
2 | #error __ILP32__ not defined
  |  ^

---
funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 141 179 2138 2142 0
x86_64-w64-mingw32-gcc -mthreads -std=gnu99 -Wall -m64 -mcx16 -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes 
-Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes 
-fno-strict-aliasing -fno-common -fwrapv -Wold-style-declaration 
-Wold-style-definition -Wtype-limits -Wformat-security -Wformat-y2k -Winit-self 
-Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels 
-Wexpansion-to-defined -Werror -Winitializer-overrides -o 
config-temp/qemu-conf.exe config-temp/qemu-conf.c -m64
x86_64-w64-mingw32-gcc: error: unrecognized command line option 
'-Winitializer-overrides'

funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 141 179 2138 2142 0
---
funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 141 179 2138 2142 0
x86_64-w64-mingw32-gcc -mthreads -std=gnu99 -Wall -m64 -mcx16 -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes 
-Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes 
-fno-strict-aliasing -fno-common -fwrapv -Wold-style-declaration 
-Wold-style-definition -Wtype-limits -Wformat-security -Wformat-y2k -Winit-self 
-Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels 
-Wexpansion-to-defined -Wno-missing-include-dirs -Wno-shift-negative-value 
-Werror -Wstring-plus-int -o config-temp/qemu-conf.exe config-temp/qemu-conf.c 
-m64
x86_64-w64-mingw32-gcc: error: unrecognized command line option 
'-Wstring-plus-int'

funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 141 179 2138 2142 0
x86_64-w64-mingw32-gcc -mthreads -std=gnu99 -Wall -m64 -mcx16 -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes 
-Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes 
-fno-strict-aliasing -fno-common -fwrapv -Wold-style-declaration 
-Wold-style-definition -Wtype-limits -Wformat-security -Wformat-y2k -Winit-self 
-Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels 
-Wexpansion-to-defined -Wno-missing-include-dirs -Wno-shift-negative-value 
-Werror -Wtypedef-redefinition -o config-temp/qemu-conf.exe 
config-temp/qemu-conf.c -m64
x86_64-w64-mingw32-gcc: error: unrecognized command line option 
'-Wtypedef-redefinition'

funcs: do_compiler do_cc compile_prog cc_has_warning_flag main
lines: 141 179 2138 2142 0
x86_64-w64-mingw32-gcc -mthreads -std=gnu99 -Wall -m64 -mcx16 -D_GNU_SOURCE 
-D_FILE_OFFSET_BITS=64 

Re: [RFC 0/3] QEMU as IPMI BMC emulator

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/20200929003916.4183696-1-hskinnem...@google.com/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 20200929003916.4183696-1-hskinnem...@google.com
Subject: [RFC 0/3] QEMU as IPMI BMC emulator

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Switched to a new branch 'test'
572df61 docs/specs: IPMI device emulation: BMC
27c176d docs/specs: IPMI device emulation: main processor
cf7927e docs: enable sphinx blockdiag extension

=== OUTPUT BEGIN ===
1/3 Checking commit cf7927e5561e (docs: enable sphinx blockdiag extension)
WARNING: line over 80 characters
#19: FILE: docs/conf.py:70:
+extensions = ['kerneldoc', 'qmp_lexer', 'hxtool', 'depfile', 
'sphinxcontrib.blockdiag']

WARNING: line over 80 characters
#22: FILE: docs/conf.py:73:
+blockdiag_fontpath = 
'/usr/share/fonts/truetype/liberation/LiberationSans-Regular.ttf'

total: 0 errors, 2 warnings, 11 lines checked

Patch 1/3 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
2/3 Checking commit 27c176d70bcd (docs/specs: IPMI device emulation: main 
processor)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#26: 
new file mode 100644

ERROR: trailing whitespace
#51: FILE: docs/specs/ipmi.rst:21:
+  $

total: 1 errors, 1 warnings, 106 lines checked

Patch 2/3 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

3/3 Checking commit 572df6110448 (docs/specs: IPMI device emulation: BMC)
=== OUTPUT END ===

Test command exited with code: 1


The full log is available at
http://patchew.org/logs/20200929003916.4183696-1-hskinnem...@google.com/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

Re: [PATCH v3 01/47] [DO-NOT-MERGE] docs: replace single backtick (`) with double-backtick (``)

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:14PM -0400, John Snow wrote:
> The single backtick in ReST is the "default role". Currently, Sphinx's
> default role is called "content". Sphinx suggests you can use the "Any"
> role instead to turn any single-backtick enclosed item into a
> cross-reference.
> 
> Before we do that, though, we'll need to turn all existing usages of the
> "content" role to inline verbatim markup by using double backticks
> instead.
> 
> Signed-off-by: John Snow 

While reviewing this, looking for broken usage of single backticks, I
also found what you found on the next patch, and nothing else.

Reviewed-by: Cleber Rosa 


signature.asc
Description: PGP signature

Re: [PATCH v3 02/47] [DO-NOT-MERGE] docs: repair broken references

[Cleber Rosa]

On Thu, Sep 24, 2020 at 08:28:15PM -0400, John Snow wrote:
> Signed-off-by: John Snow 

Reviewed-by: Cleber Rosa 


signature.asc
Description: PGP signature

Re: [PATCH 00/16] hw/mips: Set CPU frequency

[no-reply]

Patchew URL: https://patchew.org/QEMU/20200928171539.788309-1-f4...@amsat.org/



Hi,

This series failed the docker-quick@centos7 build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
make docker-image-centos7 V=1 NETWORK=1
time make docker-test-quick@centos7 SHOW_ENV=1 J=14 NETWORK=1
=== TEST SCRIPT END ===

C linker for the host machine: cc ld.bfd 2.27-43
Host machine cpu family: x86_64
Host machine cpu: x86_64
../src/meson.build:10: WARNING: Module unstable-keyval has no backwards or 
forwards compatibility and might not exist in future releases.
Program sh found: YES
Program python3 found: YES (/usr/bin/python3)
Configuring ninjatool using configuration
---
qemu-system-aarch64: falling back to tcg
socket_accept failed: Resource temporarily unavailable
**
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
../src/tests/qtest/libqtest.c:166: kill_qemu() tried to terminate QEMU process 
but encountered exit status 1 (expected 0)
  TESTiotest-qcow2: 013
ERROR qtest-x86_64: pxe-test - Bail out! 
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
make: *** [run-test-110] Error 1
make: *** Waiting for unfinished jobs

Looking for expected file 'tests/data/acpi/virt/FACP.numamem'
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--rm', 
'--label', 'com.qemu.instance.uuid=e2cdd463ef8a4c2f9b9143e69d8ac437', '-u', 
'1003', '--security-opt', 'seccomp=unconfined', '-e', 'TARGET_LIST=', '-e', 
'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 
'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', 
'/home/patchew2/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', 
'/var/tmp/patchew-tester-tmp-9dln7e0v/src/docker-src.2020-09-28-22.27.36.11269:/var/tmp/qemu:z,ro',
 'qemu/centos7', '/var/tmp/qemu/run', 'test-quick']' returned non-zero exit 
status 2.
filter=--filter=label=com.qemu.instance.uuid=e2cdd463ef8a4c2f9b9143e69d8ac437
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-9dln7e0v/src'
make: *** [docker-run-test-quick@centos7] Error 2

real18m49.678s
user0m13.756s


The full log is available at
http://patchew.org/logs/20200928171539.788309-1-f4...@amsat.org/testing.docker-quick@centos7/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

RE: [PATCH v1 1/3] i386: Remove the limitation of IP payloads for Intel PT

[Kang, Luwei]

> >> No, if a feature cannot be emulated, that means it cannot be enabled
> >> unless it matches the host.  That's generally not a problem since
> >> Intel PT is usually used only with "-cpu host".
> >>
> > The limitation of LIP in qemu will mask off the Intel PT in KVM guest
> > even with "-cpu host". e.g. This bit will be set in SnowRidge HW and
> > later.
> 
> I agree that QEMU would have to learn about LIP.  Unlike this patch, however,
> x86_cpu_filter_features would have to fail if host LIP != guest LIP.  That is,
> something like
> 
>(ecx_0 & INTEL_PT_IP_LIP)) !=
>   (env->features[INTEL_PT_ECX_0] & INTEL_PT_IP_LIP)
> 
> where "intel-pt-lip" would be a feature in env->features[INTEL_PT_ECX_0].

Got it. Thanks.

Luwei Kang

> 
> > How about "-cpu cpu_model, +intel-pt" use case? The current value of
> > Intel PT CPUID is a constant. Can we make the ICX CPUID as basic
> > inforation(LIP is 0) and using "+intel-pt-lip" to make Intel PT work
> > on the CPU which LIP is 1 on the host? As you mentioned before, Intel
> > PT cannot be enabled in guest unless it matches the host.
> 
> Yes, this would work.
> 
> Paolo

RE: [PATCH v1 1/3] i386: Remove the limitation of IP payloads for Intel PT

[Kang, Luwei]

> > >  No, it's not possible.  KVM doesn't have a say on what the
> > >  processor writes in the tracing packets.
> > > >>> Can KVM refuse to enable packet generation if CSbase is not zero
> > > >>> and CPUID.(EAX=14H,ECX=0)[bit 31] seen by guest is different from
> host?
> > > >>
> > > >> Yes, but the processor could change operating mode (and hence
> > > >> CSbase) while tracing is active.  This is very unlikely, since it
> > > >> would require nonzero CS-base and a 32-bit host, but in principle
> > > >> not impossible (could be a firmware call, for example).
> > > >>
> > > >> The only solution is for KVM to accept both, and for QEMU to
> > > >> refuse a setting that does not match the host.
> > > >>
> > > >
> > > > So I need to add a patch in KVM to disabled the Intel PT when the
> > > > CSbase is not zero and the guest LIP different from the host. And
> > > > this limitation in qemu (disabled the PT when LIP is enabled in
> > > > the host) can be remove. Is that right?
> > >
> > > No, if a feature cannot be emulated, that means it cannot be enabled
> > > unless it matches the host.  That's generally not a problem since
> > > Intel PT is usually used only with "-cpu host".
> > >
> >
> > The limitation of LIP in qemu will mask off the Intel PT in KVM guest
> > even with "-cpu host". e.g. This bit will be set in SnowRidge HW and
> > later.
> 
> This behavior can and should be changed.
> 
> >
> > How about "-cpu cpu_model, +intel-pt" use case? The current value of
> > Intel PT CPUID is a constant. Can we make the ICX CPUID as basic
> > inforation(LIP is 0) and using "+intel-pt-lip"
> > to make Intel PT work on the CPU which LIP is 1 on the host? As you
> > mentioned before, Intel PT cannot be enabled in guest unless it
> > matches the host.
> 
> This makes sense, but you can also make each CPU model set a default for the
> LIP bit.  "-cpu SnowRidge,+intel-pt" could set
> LIP=1 by default.

I have a question on how to set LIP=1 in SnowRidge by default. 
1. Set LIP in "builtin_x86_defs[]" SnowRidge CPU model. The LIP included in 
CPUID.(eax=14x,ecx=0)ecx[bit31] and a new leaf needs to be added.
2. Checking the CPU model in the later software flow and set the LIP bit if the 
CPU model is Snowridge. And we also need to add more CPU model's checking for 
new CPUs.

What is your opinion?

Thanks,
Luwei Kang

> 
> --
> Eduardo

Re: [PATCH V1 0/3] Passthru device support under emulated amd-iommu

[no-reply]

Patchew URL: https://patchew.org/QEMU/20200928200506.75441-1-wei.hua...@amd.com/



Hi,

This series failed the docker-quick@centos7 build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
make docker-image-centos7 V=1 NETWORK=1
time make docker-test-quick@centos7 SHOW_ENV=1 J=14 NETWORK=1
=== TEST SCRIPT END ===

C linker for the host machine: cc ld.bfd 2.27-43
Host machine cpu family: x86_64
Host machine cpu: x86_64
../src/meson.build:10: WARNING: Module unstable-keyval has no backwards or 
forwards compatibility and might not exist in future releases.
Program sh found: YES
Program python3 found: YES (/usr/bin/python3)
Configuring ninjatool using configuration
---
  TESTiotest-qcow2: 018
socket_accept failed: Resource temporarily unavailable
**
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
../src/tests/qtest/libqtest.c:166: kill_qemu() tried to terminate QEMU process 
but encountered exit status 1 (expected 0)
ERROR qtest-x86_64: bios-tables-test - Bail out! 
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
make: *** [run-test-138] Error 1
make: *** Waiting for unfinished jobs
  TESTiotest-qcow2: 019
  TESTiotest-qcow2: 020
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--rm', 
'--label', 'com.qemu.instance.uuid=b033790bfc424d119959312ad4731adb', '-u', 
'1003', '--security-opt', 'seccomp=unconfined', '-e', 'TARGET_LIST=', '-e', 
'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 
'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', 
'/home/patchew2/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', 
'/var/tmp/patchew-tester-tmp-2xrejy4s/src/docker-src.2020-09-28-21.51.04.32600:/var/tmp/qemu:z,ro',
 'qemu/centos7', '/var/tmp/qemu/run', 'test-quick']' returned non-zero exit 
status 2.
filter=--filter=label=com.qemu.instance.uuid=b033790bfc424d119959312ad4731adb
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-2xrejy4s/src'
make: *** [docker-run-test-quick@centos7] Error 2

real17m41.977s
user0m21.950s


The full log is available at
http://patchew.org/logs/20200928200506.75441-1-wei.hua...@amd.com/testing.docker-quick@centos7/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

[PATCH 5/5] target/riscv: Add sifive_plic vmstate

[Yifei Jiang]

Add sifive_plic vmstate for supporting sifive_plic migration.
Current vmstate framework only supports one structure parameter
as num field to describe variable length arrays, so introduce
num_enables.

Signed-off-by: Yifei Jiang 
Signed-off-by: Yipeng Yin 
---
 hw/intc/sifive_plic.c | 26 +-
 hw/intc/sifive_plic.h |  1 +
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/hw/intc/sifive_plic.c b/hw/intc/sifive_plic.c
index f42fd695d8..97a1a27a9a 100644
--- a/hw/intc/sifive_plic.c
+++ b/hw/intc/sifive_plic.c
@@ -30,6 +30,7 @@
 #include "hw/intc/sifive_plic.h"
 #include "target/riscv/cpu.h"
 #include "sysemu/sysemu.h"
+#include "migration/vmstate.h"
 
 #define RISCV_DEBUG_PLIC 0
 
@@ -448,11 +449,12 @@ static void sifive_plic_realize(DeviceState *dev, Error 
**errp)
   TYPE_SIFIVE_PLIC, plic->aperture_size);
 parse_hart_config(plic);
 plic->bitfield_words = (plic->num_sources + 31) >> 5;
+plic->num_enables = plic->bitfield_words * plic->num_addrs;
 plic->source_priority = g_new0(uint32_t, plic->num_sources);
 plic->target_priority = g_new(uint32_t, plic->num_addrs);
 plic->pending = g_new0(uint32_t, plic->bitfield_words);
 plic->claimed = g_new0(uint32_t, plic->bitfield_words);
-plic->enable = g_new0(uint32_t, plic->bitfield_words * plic->num_addrs);
+plic->enable = g_new0(uint32_t, plic->num_enables);
 sysbus_init_mmio(SYS_BUS_DEVICE(dev), >mmio);
 qdev_init_gpio_in(dev, sifive_plic_irq_request, plic->num_sources);
 
@@ -472,12 +474,34 @@ static void sifive_plic_realize(DeviceState *dev, Error 
**errp)
 msi_nonbroken = true;
 }
 
+static const VMStateDescription vmstate_sifive_plic = {
+.name = "riscv_sifive_plic",
+.version_id = 1,
+.minimum_version_id = 1,
+.fields = (VMStateField[]) {
+VMSTATE_VARRAY_UINT32(source_priority, SiFivePLICState,
+  num_sources, 0,
+  vmstate_info_uint32, uint32_t),
+VMSTATE_VARRAY_UINT32(target_priority, SiFivePLICState,
+  num_addrs, 0,
+  vmstate_info_uint32, uint32_t),
+VMSTATE_VARRAY_UINT32(pending, SiFivePLICState, bitfield_words, 0,
+  vmstate_info_uint32, uint32_t),
+VMSTATE_VARRAY_UINT32(claimed, SiFivePLICState, bitfield_words, 0,
+  vmstate_info_uint32, uint32_t),
+VMSTATE_VARRAY_UINT32(enable, SiFivePLICState, num_enables, 0,
+  vmstate_info_uint32, uint32_t),
+VMSTATE_END_OF_LIST()
+}
+};
+
 static void sifive_plic_class_init(ObjectClass *klass, void *data)
 {
 DeviceClass *dc = DEVICE_CLASS(klass);
 
 device_class_set_props(dc, sifive_plic_properties);
 dc->realize = sifive_plic_realize;
+dc->vmsd = _sifive_plic;
 }
 
 static const TypeInfo sifive_plic_info = {
diff --git a/hw/intc/sifive_plic.h b/hw/intc/sifive_plic.h
index b75b1f145d..1e451a270c 100644
--- a/hw/intc/sifive_plic.h
+++ b/hw/intc/sifive_plic.h
@@ -52,6 +52,7 @@ struct SiFivePLICState {
 uint32_t num_addrs;
 uint32_t num_harts;
 uint32_t bitfield_words;
+uint32_t num_enables;
 PLICAddr *addr_config;
 uint32_t *source_priority;
 uint32_t *target_priority;
-- 
2.19.1

[PATCH 3/5] target/riscv: Add H extention state description

[Yifei Jiang]

In the case of supporting H extention, add H extention description
to vmstate_riscv_cpu.

Signed-off-by: Yifei Jiang 
Signed-off-by: Yipeng Yin 
---
 target/riscv/machine.c | 51 ++
 1 file changed, 51 insertions(+)

diff --git a/target/riscv/machine.c b/target/riscv/machine.c
index b1fc839b43..6a528bc1a5 100644
--- a/target/riscv/machine.c
+++ b/target/riscv/machine.c
@@ -49,6 +49,56 @@ static const VMStateDescription vmstate_pmp = {
 }
 };
 
+static bool hyper_needed(void *opaque)
+{
+RISCVCPU *cpu = opaque;
+CPURISCVState *env = >env;
+
+return riscv_has_ext(env, RVH);
+}
+
+static const VMStateDescription vmstate_hyper = {
+.name = "cpu/hyper",
+.version_id = 1,
+.minimum_version_id = 1,
+.needed = hyper_needed,
+.fields = (VMStateField[]) {
+VMSTATE_UINTTL(env.hstatus, RISCVCPU),
+VMSTATE_UINTTL(env.hedeleg, RISCVCPU),
+VMSTATE_UINTTL(env.hideleg, RISCVCPU),
+VMSTATE_UINTTL(env.hcounteren, RISCVCPU),
+VMSTATE_UINTTL(env.htval, RISCVCPU),
+VMSTATE_UINTTL(env.htinst, RISCVCPU),
+VMSTATE_UINTTL(env.hgatp, RISCVCPU),
+VMSTATE_UINT64(env.htimedelta, RISCVCPU),
+
+VMSTATE_UINTTL(env.vsstatus, RISCVCPU),
+VMSTATE_UINTTL(env.vstvec, RISCVCPU),
+VMSTATE_UINTTL(env.vsscratch, RISCVCPU),
+VMSTATE_UINTTL(env.vsepc, RISCVCPU),
+VMSTATE_UINTTL(env.vscause, RISCVCPU),
+VMSTATE_UINTTL(env.vstval, RISCVCPU),
+VMSTATE_UINTTL(env.vsatp, RISCVCPU),
+
+VMSTATE_UINTTL(env.mtval2, RISCVCPU),
+VMSTATE_UINTTL(env.mtinst, RISCVCPU),
+
+VMSTATE_UINTTL(env.stvec_hs, RISCVCPU),
+VMSTATE_UINTTL(env.sscratch_hs, RISCVCPU),
+VMSTATE_UINTTL(env.sepc_hs, RISCVCPU),
+VMSTATE_UINTTL(env.scause_hs, RISCVCPU),
+VMSTATE_UINTTL(env.stval_hs, RISCVCPU),
+VMSTATE_UINTTL(env.satp_hs, RISCVCPU),
+VMSTATE_UINTTL(env.mstatus_hs, RISCVCPU),
+
+#ifdef TARGET_RISCV32
+VMSTATE_UINTTL(env.vsstatush, RISCVCPU),
+VMSTATE_UINTTL(env.mstatush_hs, RISCVCPU),
+#endif
+VMSTATE_END_OF_LIST()
+}
+};
+
 const VMStateDescription vmstate_riscv_cpu = {
 .name = "cpu",
 .version_id = 1,
@@ -103,6 +153,7 @@ const VMStateDescription vmstate_riscv_cpu = {
 },
 .subsections = (const VMStateDescription * []) {
 _pmp,
+_hyper,
 NULL
 }
 };
-- 
2.19.1

[PATCH 1/5] target/riscv: Add basic vmstate description of CPU

[Yifei Jiang]

Add basic CPU state description to the newly created machine.c

Signed-off-by: Yifei Jiang 
Signed-off-by: Yipeng Yin 
---
 target/riscv/cpu.c   |  7 -
 target/riscv/cpu.h   |  4 +++
 target/riscv/machine.c   | 59 
 target/riscv/meson.build |  3 +-
 4 files changed, 65 insertions(+), 8 deletions(-)
 create mode 100644 target/riscv/machine.c

diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 0bbfd7f457..bf396e2916 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -496,13 +496,6 @@ static void riscv_cpu_init(Object *obj)
 cpu_set_cpustate_pointers(cpu);
 }
 
-#ifndef CONFIG_USER_ONLY
-static const VMStateDescription vmstate_riscv_cpu = {
-.name = "cpu",
-.unmigratable = 1,
-};
-#endif
-
 static Property riscv_cpu_properties[] = {
 DEFINE_PROP_BOOL("i", RISCVCPU, cfg.ext_i, true),
 DEFINE_PROP_BOOL("e", RISCVCPU, cfg.ext_e, false),
diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
index de275782e6..8440ea0793 100644
--- a/target/riscv/cpu.h
+++ b/target/riscv/cpu.h
@@ -311,6 +311,10 @@ extern const char * const riscv_fpr_regnames[];
 extern const char * const riscv_excp_names[];
 extern const char * const riscv_intr_names[];
 
+#ifndef CONFIG_USER_ONLY
+extern const VMStateDescription vmstate_riscv_cpu;
+#endif
+
 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async);
 void riscv_cpu_do_interrupt(CPUState *cpu);
 int riscv_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
diff --git a/target/riscv/machine.c b/target/riscv/machine.c
new file mode 100644
index 00..3451b888b1
--- /dev/null
+++ b/target/riscv/machine.c
@@ -0,0 +1,59 @@
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "qemu/error-report.h"
+#include "sysemu/kvm.h"
+#include "migration/cpu.h"
+
+const VMStateDescription vmstate_riscv_cpu = {
+.name = "cpu",
+.version_id = 1,
+.minimum_version_id = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINTTL_ARRAY(env.gpr, RISCVCPU, 32),
+VMSTATE_UINT64_ARRAY(env.fpr, RISCVCPU, 32),
+VMSTATE_UINTTL(env.pc, RISCVCPU),
+VMSTATE_UINTTL(env.load_res, RISCVCPU),
+VMSTATE_UINTTL(env.load_val, RISCVCPU),
+VMSTATE_UINTTL(env.frm, RISCVCPU),
+VMSTATE_UINTTL(env.badaddr, RISCVCPU),
+VMSTATE_UINTTL(env.guest_phys_fault_addr, RISCVCPU),
+VMSTATE_UINTTL(env.priv_ver, RISCVCPU),
+VMSTATE_UINTTL(env.vext_ver, RISCVCPU),
+VMSTATE_UINTTL(env.misa, RISCVCPU),
+VMSTATE_UINTTL(env.misa_mask, RISCVCPU),
+VMSTATE_UINT32(env.features, RISCVCPU),
+VMSTATE_UINTTL(env.priv, RISCVCPU),
+VMSTATE_UINTTL(env.virt, RISCVCPU),
+VMSTATE_UINTTL(env.resetvec, RISCVCPU),
+VMSTATE_UINTTL(env.mhartid, RISCVCPU),
+VMSTATE_UINTTL(env.mstatus, RISCVCPU),
+VMSTATE_UINTTL(env.mip, RISCVCPU),
+VMSTATE_UINT32(env.miclaim, RISCVCPU),
+VMSTATE_UINTTL(env.mie, RISCVCPU),
+VMSTATE_UINTTL(env.mideleg, RISCVCPU),
+VMSTATE_UINTTL(env.sptbr, RISCVCPU),
+VMSTATE_UINTTL(env.satp, RISCVCPU),
+VMSTATE_UINTTL(env.sbadaddr, RISCVCPU),
+VMSTATE_UINTTL(env.mbadaddr, RISCVCPU),
+VMSTATE_UINTTL(env.medeleg, RISCVCPU),
+VMSTATE_UINTTL(env.stvec, RISCVCPU),
+VMSTATE_UINTTL(env.sepc, RISCVCPU),
+VMSTATE_UINTTL(env.scause, RISCVCPU),
+VMSTATE_UINTTL(env.mtvec, RISCVCPU),
+VMSTATE_UINTTL(env.mepc, RISCVCPU),
+VMSTATE_UINTTL(env.mcause, RISCVCPU),
+VMSTATE_UINTTL(env.mtval, RISCVCPU),
+VMSTATE_UINTTL(env.scounteren, RISCVCPU),
+VMSTATE_UINTTL(env.mcounteren, RISCVCPU),
+VMSTATE_UINTTL(env.sscratch, RISCVCPU),
+VMSTATE_UINTTL(env.mscratch, RISCVCPU),
+VMSTATE_UINT64(env.mfromhost, RISCVCPU),
+VMSTATE_UINT64(env.mtohost, RISCVCPU),
+VMSTATE_UINT64(env.timecmp, RISCVCPU),
+
+#ifdef TARGET_RISCV32
+VMSTATE_UINTTL(env.mstatush, RISCVCPU),
+#endif
+VMSTATE_END_OF_LIST()
+}
+};
diff --git a/target/riscv/meson.build b/target/riscv/meson.build
index abd647fea1..14a5c62dac 100644
--- a/target/riscv/meson.build
+++ b/target/riscv/meson.build
@@ -27,7 +27,8 @@ riscv_ss.add(files(
 riscv_softmmu_ss = ss.source_set()
 riscv_softmmu_ss.add(files(
   'pmp.c',
-  'monitor.c'
+  'monitor.c',
+  'machine.c'
 ))
 
 target_arch += {'riscv': riscv_ss}
-- 
2.19.1

[PATCH 0/5] Support RISC-V migration

[Yifei Jiang]

This patches supported RISC-V migration based on tcg accel. And we have
verified related migration features such as snapshot and live migration.

A few weeks ago, we submitted RFC patches about supporting RISC-V migration
based on kvm accel: https://www.spinics.net/lists/kvm/msg223605.html.
And we found that tcg accelerated migration can be supported with a few
changes. Most of the devices have already implemented the migration
interface, so, to achieve the tcg accelerated migration, we just need to
add vmstate of both cpu and sifive_plic.

Yifei Jiang (5):
  target/riscv: Add basic vmstate description of CPU
  target/riscv: Add PMP state description
  target/riscv: Add H extention state description
  target/riscv: Add V extention state description
  target/riscv: Add sifive_plic vmstate

 hw/intc/sifive_plic.c|  26 +-
 hw/intc/sifive_plic.h|   1 +
 target/riscv/cpu.c   |   7 --
 target/riscv/cpu.h   |   4 +
 target/riscv/machine.c   | 184 +++
 target/riscv/meson.build |   3 +-
 6 files changed, 214 insertions(+), 9 deletions(-)
 create mode 100644 target/riscv/machine.c

-- 
2.19.1

[PATCH 2/5] target/riscv: Add PMP state description

[Yifei Jiang]

In the case of supporting PMP feature, add PMP state description
to vmstate_riscv_cpu.

Signed-off-by: Yifei Jiang 
Signed-off-by: Yipeng Yin 
---
 target/riscv/machine.c | 49 ++
 1 file changed, 49 insertions(+)

diff --git a/target/riscv/machine.c b/target/riscv/machine.c
index 3451b888b1..b1fc839b43 100644
--- a/target/riscv/machine.c
+++ b/target/riscv/machine.c
@@ -4,6 +4,51 @@
 #include "sysemu/kvm.h"
 #include "migration/cpu.h"
 
+static bool pmp_needed(void *opaque)
+{
+RISCVCPU *cpu = opaque;
+CPURISCVState *env = >env;
+
+return riscv_feature(env, RISCV_FEATURE_PMP);
+}
+
+static const VMStateDescription vmstate_pmp_entry = {
+.name = "cpu/pmp/entry",
+.version_id = 1,
+.minimum_version_id = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINTTL(addr_reg, pmp_entry_t),
+VMSTATE_UINT8(cfg_reg, pmp_entry_t),
+VMSTATE_END_OF_LIST()
+}
+};
+
+static const VMStateDescription vmstate_pmp_addr = {
+.name = "cpu/pmp/addr",
+.version_id = 1,
+.minimum_version_id = 1,
+.fields = (VMStateField[]) {
+VMSTATE_UINTTL(sa, pmp_addr_t),
+VMSTATE_UINTTL(ea, pmp_addr_t),
+VMSTATE_END_OF_LIST()
+}
+};
+
+static const VMStateDescription vmstate_pmp = {
+.name = "cpu/pmp",
+.version_id = 1,
+.minimum_version_id = 1,
+.needed = pmp_needed,
+.fields = (VMStateField[]) {
+VMSTATE_STRUCT_ARRAY(env.pmp_state.pmp, RISCVCPU, MAX_RISCV_PMPS,
+ 0, vmstate_pmp_entry, pmp_entry_t),
+VMSTATE_STRUCT_ARRAY(env.pmp_state.addr, RISCVCPU, MAX_RISCV_PMPS,
+ 0, vmstate_pmp_addr, pmp_addr_t),
+VMSTATE_UINT32(env.pmp_state.num_rules, RISCVCPU),
+VMSTATE_END_OF_LIST()
+}
+};
+
 const VMStateDescription vmstate_riscv_cpu = {
 .name = "cpu",
 .version_id = 1,
@@ -55,5 +100,9 @@ const VMStateDescription vmstate_riscv_cpu = {
 VMSTATE_UINTTL(env.mstatush, RISCVCPU),
 #endif
 VMSTATE_END_OF_LIST()
+},
+.subsections = (const VMStateDescription * []) {
+_pmp,
+NULL
 }
 };
-- 
2.19.1

[PATCH 4/5] target/riscv: Add V extention state description

[Yifei Jiang]

In the case of supporting V extention, add V extention description
to vmstate_riscv_cpu.

Signed-off-by: Yifei Jiang 
Signed-off-by: Yipeng Yin 
---
 target/riscv/machine.c | 25 +
 1 file changed, 25 insertions(+)

diff --git a/target/riscv/machine.c b/target/riscv/machine.c
index 6a528bc1a5..8912a77b71 100644
--- a/target/riscv/machine.c
+++ b/target/riscv/machine.c
@@ -57,6 +57,30 @@ static bool hyper_needed(void *opaque)
 return riscv_has_ext(env, RVH);
 }
 
+static bool vector_needed(void *opaque)
+{
+RISCVCPU *cpu = opaque;
+CPURISCVState *env = >env;
+
+return riscv_has_ext(env, RVV);
+}
+
+static const VMStateDescription vmstate_vector = {
+.name = "cpu/vector",
+.version_id = 1,
+.minimum_version_id = 1,
+.needed = vector_needed,
+.fields = (VMStateField[]) {
+VMSTATE_UINT64_ARRAY(env.vreg, RISCVCPU, 32 * RV_VLEN_MAX / 64),
+VMSTATE_UINTTL(env.vxrm, RISCVCPU),
+VMSTATE_UINTTL(env.vxsat, RISCVCPU),
+VMSTATE_UINTTL(env.vl, RISCVCPU),
+VMSTATE_UINTTL(env.vstart, RISCVCPU),
+VMSTATE_UINTTL(env.vtype, RISCVCPU),
+VMSTATE_END_OF_LIST()
+}
+};
+
 static const VMStateDescription vmstate_hyper = {
 .name = "cpu/hyper",
 .version_id = 1,
@@ -154,6 +178,7 @@ const VMStateDescription vmstate_riscv_cpu = {
 .subsections = (const VMStateDescription * []) {
 _pmp,
 _hyper,
+_vector,
 NULL
 }
 };
-- 
2.19.1

Re: [PATCH v3 1/1] accel/tcg: Fix computing of is_write for MIPS

[Kele Huang]

Thank you so much!


On Mon, 28 Sep 2020 at 16:14, Aleksandar Markovic <
aleksandar.qemu.de...@gmail.com> wrote:

>
>
> On Sunday, September 27, 2020, Kele Huang  wrote:
>
>> Sorry about that, I only got maintainers by './scripts/get_maintainer.pl
>> -f accel/tcg/user-exec.c' and missed your advice about maintainers.
>> In another words, I thought I had Cc'ed the TCG MIPS maintainers. 
>> And sorry to maintainers. 
>>
>>>
>>>
> This is fine, Kele. :)
>
> The granularity of get_maintainer.py is at file level, so this is one of
> the cases where you can use your own judgement and include more email
> addresses, even though get_maintainer.py doesn't list them.
> get_maintainer.py is good most of the time, but not always. But not a big
> deal.
>
> Thanks for the patch! :)
>
> I expect Richard is going to include it in his next tcg queue.
>
> Yours,
> Aleksandar
>
>
>> On Sun, 27 Sep 2020 at 16:41, Philippe Mathieu-Daudé 
>> wrote:
>>
>>> On 9/27/20 10:20 AM, Kele Huang wrote:
>>> > Detect all MIPS store instructions in cpu_signal_handler for all
>>> available
>>> > MIPS versions, and set is_write if encountering such store
>>> instructions.
>>> >
>>> > This fixed the error while dealing with self-modified code for MIPS.
>>> >
>>> > Reviewed-by: Richard Henderson 
>>> > Signed-off-by: Kele Huang 
>>> > Signed-off-by: Xu Zou 
>>>
>>> I already Cc'ed the TCG MIPS maintainers twice for you,
>>> but you don't mind, so this time I won't insist.
>>>
>>> > ---
>>> >  accel/tcg/user-exec.c | 39 ++-
>>> >  1 file changed, 38 insertions(+), 1 deletion(-)
>>> >
>>> > diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
>>> > index bb039eb32d..9ecda6c0d0 100644
>>> > --- a/accel/tcg/user-exec.c
>>> > +++ b/accel/tcg/user-exec.c
>>> > @@ -702,6 +702,10 @@ int cpu_signal_handler(int host_signum, void
>>> *pinfo,
>>> >
>>> >  #elif defined(__mips__)
>>> >
>>> > +#if defined(__misp16) || defined(__mips_micromips)
>>> > +#error "Unsupported encoding"
>>> > +#endif
>>> > +
>>> >  int cpu_signal_handler(int host_signum, void *pinfo,
>>> > void *puc)
>>> >  {
>>> > @@ -709,9 +713,42 @@ int cpu_signal_handler(int host_signum, void
>>> *pinfo,
>>> >  ucontext_t *uc = puc;
>>> >  greg_t pc = uc->uc_mcontext.pc;
>>> >  int is_write;
>>> > +uint32_t insn;
>>> >
>>> > -/* XXX: compute is_write */
>>> > +/* Detect all store instructions at program counter. */
>>> >  is_write = 0;
>>> > +insn = *(uint32_t *)pc;
>>> > +switch((insn >> 26) & 077) {
>>> > +case 050: /* SB */
>>> > +case 051: /* SH */
>>> > +case 052: /* SWL */
>>> > +case 053: /* SW */
>>> > +case 054: /* SDL */
>>> > +case 055: /* SDR */
>>> > +case 056: /* SWR */
>>> > +case 070: /* SC */
>>> > +case 071: /* SWC1 */
>>> > +case 074: /* SCD */
>>> > +case 075: /* SDC1 */
>>> > +case 077: /* SD */
>>> > +#if !defined(__mips_isa_rev) || __mips_isa_rev < 6
>>> > +case 072: /* SWC2 */
>>> > +case 076: /* SDC2 */
>>> > +#endif
>>> > +is_write = 1;
>>> > +break;
>>> > +case 023: /* COP1X */
>>> > +/* Required in all versions of MIPS64 since
>>> > +   MIPS64r1 and subsequent versions of MIPS32r2. */
>>> > +switch (insn & 077) {
>>> > +case 010: /* SWXC1 */
>>> > +case 011: /* SDXC1 */
>>> > +case 015: /* SDXC1 */
>>> > +is_write = 1;
>>> > +}
>>> > +break;
>>> > +}
>>> > +
>>> >  return handle_cpu_signal(pc, info, is_write, >uc_sigmask);
>>> >  }
>>> >
>>> >
>>>
>>>

Re: I wanna fixes plugin on windows, any suggestion

[Yonggang Luo]

On Mon, Sep 28, 2020 at 11:47 PM Alex Bennée  wrote:
>
>
> Paolo Bonzini  writes:
>
> > On 25/09/20 21:12, 罗勇刚(Yonggang Luo) wrote:
> >> currently the empty.c plugin are failed of linkage error
> >>
> >> The fowlloing are the failing message:
> >> Compiling C object tests/plugin/libbb.dll.p/bb.c.obj
> >> Linking target tests/plugin/libempty.dll
> >> Linking target tests/plugin/libinsn.dll
> >> Linking target tests/plugin/libmem.dll
> >> ../tests/plugin/bb.c: In function 'vcpu_tb_exec':
> >> ../tests/plugin/bb.c:75:29: error: cast from pointer to integer of
> >> different size [-Werror=pointer-to-int-cast]
> >>75 | unsigned long n_insns = (unsigned long)udata;
> >>   | ^
> >> ../tests/plugin/bb.c: In function 'vcpu_tb_trans':
> >> ../tests/plugin/bb.c:95:46: error: cast to pointer from integer of
> >> different size [-Werror=int-to-pointer-cast]
> >>95 |  (void *)n_insns);
> >>   |  ^
> >
> > Plugins cannot work on Windows, because they would be specific to one
> > executable as far as I know.  Plugins would have to link with the
> > emulator's import library, but there would be one import library per
> > emulator.
>
> I'm not sure I follow. There is nothing specific about the QEMU binary
> it cares about as long as the API symbols exist. Are you saying each
> QEMU binary will have different resolvable names for the external
> functions in plugins/api.c?
Hi, I've submit patches to fix the issue on win32, please have a look, it's
have some advantage
that we doesn't need the configure procedure anymore, and the .symobls
files are also no need
anymore, like the the OpenGL does.
>
> >
> > Paolo
> >
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> tests/plugin/libempty.dll.p/empty.c.obj: in function
`qemu_plugin_install':
> >> C:\work\xemu\qemu\build/../tests/plugin/empty.c:30: undefined reference
> >> to `qemu_plugin_register_vcpu_tb_trans_cb'
> >> cc1.exe: all warnings being treated as errors
> >> collect2.exe: error: ld returned 1 exit status
> >> make: *** [Makefile.ninja:2433：tests/plugin/libempty.dll] 错误 1
> >> make: *** 正在等待未完成的任务
> >> make: *** [Makefile.ninja:2420：tests/plugin/libbb.dll.p/bb.c.obj] 错误 1
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> tests/plugin/libinsn.dll.p/insn.c.obj: in function `vcpu_tb_trans':
> >> C:\work\xemu\qemu\build/../tests/plugin/insn.c:29: undefined reference
> >> to `qemu_plugin_tb_n_insns'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> C:\work\xemu\qemu\build/../tests/plugin/insn.c:33: undefined reference
> >> to `qemu_plugin_tb_get_insn'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> C:\work\xemu\qemu\build/../tests/plugin/insn.c:36: undefined reference
> >> to `qemu_plugin_register_vcpu_insn_exec_inline'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> C:\work\xemu\qemu\build/../tests/plugin/insn.c:39: undefined reference
> >> to `qemu_plugin_register_vcpu_insn_exec_cb'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> tests/plugin/libinsn.dll.p/insn.c.obj: in function `plugin_exit':
> >> C:\work\xemu\qemu\build/../tests/plugin/insn.c:48: undefined reference
> >> to `qemu_plugin_outs'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> tests/plugin/libinsn.dll.p/insn.c.obj: in function
`qemu_plugin_install':
> >> C:\work\xemu\qemu\build/../tests/plugin/insn.c:59: undefined reference
> >> to `qemu_plugin_register_vcpu_tb_trans_cb'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> C:\work\xemu\qemu\build/../tests/plugin/insn.c:60: undefined reference
> >> to `qemu_plugin_register_atexit_cb'
> >> collect2.exe: error: ld returned 1 exit status
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> tests/plugin/libmem.dll.p/mem.c.obj: in function `plugin_exit':
> >> C:\work\xemu\qemu\build/../tests/plugin/mem.c:33: undefined reference
to
> >> `qemu_plugin_outs'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> tests/plugin/libmem.dll.p/mem.c.obj: in function `vcpu_mem':
> >> C:\work\xemu\qemu\build/../tests/plugin/mem.c:41: undefined reference
to
> >> `qemu_plugin_get_hwaddr'
> >>
C:/CI-Tools/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/10.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe:
> >> 

[PATCH v4] linux-user: Add most IFTUN ioctls

[Shu-Chun Weng via]

The three options handling `struct sock_fprog` (TUNATTACHFILTER,
TUNDETACHFILTER, and TUNGETFILTER) are not implemented. Linux kernel
keeps a user space pointer in them which we cannot correctly handle.

Signed-off-by: Josh Kunz 
Signed-off-by: Shu-Chun Weng 
---
v2->v3:
  IOCTL_SPECIAL(TUNSETTXFILTER) type changed to MK_PTR(TYPE_PTRVOID) for strace
  to display the raw pointer.

  Updated do_ioctl_TUNSETTXFILTER for correct usages of unlock_user() and
  offsetof().

v3->v4:
  IOCTL_SPECIAL(TUNSETTXFILTER) corrected to TYPE_PTRVOID.

 linux-user/ioctls.h   | 46 +++
 linux-user/syscall.c  | 38 
 linux-user/syscall_defs.h | 32 +++
 3 files changed, 116 insertions(+)

diff --git a/linux-user/ioctls.h b/linux-user/ioctls.h
index 0713ae1311..c6e5926eb4 100644
--- a/linux-user/ioctls.h
+++ b/linux-user/ioctls.h
@@ -593,3 +593,49 @@
   IOCTL(KCOV_DISABLE, 0, TYPE_NULL)
   IOCTL(KCOV_INIT_TRACE, IOC_R, TYPE_ULONG)
 #endif
+
+  IOCTL(TUNSETDEBUG, IOC_W, TYPE_INT)
+  IOCTL(TUNSETIFF,   IOC_RW, MK_PTR(MK_STRUCT(STRUCT_short_ifreq)))
+  IOCTL(TUNSETPERSIST,   IOC_W, TYPE_INT)
+  IOCTL(TUNSETOWNER, IOC_W, TYPE_INT)
+  IOCTL(TUNSETLINK,  IOC_W, TYPE_INT)
+  IOCTL(TUNSETGROUP, IOC_W, TYPE_INT)
+  IOCTL(TUNGETFEATURES,  IOC_R, MK_PTR(TYPE_INT))
+  IOCTL(TUNSETOFFLOAD,   IOC_W, TYPE_LONG)
+  IOCTL_SPECIAL(TUNSETTXFILTER, IOC_W, do_ioctl_TUNSETTXFILTER,
+/*
+ * We can't represent `struct tun_filter` in thunk so leaving
+ * it uninterpreted. do_ioctl_TUNSETTXFILTER will do the
+ * conversion.
+ */
+TYPE_PTRVOID)
+  IOCTL(TUNGETIFF,   IOC_R, MK_PTR(MK_STRUCT(STRUCT_short_ifreq)))
+  IOCTL(TUNGETSNDBUF,IOC_R, MK_PTR(TYPE_INT))
+  IOCTL(TUNSETSNDBUF,IOC_W, MK_PTR(TYPE_INT))
+  /*
+   * TUNATTACHFILTER and TUNDETACHFILTER are not supported. Linux kernel keeps 
a
+   * user pointer in TUNATTACHFILTER, which we are not able to correctly 
handle.
+   */
+  IOCTL(TUNGETVNETHDRSZ, IOC_R, MK_PTR(TYPE_INT))
+  IOCTL(TUNSETVNETHDRSZ, IOC_W, MK_PTR(TYPE_INT))
+  IOCTL(TUNSETQUEUE, IOC_W, MK_PTR(MK_STRUCT(STRUCT_short_ifreq)))
+  IOCTL(TUNSETIFINDEX ,  IOC_W, MK_PTR(TYPE_INT))
+  /* TUNGETFILTER is not supported: see TUNATTACHFILTER. */
+  IOCTL(TUNSETVNETLE,IOC_W, MK_PTR(TYPE_INT))
+  IOCTL(TUNGETVNETLE,IOC_R, MK_PTR(TYPE_INT))
+#ifdef TUNSETVNETBE
+  IOCTL(TUNSETVNETBE,IOC_W, MK_PTR(TYPE_INT))
+  IOCTL(TUNGETVNETBE,IOC_R, MK_PTR(TYPE_INT))
+#endif
+#ifdef TUNSETSTEERINGEBPF
+  IOCTL(TUNSETSTEERINGEBPF, IOC_W, MK_PTR(TYPE_INT))
+#endif
+#ifdef TUNSETFILTEREBPF
+  IOCTL(TUNSETFILTEREBPF, IOC_W, MK_PTR(TYPE_INT))
+#endif
+#ifdef TUNSETCARRIER
+  IOCTL(TUNSETCARRIER,   IOC_W, MK_PTR(TYPE_INT))
+#endif
+#ifdef TUNGETDEVNETNS
+  IOCTL(TUNGETDEVNETNS,  IOC_R, TYPE_NULL)
+#endif
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 945fc25279..1c955bc675 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -56,6 +56,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #ifdef CONFIG_TIMERFD
@@ -5415,6 +5416,43 @@ static abi_long do_ioctl_drm(const IOCTLEntry *ie, 
uint8_t *buf_temp,
 
 #endif
 
+static abi_long do_ioctl_TUNSETTXFILTER(const IOCTLEntry *ie, uint8_t 
*buf_temp,
+int fd, int cmd, abi_long arg)
+{
+struct tun_filter *filter = (struct tun_filter *)buf_temp;
+struct tun_filter *target_filter;
+char *target_addr;
+
+assert(ie->access == IOC_W);
+
+target_filter = lock_user(VERIFY_READ, arg, sizeof(*target_filter), 1);
+if (!target_filter) {
+return -TARGET_EFAULT;
+}
+filter->flags = tswap16(target_filter->flags);
+filter->count = tswap16(target_filter->count);
+unlock_user(target_filter, arg, 0);
+
+if (filter->count) {
+if (offsetof(struct tun_filter, addr) + filter->count * ETH_ALEN >
+MAX_STRUCT_SIZE) {
+return -TARGET_EFAULT;
+}
+
+target_addr = lock_user(VERIFY_READ,
+arg + offsetof(struct tun_filter, addr),
+filter->count * ETH_ALEN, 1);
+if (!target_addr) {
+return -TARGET_EFAULT;
+}
+memcpy(filter->addr, target_addr, filter->count * ETH_ALEN);
+unlock_user(target_addr, arg + offsetof(struct tun_filter, addr),
+filter->count * ETH_ALEN);
+}
+
+return get_errno(safe_ioctl(fd, ie->host_cmd, filter));
+}
+
 IOCTLEntry ioctl_entries[] = {
 #define IOCTL(cmd, access, ...) \
 { TARGET_ ## cmd, cmd, #cmd, access, 0, {  __VA_ARGS__ } },
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 3c261cff0e..7ef0ff0328 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -891,6 +891,38 @@ struct target_rtc_pll_info {
 
 #define TARGET_SIOCGIWNAME 

Re: [RFC PATCH v4 00/29] Hexagon patch series

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/1601314138-9930-1-git-send-email-tsimp...@quicinc.com/



Hi,

This series failed the docker-mingw@fedora build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#! /bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-mingw@fedora J=14 NETWORK=1
=== TEST SCRIPT END ===

Host machine cpu: x86_64
Target machine cpu family: x86
Target machine cpu: x86_64
../src/meson.build:10: WARNING: Module unstable-keyval has no backwards or 
forwards compatibility and might not exist in future releases.
Program sh found: YES
Program python3 found: YES (/usr/bin/python3)
Configuring ninjatool using configuration
---
FileNotFoundError: [Errno 2] No such file or directory: '@INPUT@'
Compiling C object 
tests/libtestqapi.a.p/meson-generated_.._test-qapi-introspect.c.obj
Compiling C object 
tests/libtestqapi.a.p/meson-generated_.._test-qapi-types-sub-sub-module.c.obj
make: *** [Makefile.ninja:785: target/hexagon/semantics_generated.pyinc.stamp] 
Error 1
make: *** Waiting for unfinished jobs
Running Sphinx v2.2.2
Running Sphinx v2.2.2
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--rm', 
'--label', 'com.qemu.instance.uuid=f3436adee502475b808e3143e318eadc', '-u', 
'1001', '--security-opt', 'seccomp=unconfined', '-e', 'TARGET_LIST=', '-e', 
'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 
'SHOW_ENV=', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', 
'/home/patchew/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', 
'/var/tmp/patchew-tester-tmp-pqn71064/src/docker-src.2020-09-28-21.13.22.10231:/var/tmp/qemu:z,ro',
 'qemu/fedora', '/var/tmp/qemu/run', 'test-mingw']' returned non-zero exit 
status 2.
filter=--filter=label=com.qemu.instance.uuid=f3436adee502475b808e3143e318eadc
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-pqn71064/src'
make: *** [docker-run-test-mingw@fedora] Error 2

real7m38.875s
user0m20.964s


The full log is available at
http://patchew.org/logs/1601314138-9930-1-git-send-email-tsimp...@quicinc.com/testing.docker-mingw@fedora/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

Re: [RFC PATCH v4 00/29] Hexagon patch series

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/1601314138-9930-1-git-send-email-tsimp...@quicinc.com/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 1601314138-9930-1-git-send-email-tsimp...@quicinc.com
Subject: [RFC PATCH v4 00/29] Hexagon patch series

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
07b7654 Hexagon build infrastructure
010f970 Hexagon (tests/tcg/hexagon) TCG tests
6d5cc34 Hexagon (linux-user/hexagon) Linux user emulation
2cc6884 Hexagon (target/hexagon) translation
78dc364 Hexagon (target/hexagon) TCG for instructions with multiple definitions
7da73c1 Hexagon (target/hexagon) TCG generation
2667588 Hexagon (target/hexagon) instruction classes
6447bfd Hexagon (target/hexagon) macros
09a6ee0 Hexagon (target/hexagon) opcode data structures
0a72ce4 Hexagon (target/hexagon) generater phase 4 - decode tree
e10510a Hexagon (target/hexagon) generator phase 3 - C preprocessor for decode 
tree
e13fc67 Hexagon (target/hexagon) generator phase 2 - generate header files
c51b8ef Hexagon (target/hexagon) generator phase 1 - C preprocessor for 
semantics
8e3991c Hexagon (target/hexagon/imported) arch import
aaa7fdf Hexagon (target/hexagon) utility functions
e10964e Hexagon (target/hexagon) instruction printing
78eb919 Hexagon (target/hexagon) instruction/packet decode
71da9a7 Hexagon (target/hexagon) instruction attributes
14de848 Hexagon (target/hexagon) register fields
e51e071 Hexagon (target/hexagon) instruction and packet types
7aa4ff5 Hexagon (target/hexagon) architecture types
cd303dc Hexagon (target/hexagon) GDB Stub
acb70e2 Hexagon (target/hexagon) scalar core helpers
c5c476c Hexagon (target/hexagon) register names
dcf7c0c Hexagon (disas) disassembler
6564db7 Hexagon (target/hexagon) scalar core definition
a5ea831 Hexagon (include/elf.h) ELF machine definition
73fa471 Hexagon (target/hexagon) README
83d6242 Hexagon Update MAINTAINERS file

=== OUTPUT BEGIN ===
1/29 Checking commit 83d6242ea963 (Hexagon Update MAINTAINERS file)
2/29 Checking commit 73fa4715a018 (Hexagon (target/hexagon) README)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#13: 
new file mode 100644

total: 0 errors, 1 warnings, 236 lines checked

Patch 2/29 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
3/29 Checking commit a5ea8316fe44 (Hexagon (include/elf.h) ELF machine 
definition)
4/29 Checking commit 6564db7eff40 (Hexagon (target/hexagon) scalar core 
definition)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#13: 
new file mode 100644

total: 0 errors, 1 warnings, 570 lines checked

Patch 4/29 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
5/29 Checking commit dcf7c0cbc41a (Hexagon (disas) disassembler)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#15: 
new file mode 100644

total: 0 errors, 1 warnings, 76 lines checked

Patch 5/29 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
6/29 Checking commit c5c476c4cb67 (Hexagon (target/hexagon) register names)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#12: 
new file mode 100644

total: 0 errors, 1 warnings, 83 lines checked

Patch 6/29 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
7/29 Checking commit acb70e2f6042 (Hexagon (target/hexagon) scalar core helpers)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#14: 
new file mode 100644

total: 0 errors, 1 warnings, 412 lines checked

Patch 7/29 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
8/29 Checking commit cd303dc889e2 (Hexagon (target/hexagon) GDB Stub)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#27: 
new file mode 100644

total: 0 errors, 1 warnings, 64 lines checked

Patch 8/29 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
9/29 Checking commit 7aa4ff557b75 (Hexagon (target/hexagon) architecture types)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#13: 
new file mode 100644

total: 0 errors, 1 warnings, 43 lines checked

Patch 9/29 has style problems, please review.  If any of these errors
are false 

[RFC 3/3] docs/specs: IPMI device emulation: BMC

[Havard Skinnemoen via]

The IPMI document is expanded with a proposal to emulate BMC-side IPMI
devices. This allows a QEMU instance running server software to interact
with a different QEMU instance running BMC firmware, which should
closely model how a real server system works.

The document as rendered by "make sphinxdocs" can be seen here:

https://hskinnemoen.github.io/qemu/specs/ipmi.html

Signed-off-by: Havard Skinnemoen 
---
 docs/specs/ipmi.rst | 83 +
 1 file changed, 83 insertions(+)

diff --git a/docs/specs/ipmi.rst b/docs/specs/ipmi.rst
index e0f9ab20ba..f45a452ef9 100644
--- a/docs/specs/ipmi.rst
+++ b/docs/specs/ipmi.rst
@@ -91,6 +91,89 @@ further delegated to an external emulator, or a real BMC. The
 ``ipmi-bmc-extern`` device has a required ``chardev`` property which specifies
 the communications channel to the external BMC.
 
+Baseband Management Controller (BMC) emulation
+==
+
+.. note:: This section is just a proposal. QEMU does not yet support BMC-side
+   IPMI emulation.
+
+This section is about emulation of IPMI-related devices in a System-on-Chip
+(SoC) used as a Baseband Management Controller. This is not to be confused with
+emulating the BMC device as seen by the main processor.
+
+SoCs that are designed to be used as a BMC often have dedicated hardware that
+allows them to be connected to one or more of the IPMI System Interfaces. The
+BMC-side hardware interface is not standardized, so each type of SoC may need
+its own device implementation in QEMU, for example:
+
+* ``aspeed-ipmi-ibt`` for emulating the Aspeed iBT peripheral.
+* ``npcm7xx-ipmi-kcs`` for emulating the Nuvoton NPCM7xx Host-to-BMC Keyboard
+  Controller Style (KCS) channels.
+
+.. blockdiag::
+
+blockdiag bmc_ipmi {
+orientation = portrait
+default_group_color = "none";
+class responder [color = lightblue];
+class host [color = salmon];
+
+host [color="aquamarine", label="External Host"]
+
+group {
+orientation = portrait
+
+group {
+orientation = portrait
+
+ipmi-responder [class = "responder"]
+npcm7xx-ipmi-kcs [class = "responder", stacked]
+
+ipmi-responder <- npcm7xx-ipmi-kcs [hstyle = generalization];
+}
+
+group {
+orientation = portrait
+
+ipmi-host [class = "host"];
+ipmi-host-sim [class = "host"];
+ipmi-host-extern [class = "host"];
+
+ipmi-host <- ipmi-host-sim [hstyle = generalization];
+ipmi-host <- ipmi-host-extern [hstyle = generalization];
+}
+
+ipmi-responder <-> ipmi-host
+}
+
+ipmi-host-extern <-> host [label="chardev"];
+}
+
+IPMI Responder
+--
+
+The software running on the BMC needs to intercept reads and writes to the
+system interface registers on the main processor. This requires special
+hardware that needs to be emulated by QEMU. We'll call these device *IPMI
+responders*.
+
+All *IPMI responder* devices should implement the ``ipmi-responder`` interface
+to allow an IPMI Host implementation to interact with them in a standard way.
+
+IPMI Host
+-
+
+Mirroring the main processor emulation, the responder devices delegate
+emulation of host behavior to a Host device that is a subclass of
+``ipmi-host``. This type of device is called a Host because that's what it
+looks like to the BMC guest software.
+
+The host behavior may be further delegated to an external emulator (e.g.
+another QEMU VM) through the ``ipmi-host-extern`` host implementation. This
+device has a required ``chardev`` property which specifies the communications
+channel to the external host. The wire format is the same as for
+``ipmi-bmc-extern``.
+
 Wire protocol
 =
 
-- 
2.28.0.709.gb0816b6eb0-goog

[RFC 2/3] docs/specs: IPMI device emulation: main processor

[Havard Skinnemoen via]

This document is an attempt to briefly document the existing IPMI
emulation support on the main processor. It provides the necessary
background for the BMC-side IPMI emulation proposed by the next patch.

Signed-off-by: Havard Skinnemoen 
---
 docs/specs/index.rst |   1 +
 docs/specs/ipmi.rst  | 100 +++
 2 files changed, 101 insertions(+)
 create mode 100644 docs/specs/ipmi.rst

diff --git a/docs/specs/index.rst b/docs/specs/index.rst
index 1b0eb979d5..9fdb94a578 100644
--- a/docs/specs/index.rst
+++ b/docs/specs/index.rst
@@ -14,5 +14,6 @@ Contents:
ppc-spapr-xive
ppc-spapr-numa
acpi_hw_reduced_hotplug
+   ipmi
tpm
acpi_hest_ghes
diff --git a/docs/specs/ipmi.rst b/docs/specs/ipmi.rst
new file mode 100644
index 00..e0f9ab20ba
--- /dev/null
+++ b/docs/specs/ipmi.rst
@@ -0,0 +1,100 @@
+=
+IPMI device emulation
+=
+
+QEMU supports emulating many types of machines. This includes machines that may
+serve as the main processor in an IPMI system, e.g. x86 or POWER server
+processors, as well as machines emulating ARM-based Baseband Management
+Controllers (BMCs), e.g. AST2xxx or NPCM7xxx systems-on-chip.
+
+Main processor emulation
+
+
+A server platform may include one of the following system interfaces for
+communicating with a BMC:
+
+* A Keyboard Controller Style (KCS) Interface, accessible via ISA
+  (``isa-ipmi-kcs``) or PCI (``pci-ipmi-kcs``).
+* A Block Transfer (BT) Interface, accessible via ISA (``isa-ipmi-bt``) or PCI
+  (``pci-ipmi-bt``).
+* An SMBus System Interface (SSIF; ``smbus-ipmi``).
+  
+These interfaces can all be emulated by QEMU. To emulate the behavior of the
+BMC, the messaging interface emulators use one of the following backends:
+
+* A BMC simulator running within the QEMU process (``ipmi-bmc-sim``).
+* An external BMC simulator or emulator, connected over a chardev
+  (``ipmi-bmc-extern``). `ipmi_sim
+  `_
+  from OpenIPMI is an example external BMC emulator.
+
+The following diagram shows how these entities relate to each other.
+
+.. blockdiag::
+
+blockdiag main_processor_ipmi {
+orientation = portrait
+default_group_color = "none";
+class msgif [color = lightblue];
+class bmc [color = salmon];
+
+ipmi_sim [color="aquamarine", label="External BMC"]
+ipmi-bmc-extern <-> ipmi_sim [label="chardev"];
+
+group {
+orientation = portrait
+
+ipmi-interface <-> ipmi-bmc;
+
+group {
+orientation = portrait
+
+ipmi-interface [class = "msgif"];
+isa-ipmi-kcs [class="msgif", stacked];
+
+ipmi-interface <- isa-ipmi-kcs [hstyle = generalization];
+}
+
+
+group {
+orientation = portrait
+
+ipmi-bmc [class = "bmc"];
+ipmi-bmc-sim [class="bmc"];
+ipmi-bmc-extern [class="bmc"];
+
+ipmi-bmc <- ipmi-bmc-sim [hstyle = generalization];
+ipmi-bmc <- ipmi-bmc-extern [hstyle = generalization];
+}
+
+}
+}
+
+IPMI System Interfaces
+--
+
+The system software running on the main processor may use a *system interface*
+to communicate with the BMC. These are hardware devices attached to an ISA, PCI
+or i2c bus, and in QEMU, they all need to implement ``ipmi-interface``.
+This allows a BMC implementation to interact with the system interface in a
+standard way.
+
+IPMI BMC
+
+
+The system interface devices delegate emulation of BMC behavior to a BMC
+device, that is a subclass of ``ipmi-bmc``. This type of device is called
+a BMC because that's what it looks like to the main processor guest software.
+
+The BMC behavior may be simulated within the qemu process (``ipmi-bmc-sim``) or
+further delegated to an external emulator, or a real BMC. The
+``ipmi-bmc-extern`` device has a required ``chardev`` property which specifies
+the communications channel to the external BMC.
+
+Wire protocol
+=
+
+The wire protocol used between ``ipmi-bmc-extern`` and the external BMC
+emulator is defined by `README.vm
+`_ from
+the OpenIPMI project.
-- 
2.28.0.709.gb0816b6eb0-goog

[RFC 1/3] docs: enable sphinx blockdiag extension

[Havard Skinnemoen via]

Signed-off-by: Havard Skinnemoen 
---
 docs/conf.py | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/docs/conf.py b/docs/conf.py
index 0dbd90dc11..7c72f1a074 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -67,7 +67,10 @@ needs_sphinx = '1.6'
 # Add any Sphinx extension module names here, as strings. They can be
 # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
 # ones.
-extensions = ['kerneldoc', 'qmp_lexer', 'hxtool', 'depfile']
+extensions = ['kerneldoc', 'qmp_lexer', 'hxtool', 'depfile', 
'sphinxcontrib.blockdiag']
+
+# Fontpath for blockdiag (truetype font)
+blockdiag_fontpath = 
'/usr/share/fonts/truetype/liberation/LiberationSans-Regular.ttf'
 
 # Add any paths that contain templates here, relative to this directory.
 templates_path = ['_templates']
-- 
2.28.0.709.gb0816b6eb0-goog

[RFC 0/3] QEMU as IPMI BMC emulator

[Havard Skinnemoen via]

This series briefly documents the existing IPMI device support for main
processor emulation, and goes on to propose a similar device structure to
emulate IPMI responder devices in BMC machines. This would allow a qemu
instance running BMC firmware to serve as an external BMC for a qemu instance
running server software.

RFC only at this point because the series does not include actual code to
implement this. I'd appreciate some initial feedback on

1. Whether anyone else is interested in something like this.
2. Completeness (i.e. anything that could be explained in more detail in the
   docs).
3. Naming, and whether 'specs' is the right place to put this.
4. Whether it's OK to enable the blockdiag sphinx extension (if not, I'll just
   toss the block diagrams and turn the docs into walls of text).

If this seems reasonable, I'll start working with one of my team mates on
implementing the common part, as well as the Nuvoton-specific responder device.
Possibly also an Aspeed device.

Havard Skinnemoen (3):
  docs: enable sphinx blockdiag extension
  docs/specs: IPMI device emulation: main processor
  docs/specs: IPMI device emulation: BMC

 docs/conf.py |   5 +-
 docs/specs/index.rst |   1 +
 docs/specs/ipmi.rst  | 183 +++
 3 files changed, 188 insertions(+), 1 deletion(-)
 create mode 100644 docs/specs/ipmi.rst

-- 
2.28.0.709.gb0816b6eb0-goog

Re: [PATCH v4 00/14] hw/block/nvme: Support Namespace Types and Zoned Namespace Command Set

[Damien Le Moal]

On 2020/09/29 6:25, Keith Busch wrote:
> On Mon, Sep 28, 2020 at 08:36:48AM +0200, Klaus Jensen wrote:
>> On Sep 28 02:33, Dmitry Fomichev wrote:
>>> You are making it sound like the entire WDC series relies on this approach.
>>> Actually, the persistency is introduced in the second to last patch in the
>>> series and it only adds a couple of lines of code in the i/o path to mark
>>> zones dirty. This is possible because of using mmap() and I find the way
>>> it is done to be quite elegant, not ugly :)
>>>
>>
>> No, I understand that your implementation works fine without
>> persistance, but persistance is key. That is why my series adds it in
>> the first patch. Without persistence it is just a toy. And the QEMU
>> device is not just an "NVMe-version" of null_blk.
> 
> I really think we should be a bit more cautious of commiting to an
> on-disk format for the persistent state. Both this and Klaus' persistent
> state feels a bit ad-hoc, and with all the other knobs provided, it
> looks too easy to have out-of-sync states, or just not being able to
> boot at all if a qemu versions have different on-disk formats.
> 
> Is anyone really considering zone emulation for production level stuff
> anyway? I can't imagine a real scenario where you'd want put yourself
> through that: you are just giving yourself all the downsides of a zoned
> block device and none of the benefits. AFAIK, this is provided as a
> development vehicle, closer to a "toy".
> 
> I think we should consider trimming this down to a more minimal set that
> we *do* agree on and commit for inclusion ASAP. We can iterate all the
> bells & whistles and flush out the meta data's data marshalling scheme
> for persistence later.

+1 on this. Removing the persistence also removes the debate on endianess. With
that out of the way, it should be straightforward to get agreement on a series
that can be merged quickly to get developers started with testing ZNS software
with QEMU. That is the most important goal here. 5.9 is around the corner, we
need something for people to get started with ZNS quickly.


-- 
Damien Le Moal
Western Digital Research

Re: [PATCH] migration: Truncate state file in xen-save-devices-state

[Marek Marczykowski-Górecki]

On Mon, Sep 28, 2020 at 05:46:18PM +0100, Anthony PERARD wrote:
> On Mon, Sep 21, 2020 at 12:17:23PM +0100, Dr. David Alan Gilbert wrote:
> > * Dov Murik (dovmu...@linux.vnet.ibm.com) wrote:
> > > When running the xen-save-devices-state QMP command, if the filename
> > > already exists it will be truncated before dumping the devices' state
> > > into it.
> > > 
> > > Signed-off-by: Dov Murik 
> > > ---
> > >  migration/savevm.c | 3 ++-
> > >  1 file changed, 2 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/migration/savevm.c b/migration/savevm.c
> > > index 304d98ff78..e1b26672cc 100644
> > > --- a/migration/savevm.c
> > > +++ b/migration/savevm.c
> > > @@ -2803,7 +2803,8 @@ void qmp_xen_save_devices_state(const char 
> > > *filename, bool has_live, bool live,
> > >  vm_stop(RUN_STATE_SAVE_VM);
> > >  global_state_store_running();
> > >  
> > > -ioc = qio_channel_file_new_path(filename, O_WRONLY | O_CREAT, 0660, 
> > > errp);
> > > +ioc = qio_channel_file_new_path(filename, O_WRONLY | O_CREAT | 
> > > O_TRUNC,
> > > +0660, errp);
> > >  if (!ioc) {
> > >  goto the_end;
> > >  }
> 
> Hi Marek,
> 
> Do you know if the above patch is going to work in a linux stubdomain?
> Can we truncate the "save file" which seems to be stubdomain's console 1?

No, truncate won't work on the stubdomain's console. I mean, the
operation won't fail, but the actual file connected to the console on
the other end won't get truncated. But I think in case of stubdomain,
toolstack should connect the console to an empty file, so it shouldn't
be a problem.

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?


signature.asc
Description: PGP signature

Re: [PATCH v2 7/8] qemu/bswap: Use compiler __builtin_bswap() on NetBSD

[Kamil Rytarowski]

On 28.09.2020 15:19, Philippe Mathieu-Daudé wrote:
> Since commit efc6c070aca ("configure: Add a test for the minimum
> compiler version") the minimum compiler version required for GCC
> is 4.8, which supports __builtin_bswap().
> Remove the NetBSD specific ifdef'ry.
> 
> This reverts commit 1360677cfe3ca8f945fa1de77823df21a77e4500
> ("makes NetBSD use the native bswap functions").
> 

Personally, I prefer using the system headers. but if you want to use
the GCC builtins, please go for it.

> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  configure| 15 ---
>  include/qemu/bswap.h |  5 -
>  2 files changed, 20 deletions(-)
> 
> diff --git a/configure b/configure
> index bff787daea7..1b0a02a0af8 100755
> --- a/configure
> +++ b/configure
> @@ -4886,18 +4886,6 @@ if test "$docs" != "no" ; then
>fi
>  fi
>  
> -# Search for bswap32 function
> -bswap_h=no
> -cat > $TMPC << EOF
> -#include 
> -#include 
> -#include 
> -int main(void) { return bswap32(0); }
> -EOF
> -if compile_prog "" "" ; then
> -  bswap_h=yes
> -fi
> -
>  ##
>  # Do we have libiscsi >= 1.9.0
>  if test "$libiscsi" != "no" ; then
> @@ -6779,9 +6767,6 @@ fi
>  if test "$st_atim" = "yes" ; then
>echo "HAVE_STRUCT_STAT_ST_ATIM=y" >> $config_host_mak
>  fi
> -if test "$bswap_h" = "yes" ; then
> -  echo "CONFIG_MACHINE_BSWAP_H=y" >> $config_host_mak
> -fi
>  if test "$curl" = "yes" ; then
>echo "CONFIG_CURL=y" >> $config_host_mak
>echo "CURL_CFLAGS=$curl_cflags" >> $config_host_mak
> diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
> index 1a297bfec22..7e586531c09 100644
> --- a/include/qemu/bswap.h
> +++ b/include/qemu/bswap.h
> @@ -3,17 +3,12 @@
>  
>  #include "fpu/softfloat-types.h"
>  
> -#ifdef CONFIG_MACHINE_BSWAP_H
> -# include 
> -# include 
> -#else
>  #undef  bswap16
>  #define bswap16(_x) __builtin_bswap16(_x)
>  #undef  bswap32
>  #define bswap32(_x) __builtin_bswap32(_x)
>  #undef  bswap64
>  #define bswap64(_x) __builtin_bswap64(_x)
> -#endif /* ! CONFIG_MACHINE_BSWAP_H */
>  
>  static inline void bswap16s(uint16_t *s)
>  {
> 

[Bug 1857269] Re: Keyboard not fully working on Windows version

[José Antonio López Cano]

This bug is solved in last version of qemu for windows.

Great work.

Best regards.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1857269

Title:
  Keyboard not fully working on Windows version

Status in QEMU:
  New

Bug description:
  Hello,

  I am working with windows qemu version:

  qemu-w64-setup-20190815

  I have installed a msdos virtual machine on qemu with sp keyboard
  layout (Spain at Europe). I have found that some keys do not work in
  the way they should. I believe that the problem is that es qemu
  spanish keyboard layout is the latin one, la in msdos sysytem.

  I ask you to create the Spain layout.


  Thanks in advance.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1857269/+subscriptions

Re: [PATCH v4 00/14] hw/block/nvme: Support Namespace Types and Zoned Namespace Command Set

[Keith Busch]

On Mon, Sep 28, 2020 at 08:36:48AM +0200, Klaus Jensen wrote:
> On Sep 28 02:33, Dmitry Fomichev wrote:
> > You are making it sound like the entire WDC series relies on this approach.
> > Actually, the persistency is introduced in the second to last patch in the
> > series and it only adds a couple of lines of code in the i/o path to mark
> > zones dirty. This is possible because of using mmap() and I find the way
> > it is done to be quite elegant, not ugly :)
> > 
> 
> No, I understand that your implementation works fine without
> persistance, but persistance is key. That is why my series adds it in
> the first patch. Without persistence it is just a toy. And the QEMU
> device is not just an "NVMe-version" of null_blk.

I really think we should be a bit more cautious of commiting to an
on-disk format for the persistent state. Both this and Klaus' persistent
state feels a bit ad-hoc, and with all the other knobs provided, it
looks too easy to have out-of-sync states, or just not being able to
boot at all if a qemu versions have different on-disk formats.

Is anyone really considering zone emulation for production level stuff
anyway? I can't imagine a real scenario where you'd want put yourself
through that: you are just giving yourself all the downsides of a zoned
block device and none of the benefits. AFAIK, this is provided as a
development vehicle, closer to a "toy".

I think we should consider trimming this down to a more minimal set that
we *do* agree on and commit for inclusion ASAP. We can iterate all the
bells & whistles and flush out the meta data's data marshalling scheme
for persistence later.

Re: [PATCH v2 6/8] qemu/bswap: Use compiler __builtin_bswap() on FreeBSD

[Ed Maste]

On Mon, 28 Sep 2020 at 09:20, Philippe Mathieu-Daudé  wrote:
>
> Since commit efc6c070aca ("configure: Add a test for the minimum
> compiler version") the minimum compiler version required for GCC
> is 4.8, which supports __builtin_bswap().
> Remove the FreeBSD specific ifdef'ry.
>
> This reverts commit de03c3164accc21311c39327601fcdd95da301f3
> ("bswap: Fix build on FreeBSD 10.0").
>
> Signed-off-by: Philippe Mathieu-Daudé 

Reviewed-by: Ed Maste 

Aside, to test building with this change on Clang 11 (default compiler
in FreeBSD-CURRENT) I needed a few other changes to avoid warnings:

hw/s390x/ipl.h, hw/usb/dev-uas.c variable sized type warnings

../hw/usb/dev-uas.c:157:31: error: field 'status' with variable sized
type 'uas_iu' not at the end of a struct or class is a GNU extension
[-Werror,-Wgnu-variable-sized-type-not-at-end]
uas_iustatus;
  ^

target/s390x/cpu_models.c pointer to smaller integer type cast

../target/s390x/cpu_models.c:984:21: error: cast to smaller integer
type 'S390Feat' from 'void *' [-Werror,-Wvoid-pointer-to-enum-cast]
S390Feat feat = (S390Feat) opaque;
^

Re: [PATCH] vhost-user: save features of multiqueues if chardev is closed

[Michael S. Tsirkin]

On Wed, Sep 23, 2020 at 11:44:41AM +0200, Adrian Moreno wrote:
> Thanks Haibin,
> 
> 
> On 9/22/20 5:27 AM, haibinzhang(张海斌) wrote:
> > Fore-commit(c6beefd674) only saves features of queue0,
> > this makes wrong features of other queues in multiqueues
> > situation.
> > For examples:
> >   qemu-system-aarch64 ... \
> >   -chardev socket,id=charnet0,path=/var/run/vhost_sock \
> >   -netdev vhost-user,chardev=charnet0,queues=2,id=hostnet0 \
> >   ...
> > There are two queues in nic assocated with one chardev.
> > When chardev is reconnected, it is necessary to save and
> > restore features of all queues.
> > 
> > Signed-of-by: Haibin Zhang 
> > 
> 
> 
> Indeed, this fixes the issue of vhost-user reconnection on multiqueue that 
> I've
> also reproduced, thanks for posting it.
> 
> However, I'd like to ask some questions to the experts:
> - Why do we need a feature negotiation per queue-pair on vhost-user?
> - Maybe I'm missing something but, isn't the problem that vhost-user device is
> reusing vhost_net layer (which forces nqueues = 2)?
> - Won't we have the same issue with vdpa?

queued this for now. Jason, what are your thoughts on the questions?

> ---
> >  net/vhost-user.c | 10 +++---
> >  1 file changed, 7 insertions(+), 3 deletions(-)
> > 
> > diff --git a/net/vhost-user.c b/net/vhost-user.c
> > index 17532daaf3..ffbd94d944 100644
> > --- a/net/vhost-user.c
> > +++ b/net/vhost-user.c
> > @@ -226,7 +226,7 @@ static void chr_closed_bh(void *opaque)
> >  NetClientState *ncs[MAX_QUEUE_NUM];
> >  NetVhostUserState *s;
> >  Error *err = NULL;
> > -int queues;
> > +int queues, i;
> >  
> >  queues = qemu_find_net_clients_except(name, ncs,
> >NET_CLIENT_DRIVER_NIC,
> > @@ -235,8 +235,12 @@ static void chr_closed_bh(void *opaque)
> >  
> >  s = DO_UPCAST(NetVhostUserState, nc, ncs[0]);
> >  
> > -if (s->vhost_net) {
> > -s->acked_features = vhost_net_get_acked_features(s->vhost_net);
> > +for (i = queues -1; i >= 0; i--) {
> > +s = DO_UPCAST(NetVhostUserState, nc, ncs[i]);
> > +
> > +if (s->vhost_net) {
> > +s->acked_features = vhost_net_get_acked_features(s->vhost_net);
> > +}
> >  }
> >  
> >  qmp_set_link(name, false, );
> > 
> 
> Thanks
> -- 
> Adrián Moreno

Re: [RFC PATCH v4 27/29] Hexagon (linux-user/hexagon) Linux user emulation

[Laurent Vivier]

Le 28/09/2020 à 19:28, Taylor Simpson a écrit :
> Implementation of Linux user emulation for Hexagon
> Some common files modified in addition to new files in linux-user/hexagon
> 
> Signed-off-by: Taylor Simpson 
> Reviewed-by: Richard Henderson 
> ---
>  linux-user/hexagon/sockbits.h   |  18 ++
>  linux-user/hexagon/syscall_nr.h | 343 
> 
>  linux-user/hexagon/target_cpu.h |  44 +
>  linux-user/hexagon/target_elf.h |  40 +
>  linux-user/hexagon/target_fcntl.h   |  18 ++
>  linux-user/hexagon/target_signal.h  |  34 
>  linux-user/hexagon/target_structs.h |  46 +
>  linux-user/hexagon/target_syscall.h |  36 
>  linux-user/hexagon/termbits.h   |  18 ++
>  linux-user/qemu.h   |   2 +
>  linux-user/syscall_defs.h   |  33 
>  linux-user/elfload.c|  16 ++
>  linux-user/hexagon/cpu_loop.c   |  99 +++
>  linux-user/hexagon/signal.c | 276 +
>  linux-user/hexagon/meson.build  |  22 +++
>  linux-user/meson.build  |   1 +
>  scripts/gensyscalls.sh  |   3 +-
>  17 files changed, 1048 insertions(+), 1 deletion(-)
>  create mode 100644 linux-user/hexagon/sockbits.h
>  create mode 100644 linux-user/hexagon/syscall_nr.h
>  create mode 100644 linux-user/hexagon/target_cpu.h
>  create mode 100644 linux-user/hexagon/target_elf.h
>  create mode 100644 linux-user/hexagon/target_fcntl.h
>  create mode 100644 linux-user/hexagon/target_signal.h
>  create mode 100644 linux-user/hexagon/target_structs.h
>  create mode 100644 linux-user/hexagon/target_syscall.h
>  create mode 100644 linux-user/hexagon/termbits.h
>  create mode 100644 linux-user/hexagon/cpu_loop.c
>  create mode 100644 linux-user/hexagon/signal.c
>  create mode 100644 linux-user/hexagon/meson.build
> 
...
> diff --git a/linux-user/hexagon/meson.build b/linux-user/hexagon/meson.build
> new file mode 100644
> index 000..7158e52
> --- /dev/null
> +++ b/linux-user/hexagon/meson.build
> @@ -0,0 +1,22 @@
> +##
> +##  Copyright(c) 2020 Qualcomm Innovation Center, Inc. All Rights Reserved.
> +##
> +##  This program is free software; you can redistribute it and/or modify
> +##  it under the terms of the GNU General Public License as published by
> +##  the Free Software Foundation; either version 2 of the License, or
> +##  (at your option) any later version.
> +##
> +##  This program is distributed in the hope that it will be useful,
> +##  but WITHOUT ANY WARRANTY; without even the implied warranty of
> +##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> +##  GNU General Public License for more details.
> +##
> +##  You should have received a copy of the GNU General Public License
> +##  along with this program; if not, see .
> +##
> +
> +syscall_nr_generators += {
> +  'hexagon': generator(sh,
> +   arguments: [ 'cat', 'syscall_nr.h', '>', '@OUTPUT@' ],
> + output: '@BASENAME@_nr.h')

Why do we need that?
The syscall_nr_generators is used to generate syscall_nr.h from syscall.tbl

> +}
> diff --git a/linux-user/meson.build b/linux-user/meson.build
> index 2b94e4b..8b1dfc8 100644
> --- a/linux-user/meson.build
> +++ b/linux-user/meson.build
> @@ -22,6 +22,7 @@ syscall_nr_generators = {}
>  
>  subdir('alpha')
>  subdir('arm')
> +subdir('hexagon')

so you don't need that either

>  subdir('hppa')
>  subdir('i386')
>  subdir('m68k')
> diff --git a/scripts/gensyscalls.sh b/scripts/gensyscalls.sh
> index b7b8456..e2ee60a 100755
> --- a/scripts/gensyscalls.sh
> +++ b/scripts/gensyscalls.sh
> @@ -53,7 +53,7 @@ read_includes()
>  
>  filter_defines()
>  {
> -grep -e "#define __NR_" -e "#define __NR3264"
> +grep -e "#define __NR_" -e "#define __NR3264" | grep -v __NR_syscalls

Why do you remove __NR_syscalls?

>  }
>  
>  rename_defines()
> @@ -99,4 +99,5 @@ generate_syscall_nr openrisc 32 
> "$output/linux-user/openrisc/syscall_nr.h"
>  
>  generate_syscall_nr riscv 32 "$output/linux-user/riscv/syscall32_nr.h"
>  generate_syscall_nr riscv 64 "$output/linux-user/riscv/syscall64_nr.h"
> +generate_syscall_nr hexagon 32 "$output/linux-user/hexagon/syscall_nr.h"

Please, move this line to the previous block (that generates
syscall_nr.h and not syscallXX_nr.h)

>  rm -fr "$TMP"
> 

Thanks,
Laurent

Re: [PATCH v4 2/2] Mark Icelake-Client CPU models deprecated

[Eduardo Habkost]

On Tue, Sep 22, 2020 at 03:14:15PM +0800, Robert Hoo wrote:
> Going to obsolete Icelake-Client CPU models in the future.
> 
> Signed-off-by: Robert Hoo 
> ---
> Change log
> v4:
> Deprecation note is general now. More detailed information is moved to
> docs/system/deprecated.rst.
> 
> v3:
> Obsolete in v5.2 --> v5.3.
> 
> ---
>  docs/system/deprecated.rst |  6 ++
>  target/i386/cpu.c  | 10 +++---
>  2 files changed, 13 insertions(+), 3 deletions(-)
> 
> diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
> index 0cb8b01..5dc2ff3 100644
> --- a/docs/system/deprecated.rst
> +++ b/docs/system/deprecated.rst
> @@ -329,6 +329,12 @@ The ``compat`` property used to set backwards 
> compatibility modes for
>  the processor has been deprecated. The ``max-cpu-compat`` property of
>  the ``pseries`` machine type should be used instead.
>  
> +``Icelake-Client`` CPU Model (since 3.1)
> +
> +
> +``Icelake-Client`` CPU Models are deprecated. Use ``Icelake-Server`` CPU
> +Models instead.
> +
>  System emulator devices
>  ---
>  
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index 323c7e3..5566356 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -3358,10 +3358,13 @@ static X86CPUDefinition builtin_x86_defs[] = {
>  .xlevel = 0x8008,
>  .model_id = "Intel Core Processor (Icelake)",
>  .versions = (X86CPUVersionDefinition[]) {
> -{ .version = 1 },
> +{
> +.version = 1,
> +.note = "Deprecated"
> +},
>  {
>  .version = 2,
> -.note = "no TSX",
> +.note = "no TSX, Deprecated",
>  .alias = "Icelake-Client-noTSX",
>  .props = (PropValue[]) {
>  { "hle", "off" },
> @@ -3370,7 +3373,8 @@ static X86CPUDefinition builtin_x86_defs[] = {
>  },
>  },
>  { /* end of list */ }
> -}
> +},
> +.deprecation_note = "Deprecated. Use Icelake-Server instead."

This results in the following message:

  qemu-system-x86_64: warning: CPU model Icelake-Client-x86_64-cpu is 
deprecated -- Deprecated. Use Icelake-Server instead.

There's no need to say "deprecate" twice.

I'm changing it to "use Icelake-Server instead" and queueing on x86-next.
Thanks!


>  },
>  {
>  .name = "Icelake-Server",
> -- 
> 1.8.3.1
> 

-- 
Eduardo

Re: [PATCH v4 1/2] Introduce (x86) CPU model deprecation API

[Eduardo Habkost]

On Tue, Sep 22, 2020 at 03:14:14PM +0800, Robert Hoo wrote:
> Complement versioned CPU model framework with the ability of marking some
> versions deprecated. When that CPU model is chosen, get some warning. The
> warning message is customized, e.g. telling in which future QEMU version will
> it be obsoleted.
> The deprecation message will also appear by x86_cpu_list_entry(), e.g. '-cpu
> help'.
> QMP 'query-cpu-definitions' will also return a bool value indicating the
> deprecation status.
> 
> Signed-off-by: Robert Hoo 

Reviewed-by: Eduardo Habkost 

-- 
Eduardo

Re: [PATCH v9 0/9] Apply COR-filter to the block-stream permanently

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/1601298001-774096-1-git-send-email-andrey.shinkev...@virtuozzo.com/



Hi,

This series failed the docker-quick@centos7 build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
make docker-image-centos7 V=1 NETWORK=1
time make docker-test-quick@centos7 SHOW_ENV=1 J=14 NETWORK=1
=== TEST SCRIPT END ===

C linker for the host machine: cc ld.bfd 2.27-43
Host machine cpu family: x86_64
Host machine cpu: x86_64
../src/meson.build:10: WARNING: Module unstable-keyval has no backwards or 
forwards compatibility and might not exist in future releases.
Program sh found: YES
Program python3 found: YES (/usr/bin/python3)
Configuring ninjatool using configuration
---
Compiling C object libblock.fa.p/block_dmg-bz2.c.o
Compiling C object libblock.fa.p/block_amend.c.o
Compiling C object libblock.fa.p/block_qcow2-snapshot.c.o
../src/block/copy-on-read.c:29:32: fatal error: block/copy-on-read.h: No such 
file or directory
 #include "block/copy-on-read.h"
^
compilation terminated.
---
Compiling C object libblock.fa.p/block_throttle-groups.c.o
Compiling C object libblock.fa.p/block_accounting.c.o
Compiling C object libblock.fa.p/block_nbd.c.o
make: *** [libblock.fa.p/block_copy-on-read.c.o] Error 1
make: *** Waiting for unfinished jobs
Traceback (most recent call last):
  File "./tests/docker/docker.py", line 709, in 
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--rm', 
'--label', 'com.qemu.instance.uuid=b2dcb88c84fa430991604513a90c8435', '-u', 
'1003', '--security-opt', 'seccomp=unconfined', '-e', 'TARGET_LIST=', '-e', 
'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 
'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', 
'/home/patchew2/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', 
'/var/tmp/patchew-tester-tmp-8zvp7iz2/src/docker-src.2020-09-28-16.33.58.15775:/var/tmp/qemu:z,ro',
 'qemu/centos7', '/var/tmp/qemu/run', 'test-quick']' returned non-zero exit 
status 2.
filter=--filter=label=com.qemu.instance.uuid=b2dcb88c84fa430991604513a90c8435
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-8zvp7iz2/src'
make: *** [docker-run-test-quick@centos7] Error 2

real3m24.503s
user0m18.816s


The full log is available at
http://patchew.org/logs/1601298001-774096-1-git-send-email-andrey.shinkev...@virtuozzo.com/testing.docker-quick@centos7/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

Re: [PATCH v9 0/9] Apply COR-filter to the block-stream permanently

[no-reply]

Patchew URL: 
https://patchew.org/QEMU/1601298001-774096-1-git-send-email-andrey.shinkev...@virtuozzo.com/



Hi,

This series failed the docker-mingw@fedora build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#! /bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-mingw@fedora J=14 NETWORK=1
=== TEST SCRIPT END ===

Host machine cpu: x86_64
Target machine cpu family: x86
Target machine cpu: x86_64
../src/meson.build:10: WARNING: Module unstable-keyval has no backwards or 
forwards compatibility and might not exist in future releases.
Program sh found: YES
Program python3 found: YES (/usr/bin/python3)
Configuring ninjatool using configuration
---
Compiling C object libblock.fa.p/block_bochs.c.obj
Compiling C object libblock.fa.p/block_filter-compress.c.obj
Compiling C object libblock.fa.p/block_qcow2.c.obj
../src/block/copy-on-read.c:29:10: fatal error: block/copy-on-read.h: No such 
file or directory
   29 | #include "block/copy-on-read.h"
  |  ^~
compilation terminated.
make: *** [Makefile.ninja:887: libblock.fa.p/block_copy-on-read.c.obj] Error 1
make: *** Waiting for unfinished jobs
Traceback (most recent call last):
  File "./tests/docker/docker.py", line 709, in 
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--rm', 
'--label', 'com.qemu.instance.uuid=026d51a22d8649ff831a9ab8a970', '-u', 
'1003', '--security-opt', 'seccomp=unconfined', '-e', 'TARGET_LIST=', '-e', 
'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 
'SHOW_ENV=', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', 
'/home/patchew2/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', 
'/var/tmp/patchew-tester-tmp-_5yio3yh/src/docker-src.2020-09-28-16.28.55.8469:/var/tmp/qemu:z,ro',
 'qemu/fedora', '/var/tmp/qemu/run', 'test-mingw']' returned non-zero exit 
status 2.
filter=--filter=label=com.qemu.instance.uuid=026d51a22d8649ff831a9ab8a970
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-_5yio3yh/src'
make: *** [docker-run-test-mingw@fedora] Error 2

real4m33.430s
user0m18.970s


The full log is available at
http://patchew.org/logs/1601298001-774096-1-git-send-email-andrey.shinkev...@virtuozzo.com/testing.docker-mingw@fedora/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

Re: [PATCH 16/16] tests/acceptance: Test the MIPSsim machine

[Willian Rampazzo]

On Mon, Sep 28, 2020 at 2:31 PM Philippe Mathieu-Daudé  wrote:
>
> Add a test for the mipssim machine, based on the recommended
> test setup from Thomas Huth:
> https://www.mail-archive.com/qemu-devel@nongnu.org/msg606846.html
>
> The test is quick and can be run as:
>
>   $ avocado --show=console run -t machine:mipssim tests/acceptance/
>(1/1) 
> tests/acceptance/machine_mips_mipssim.py:MipsSimMachine.test_mipssim_linux_console:
>   console: Linux version 3.6.11 (root@711bb8ba16a7) (gcc version 4.8.3 
> (Buildroot 2014.11) ) #2 Sun Sep 27 13:39:35 UTC 2020
>   console: Setting default memory size 0x0200
>   console: bootconsole [early0] enabled
>   console: CPU revision is: 00019300 (MIPS 24Kc)
>   console: FPU revision is: 00739300
>   ...
>   console: CPU frequency 12.00 MHz
>   console: Calibrating delay loop... 950.27 BogoMIPS (lpj=4751360)
>   ...
>   console: MIPSNet Ethernet driver. Version: 2007-11-17. (c)2005 MIPS 
> Technologies, Inc.
>   ...
>   console: Welcome to Buildroot
>   console: buildroot login: root
>   console: # root
>   console: -sh: root: not found
>   console: # ping -c 3 10.0.2.2
>   console: PING 10.0.2.2 (10.0.2.2): 56 data bytes
>   console: 64 bytes from 10.0.2.2: seq=0 ttl=255 time=48.231 ms
>   console: 64 bytes from 10.0.2.2: seq=1 ttl=255 time=9.407 ms
>   console: 64 bytes from 10.0.2.2: seq=2 ttl=255 time=2.298 ms
>   console: --- 10.0.2.2 ping statistics ---
>   console: 3 packets transmitted, 3 packets received, 0% packet loss
>   PASS (7.99 s)
>
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
> Cc: Thomas Huth 
> ---
>  MAINTAINERS  |  1 +
>  tests/acceptance/machine_mips_mipssim.py | 56 
>  2 files changed, 57 insertions(+)
>  create mode 100644 tests/acceptance/machine_mips_mipssim.py
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 5eed1e692b4..17d8a012b0e 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -240,6 +240,7 @@ F: include/hw/misc/mips_*
>  F: include/hw/timer/mips_gictimer.h
>  F: tests/acceptance/linux_ssh_mips_malta.py
>  F: tests/acceptance/machine_mips_malta.py
> +F: tests/acceptance/machine_mips_mipssim.py
>  F: tests/tcg/mips/
>  K: ^Subject:.*(?i)mips
>
> diff --git a/tests/acceptance/machine_mips_mipssim.py 
> b/tests/acceptance/machine_mips_mipssim.py
> new file mode 100644
> index 000..b2749917b08
> --- /dev/null
> +++ b/tests/acceptance/machine_mips_mipssim.py
> @@ -0,0 +1,56 @@
> +# Functional tests for the MIPS simulator (MIPSsim machine)
> +#
> +# Copyright (c) 2020 Philippe Mathieu-Daudé 
> +#
> +# This work is licensed under the terms of the GNU GPL, version 2 or later.
> +# See the COPYING file in the top-level directory.
> +#
> +# SPDX-License-Identifier: GPL-2.0-or-later
> +
> +import os
> +import logging
> +import time
> +
> +from avocado import skipUnless
> +from avocado_qemu import Test
> +from avocado_qemu import exec_command_and_wait_for_pattern
> +from avocado_qemu import interrupt_interactive_console_until_pattern
> +from avocado_qemu import wait_for_console_pattern
> +
> +class MipsSimMachine(Test):
> +
> +timeout = 30
> +KERNEL_COMMON_COMMAND_LINE = 'printk.time=0 '
> +
> +@skipUnless(os.getenv('AVOCADO_ALLOW_UNTRUSTED_CODE'), 'untrusted code')
> +def test_mipssim_linux_console(self):
> +"""
> +Boots the Linux kernel and checks that the console is operational
> +:avocado: tags=arch:mipsel
> +:avocado: tags=machine:mipssim
> +:avocado: tags=device:mipsnet
> +"""
> +kernel_url = ('https://github.com/philmd/qemu-testing-blob/raw/'
> +  '32ea5764e1de8fffa0d59366c44822cd06d7c8e0/'
> +  'mips/mipssim/mipsel/vmlinux')

So, are you willing to maintain some images on your GitHub to avoid
the image changes when they are not found?

> +kernel_hash = '0f9aeca3a2e25b5b0cc4999571f39a7ad58cdc43'
> +kernel_path = self.fetch_asset(kernel_url, asset_hash=kernel_hash)
> +
> +initrd_url = ('https://github.com/philmd/qemu-testing-blob/raw/'
> +  '32ea5764e1de8fffa0d59366c44822cd06d7c8e0/'
> +  'mips/mipssim/mipsel/rootfs.cpio')
> +initrd_hash = 'b20359bdfae66387e5a17d6692686d59c189417b'
> +initrd_path = self.fetch_asset(initrd_url, asset_hash=initrd_hash)
> +
> +self.vm.set_console()
> +self.vm.add_args('-kernel', kernel_path,
> + '-initrd', initrd_path,
> + '-append', self.KERNEL_COMMON_COMMAND_LINE)
> +self.vm.launch()
> +
> +wait_for_console_pattern(self, 'Welcome to Buildroot')
> +interrupt_interactive_console_until_pattern(self,
> +
> interrupt_string='root\r',
> +success_message='#')
> +pattern = '3 packets transmitted, 3 packets received, 0% packet loss'
> +

[PATCH V1 0/3] Passthru device support under emulated amd-iommu

[Wei Huang]

This patchset adds support for passthru devices to run inside VMs under
the management of an emulated amd-iommu device (vIOMMU). This feature
has a variety of benefits, including enhanced I/O security and user-mode
driver support, for guest VMs.

This patchset has been tested with both 1G and 10G NICs on AMD boxes.

Thanks,
-Wei

Wei Huang (3):
  amd-iommu: Add address space notifier and replay support
  amd-iommu: Sync IOVA-to-GPA translation during page invalidation
  amd-iommu: Fix up amdvi_mmio_trace() to differentiate MMIO R/W

 hw/i386/amd_iommu.c | 243 ++--
 hw/i386/amd_iommu.h |  13 +++
 hw/vfio/common.c|   3 +-
 3 files changed, 247 insertions(+), 12 deletions(-)

-- 
2.25.2

[PATCH V1 3/3] amd-iommu: Fix amdvi_mmio_trace() to differentiate MMIO R/W

[Wei Huang]

amd-iommu MMIO trace function does not differentiate MMIO writes from
reads. Let us extend it to support both types.

Co-developed-by: Wei Huang 
Signed-off-by: Suravee Suthikulpanit 
---
 hw/i386/amd_iommu.c | 21 -
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
index 7604e2080595..827818b9f781 100644
--- a/hw/i386/amd_iommu.c
+++ b/hw/i386/amd_iommu.c
@@ -662,17 +662,28 @@ static void amdvi_cmdbuf_run(AMDVIState *s)
 }
 }
 
-static void amdvi_mmio_trace(hwaddr addr, unsigned size)
+static void amdvi_mmio_trace(hwaddr addr, unsigned size, bool iswrite,
+ uint64_t val)
 {
 uint8_t index = (addr & ~0x2000) / 8;
 
 if ((addr & 0x2000)) {
 /* high table */
 index = index >= AMDVI_MMIO_REGS_HIGH ? AMDVI_MMIO_REGS_HIGH : index;
-trace_amdvi_mmio_read(amdvi_mmio_high[index], addr, size, addr & 
~0x07);
+if (!iswrite)
+trace_amdvi_mmio_read(amdvi_mmio_high[index], addr, size,
+  addr & ~0x07);
+else
+trace_amdvi_mmio_write(amdvi_mmio_high[index], addr, size, val,
+   addr & ~0x07);
 } else {
 index = index >= AMDVI_MMIO_REGS_LOW ? AMDVI_MMIO_REGS_LOW : index;
-trace_amdvi_mmio_read(amdvi_mmio_low[index], addr, size, addr & ~0x07);
+if (!iswrite)
+trace_amdvi_mmio_read(amdvi_mmio_low[index], addr, size,
+  addr & ~0x07);
+else
+trace_amdvi_mmio_write(amdvi_mmio_low[index], addr, size, val,
+   addr & ~0x07);
 }
 }
 
@@ -693,7 +704,7 @@ static uint64_t amdvi_mmio_read(void *opaque, hwaddr addr, 
unsigned size)
 } else if (size == 8) {
 val = amdvi_readq(s, addr);
 }
-amdvi_mmio_trace(addr, size);
+amdvi_mmio_trace(addr, size, 0, val);
 
 return val;
 }
@@ -840,7 +851,7 @@ static void amdvi_mmio_write(void *opaque, hwaddr addr, 
uint64_t val,
 return;
 }
 
-amdvi_mmio_trace(addr, size);
+amdvi_mmio_trace(addr, size, 1, val);
 switch (addr & ~0x07) {
 case AMDVI_MMIO_CONTROL:
 amdvi_mmio_reg_write(s, size, val, addr);
-- 
2.25.2

[PATCH V1 1/3] amd-iommu: Add address space notifier and replay support

[Wei Huang]

Currently the emulated amd-iommu device does not support memory address
space notifier and replay. These two functions are required to have I/O
devices supported inside guest VMs as passthru devices. This patch adds
basic as_notifier infrastructure and replay function in amd_iommu.

Co-developed-by: Wei Huang 
Signed-off-by: Suravee Suthikulpanit 
---
 hw/i386/amd_iommu.c | 45 +++--
 hw/i386/amd_iommu.h |  3 +++
 2 files changed, 42 insertions(+), 6 deletions(-)

diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
index 74a93a5d93f4..c7d24a05484d 100644
--- a/hw/i386/amd_iommu.c
+++ b/hw/i386/amd_iommu.c
@@ -63,6 +63,8 @@ struct AMDVIAddressSpace {
 IOMMUMemoryRegion iommu;/* Device's address translation region  */
 MemoryRegion iommu_ir;  /* Device's interrupt remapping region  */
 AddressSpace as;/* device's corresponding address space */
+IOMMUNotifierFlag notifier_flags; /* notifier flags of address space */
+QLIST_ENTRY(AMDVIAddressSpace) next; /* notifier linked list */
 };
 
 /* AMDVI cache entry */
@@ -425,6 +427,22 @@ static void amdvi_inval_all(AMDVIState *s, uint64_t *cmd)
 trace_amdvi_all_inval();
 }
 
+static void amdvi_address_space_unmap(AMDVIAddressSpace *as, IOMMUNotifier *n)
+{
+IOMMUTLBEntry entry;
+hwaddr start = n->start;
+hwaddr end = n->end;
+hwaddr size = end - start + 1;
+
+entry.target_as = _space_memory;
+entry.iova = start;
+entry.translated_addr = 0;
+entry.perm = IOMMU_NONE;
+entry.addr_mask = size - 1;
+
+memory_region_notify_one(n, );
+}
+
 static gboolean amdvi_iotlb_remove_by_domid(gpointer key, gpointer value,
 gpointer user_data)
 {
@@ -1473,14 +1491,17 @@ static int 
amdvi_iommu_notify_flag_changed(IOMMUMemoryRegion *iommu,
Error **errp)
 {
 AMDVIAddressSpace *as = container_of(iommu, AMDVIAddressSpace, iommu);
+AMDVIState *s = as->iommu_state;
 
-if (new & IOMMU_NOTIFIER_MAP) {
-error_setg(errp,
-   "device %02x.%02x.%x requires iommu notifier which is not "
-   "currently supported", as->bus_num, PCI_SLOT(as->devfn),
-   PCI_FUNC(as->devfn));
-return -EINVAL;
+/* Update address space notifier flags */
+as->notifier_flags = new;
+
+if (old == IOMMU_NOTIFIER_NONE) {
+QLIST_INSERT_HEAD(>amdvi_as_with_notifiers, as, next);
+} else if (new == IOMMU_NOTIFIER_NONE) {
+QLIST_REMOVE(as, next);
 }
+
 return 0;
 }
 
@@ -1573,6 +1594,8 @@ static void amdvi_realize(DeviceState *dev, Error **errp)
 /* Pseudo address space under root PCI bus. */
 x86ms->ioapic_as = amdvi_host_dma_iommu(bus, s, AMDVI_IOAPIC_SB_DEVID);
 
+QLIST_INIT(>amdvi_as_with_notifiers);
+
 /* set up MMIO */
 memory_region_init_io(>mmio, OBJECT(s), _mem_ops, s, "amdvi-mmio",
   AMDVI_MMIO_SIZE);
@@ -1631,12 +1654,22 @@ static const TypeInfo amdviPCI = {
 },
 };
 
+static void amdvi_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n)
+{
+AMDVIAddressSpace *as = container_of(iommu_mr, AMDVIAddressSpace, iommu);
+
+amdvi_address_space_unmap(as, n);
+
+return;
+}
+
 static void amdvi_iommu_memory_region_class_init(ObjectClass *klass, void 
*data)
 {
 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
 
 imrc->translate = amdvi_translate;
 imrc->notify_flag_changed = amdvi_iommu_notify_flag_changed;
+imrc->replay = amdvi_iommu_replay;
 }
 
 static const TypeInfo amdvi_iommu_memory_region_info = {
diff --git a/hw/i386/amd_iommu.h b/hw/i386/amd_iommu.h
index fa5feb183c03..aeed9fd1cbb0 100644
--- a/hw/i386/amd_iommu.h
+++ b/hw/i386/amd_iommu.h
@@ -364,6 +364,9 @@ struct AMDVIState {
 /* for each served device */
 AMDVIAddressSpace **address_spaces[PCI_BUS_MAX];
 
+/* list of registered notifiers */
+QLIST_HEAD(, AMDVIAddressSpace) amdvi_as_with_notifiers;
+
 /* IOTLB */
 GHashTable *iotlb;
 
-- 
2.25.2

[PATCH V1 2/3] amd-iommu: Sync IOVA-to-GPA translation during page invalidation

[Wei Huang]

Add support to sync the IOVA-to-GPA translation at the time of IOMMU
page invalidation. This function is called when two IOMMU commands,
AMDVI_CMD_INVAL_AMDVI_PAGES and AMDVI_CMD_INVAL_AMDVI_ALL, are
intercepted. Address space notifiers are called accordingly.

Co-developed-by: Wei Huang 
Signed-off-by: Suravee Suthikulpanit 
---
 hw/i386/amd_iommu.c | 177 
 hw/i386/amd_iommu.h |  10 +++
 hw/vfio/common.c|   3 +-
 3 files changed, 189 insertions(+), 1 deletion(-)

diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
index c7d24a05484d..7604e2080595 100644
--- a/hw/i386/amd_iommu.c
+++ b/hw/i386/amd_iommu.c
@@ -76,6 +76,12 @@ typedef struct AMDVIIOTLBEntry {
 uint64_t page_mask; /* physical page size  */
 } AMDVIIOTLBEntry;
 
+static bool amdvi_get_dte(AMDVIState *s, int devid, uint64_t *entry);
+static void amdvi_sync_domain(AMDVIState *s, uint32_t domid,
+  uint64_t addr, uint16_t flags);
+static void amdvi_walk_level(AMDVIAddressSpace *as, uint64_t pte,
+ uint64_t iova, uint64_t partial);
+
 /* configure MMIO registers at startup/reset */
 static void amdvi_set_quad(AMDVIState *s, hwaddr addr, uint64_t val,
uint64_t romask, uint64_t w1cmask)
@@ -443,6 +449,78 @@ static void amdvi_address_space_unmap(AMDVIAddressSpace 
*as, IOMMUNotifier *n)
 memory_region_notify_one(n, );
 }
 
+/*
+ * Sync the IOVA-to-GPA translation at the time of IOMMU page invalidation.
+ * This function is called when IOMMU commands, AMDVI_CMD_INVAL_AMDVI_PAGES
+ * and AMDVI_CMD_INVAL_AMDVI_ALL, are triggred.
+ *
+ * The range of addr invalidation is determined by addr and flags, using
+ * the following rules:
+ *   - All pages
+ * In this case, we unmap the whole address space and then re-walk the
+ * I/O page table to sync the mapping relationship.
+ *   - Single page:
+ * Re-walk the page based on the specified iova, and only sync the
+ * newly mapped page.
+ */
+static void amdvi_sync_domain(AMDVIState *s, uint32_t domid,
+  uint64_t addr, uint16_t flags)
+{
+AMDVIAddressSpace *as;
+bool sync_all_domains = false;
+uint64_t mask, size = 0x1000;
+
+if (domid == AMDVI_DOMAIN_ALL) {
+sync_all_domains = true;
+}
+
+ /* S=1 means the invalidation size is from addr field; otherwise 4KB */
+if (flags & AMDVI_CMD_INVAL_IOMMU_PAGES_S_BIT) {
+uint32_t zbit = cto64(addr | 0xFFF) + 1;
+
+size = 1ULL << zbit;
+
+if (size < 0x1000) {
+addr = 0;
+size = AMDVI_PGSZ_ENTIRE;
+} else {
+mask = ~(size - 1);
+addr &= mask;
+}
+}
+
+QLIST_FOREACH(as, >amdvi_as_with_notifiers, next) {
+uint64_t dte[4];
+IOMMUNotifier *n;
+
+if (!amdvi_get_dte(s, as->devfn, dte)) {
+continue;
+}
+
+if (!sync_all_domains && (domid != (dte[1] & 0xFFFULL))) {
+continue;
+}
+
+/*
+ * In case of syncing more than a page, we invalidate the entire
+ * address range and re-walk the whole page table.
+ */
+if (size == AMDVI_PGSZ_ENTIRE) {
+IOMMU_NOTIFIER_FOREACH(n, >iommu) {
+amdvi_address_space_unmap(as, n);
+}
+} else if (size > 0x1000) {
+IOMMU_NOTIFIER_FOREACH(n, >iommu) {
+if (n->start <= addr && addr + size < n->end) {
+amdvi_address_space_unmap(as, n);
+}
+}
+}
+
+amdvi_walk_level(as, dte[0], addr, 0);
+}
+}
+
 static gboolean amdvi_iotlb_remove_by_domid(gpointer key, gpointer value,
 gpointer user_data)
 {
@@ -455,6 +533,8 @@ static gboolean amdvi_iotlb_remove_by_domid(gpointer key, 
gpointer value,
 static void amdvi_inval_pages(AMDVIState *s, uint64_t *cmd)
 {
 uint16_t domid = cpu_to_le16((uint16_t)extract64(cmd[0], 32, 16));
+uint64_t addr  = cpu_to_le64(extract64(cmd[1], 12, 52)) << 12;
+uint16_t flags = cpu_to_le16((uint16_t)extract64(cmd[1], 0, 12));
 
 if (extract64(cmd[0], 20, 12) || extract64(cmd[0], 48, 12) ||
 extract64(cmd[1], 3, 9)) {
@@ -465,6 +545,8 @@ static void amdvi_inval_pages(AMDVIState *s, uint64_t *cmd)
 g_hash_table_foreach_remove(s->iotlb, amdvi_iotlb_remove_by_domid,
 );
 trace_amdvi_pages_inval(domid);
+
+amdvi_sync_domain(s, domid, addr, flags);
 }
 
 static void amdvi_prefetch_pages(AMDVIState *s, uint64_t *cmd)
@@ -910,6 +992,101 @@ static inline uint64_t amdvi_get_pte_entry(AMDVIState *s, 
uint64_t pte_addr,
 return pte;
 }
 
+static inline uint64_t pte_get_page_size(uint64_t level)
+{
+return 1UL << ((level * 9) + 3);
+}
+
+static void amdvi_sync_iova(AMDVIAddressSpace *as, uint64_t pte, uint64_t iova)
+{
+IOMMUTLBEntry entry;
+uint64_t addr 

Re: [PATCH v6] hw/i386/pc: add max combined fw size as machine configuration option

[Laszlo Ersek]

On 09/25/20 19:57, Erich Mcmillan wrote:
> From: Erich McMillan 
> 
> At Hewlett Packard Inc. we have a need for increased fw size to enable 
> testing of our custom fw.
> Move return statement for early return
> 
> Signed-off-by: Erich McMillan 
> ---
> 
> Changes since v5:
> 
>  Move return statement for pc_machine_set_max_fw_size() to follow 
> error_setg() as early return.
> 
>  hw/i386/pc.c | 51 
>  hw/i386/pc_sysfw.c   | 13 ++-
>  include/hw/i386/pc.h |  2 ++
>  3 files changed, 55 insertions(+), 11 deletions(-)
> 
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index d11daacc23..70c8c9adcf 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -1869,6 +1869,50 @@ static void pc_machine_set_max_ram_below_4g(Object 
> *obj, Visitor *v,
>  pcms->max_ram_below_4g = value;
>  }
>  
> +static void pc_machine_get_max_fw_size(Object *obj, Visitor *v,
> +   const char *name, void *opaque,
> +   Error **errp)
> +{
> +PCMachineState *pcms = PC_MACHINE(obj);
> +uint64_t value = pcms->max_fw_size;
> +
> +visit_type_size(v, name, , errp);
> +}
> +
> +static void pc_machine_set_max_fw_size(Object *obj, Visitor *v,
> +   const char *name, void *opaque,
> +   Error **errp)
> +{
> +PCMachineState *pcms = PC_MACHINE(obj);
> +Error *error = NULL;
> +uint64_t value;
> +
> +visit_type_size(v, name, , );
> +if (error) {
> +error_propagate(errp, error);
> +return;
> +}
> +
> +/*
> +* We don't have a theoretically justifiable exact lower bound on the base
> +* address of any flash mapping. In practice, the IO-APIC MMIO range is
> +* [0xFEE0..0xFEE01000] -- see IO_APIC_DEFAULT_ADDRESS --, leaving 
> free
> +* only 18MB-4KB below 4G. For now, restrict the cumulative mapping to 
> 8MB in
> +* size.
> +*/
> +if (value > 16 * MiB) {
> +error_setg(errp,
> +   "User specified max allowed firmware size %" PRIu64 " is "
> +   "greater than 16MiB. If combined firwmare size exceeds "
> +   "16MiB the system may not boot, or experience 
> intermittent"
> +   "stability issues.",
> +   value);
> +return;
> +}
> +
> +pcms->max_fw_size = value;
> +}
> +
>  static void pc_machine_initfn(Object *obj)
>  {
>  PCMachineState *pcms = PC_MACHINE(obj);
> @@ -1884,6 +1928,7 @@ static void pc_machine_initfn(Object *obj)
>  pcms->smbus_enabled = true;
>  pcms->sata_enabled = true;
>  pcms->pit_enabled = true;
> +pcms->max_fw_size = 8 * MiB;
>  
>  pc_system_flash_create(pcms);
>  pcms->pcspk = isa_new(TYPE_PC_SPEAKER);
> @@ -2004,6 +2049,12 @@ static void pc_machine_class_init(ObjectClass *oc, 
> void *data)
>  
>  object_class_property_add_bool(oc, PC_MACHINE_PIT,
>  pc_machine_get_pit, pc_machine_set_pit);
> +
> +object_class_property_add(oc, PC_MACHINE_MAX_FW_SIZE, "size",
> +pc_machine_get_max_fw_size, pc_machine_set_max_fw_size,
> +NULL, NULL);
> +object_class_property_set_description(oc, PC_MACHINE_MAX_FW_SIZE,
> +"Maximum combined firmware size");
>  }
>  
>  static const TypeInfo pc_machine_info = {
> diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
> index b6c0822fe3..22450ba0ef 100644
> --- a/hw/i386/pc_sysfw.c
> +++ b/hw/i386/pc_sysfw.c
> @@ -39,15 +39,6 @@
>  #include "hw/block/flash.h"
>  #include "sysemu/kvm.h"
>  
> -/*
> - * We don't have a theoretically justifiable exact lower bound on the base
> - * address of any flash mapping. In practice, the IO-APIC MMIO range is
> - * [0xFEE0..0xFEE01000] -- see IO_APIC_DEFAULT_ADDRESS --, leaving free
> - * only 18MB-4KB below 4G. For now, restrict the cumulative mapping to 8MB in
> - * size.
> - */
> -#define FLASH_SIZE_LIMIT (8 * MiB)
> -
>  #define FLASH_SECTOR_SIZE 4096
>  
>  static void pc_isa_bios_init(MemoryRegion *rom_memory,
> @@ -182,10 +173,10 @@ static void pc_system_flash_map(PCMachineState *pcms,
>  }
>  if ((hwaddr)size != size
>  || total_size > HWADDR_MAX - size
> -|| total_size + size > FLASH_SIZE_LIMIT) {
> +|| total_size + size > pcms->max_fw_size) {
>  error_report("combined size of system firmware exceeds "
>   "%" PRIu64 " bytes",
> - FLASH_SIZE_LIMIT);
> + pcms->max_fw_size);
>  exit(1);
>  }
>  
> diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
> index fe52e165b2..f7c8e7cbfe 100644
> --- a/include/hw/i386/pc.h
> +++ b/include/hw/i386/pc.h
> @@ -43,6 +43,7 @@ struct PCMachineState {
>  bool smbus_enabled;
>  bool sata_enabled;
>  bool pit_enabled;
> +uint64_t max_fw_size;
>  
>  /* NUMA information: */
>  

Re: [PATCH v6 05/21] scripts/qapi/parser.py: improve doc comment indent handling

[Markus Armbruster]

Peter Maydell  writes:

> Make the handling of indentation in doc comments more sophisticated,
> so that when we see a section like:
>
> Notes: some text
>some more text
>   indented line 3
>
> we save it for the doc-comment processing code as:
>
> some text
> some more text
>indented line 3
>
> and when we see a section with the heading on its own line:
>
> Notes:
>
> some text
> some more text
>indented text
>
> we also accept that and save it in the same form.
>
> If we detect that the comment document text is not indented as much
> as we expect it to be, we throw a parse error.  (We don't complain
> about over-indented sections, because for rST this can be legitimate
> markup.)
>
> The golden reference for the doc comment text is updated to remove
> the two 'wrong' indents; these now form a test case that we correctly
> stripped leading whitespace from an indented multi-line argument
> definition.
>
> We update the documentation in docs/devel/qapi-code-gen.txt to
> describe the new indentation rules.
>
> Signed-off-by: Peter Maydell 
> ---
>  docs/devel/qapi-code-gen.txt  | 23 +++
>  scripts/qapi/parser.py| 93 +--
>  tests/qapi-schema/doc-bad-indent.err  |  1 +
>  tests/qapi-schema/doc-bad-indent.json |  8 +++
>  tests/qapi-schema/doc-bad-indent.out  |  0
>  tests/qapi-schema/doc-good.out|  4 +-
>  tests/qapi-schema/meson.build |  1 +
>  7 files changed, 109 insertions(+), 21 deletions(-)
>  create mode 100644 tests/qapi-schema/doc-bad-indent.err
>  create mode 100644 tests/qapi-schema/doc-bad-indent.json
>  create mode 100644 tests/qapi-schema/doc-bad-indent.out
>
> diff --git a/docs/devel/qapi-code-gen.txt b/docs/devel/qapi-code-gen.txt
> index 9eede44350c..69eaffac376 100644
> --- a/docs/devel/qapi-code-gen.txt
> +++ b/docs/devel/qapi-code-gen.txt
> @@ -901,6 +901,22 @@ commands and events), member (for structs and unions), 
> branch (for
>  alternates), or value (for enums), and finally optional tagged
>  sections.
>  
> +Descriptions of arguments can span multiple lines. The description
> +text can start on the line following the '@argname:', in which case
> +it must not be indented at all. It can also start on the same line
> +as the '@argname:'. In this case if it spans multiple lines then
> +second and subsequent lines must be indented to line up with the
> +first character of the first line of the description:

Please put two spaces after sentence-ending punctuation, for local
consistency, and to keep Emacs sentence commands working.

Can touch this up in my tree, of course.

> +
> +# @argone:
> +# This is a two line description
> +# in the first style.
> +#
> +# @argtwo: This is a two line description
> +#  in the second style.
> +
> +The number of spaces between the ':' and the text is not significant.
> +
>  FIXME: the parser accepts these things in almost any order.
>  FIXME: union branches should be described, too.
>  
> @@ -911,6 +927,13 @@ A tagged section starts with one of the following words:
>  "Note:"/"Notes:", "Since:", "Example"/"Examples", "Returns:", "TODO:".
>  The section ends with the start of a new section.
>  
> +The text of a section can start on a new line, in
> +which case it must not be indented at all.  It can also start
> +on the same line as the 'Note:', 'Returns:', etc tag.  In this
> +case if it spans multiple lines then second and subsequent
> +lines must be indented to match the first, in the same way as
> +multiline argument descriptions.
> +
>  A 'Since: x.y.z' tagged section lists the release that introduced the
>  definition.
>  
> diff --git a/scripts/qapi/parser.py b/scripts/qapi/parser.py
> index 04bf10db378..6c3455b41f3 100644
> --- a/scripts/qapi/parser.py
> +++ b/scripts/qapi/parser.py
> @@ -319,17 +319,32 @@ class QAPIDoc:
>  """
>  
>  class Section:
> -def __init__(self, name=None):
> +def __init__(self, parser, name=None, indent=0):
> +# parser, for error messages about indentation
> +self._parser = parser
>  # optional section name (argument/member or section name)
>  self.name = name
>  self.text = ''
> +# the expected indent level of the text of this section
> +self._indent = indent
>  
>  def append(self, line):
> +# Strip leading spaces corresponding to the expected indent level
> +# Blank lines are always OK.
> +if line:
> +indent = re.match(r'\s*', line).end()
> +if indent < self._indent:
> +raise QAPIParseError(
> +self._parser,
> +"unexpected de-indent (expected at least %d spaces)" 
> %
> +self._indent)
> +line = line[self._indent:]
> +
>  self.text += line.rstrip() + '\n'
>  
>  class ArgSection(Section):
> -def __init__(self, 

Re: [PULL 0/2] register queue

[Peter Maydell]

On Sun, 27 Sep 2020 at 14:58, Alistair Francis  wrote:
>
> The following changes since commit 8d16e72f2d4df2c9e631393adf1669a1da7efe8a:
>
>   Merge remote-tracking branch 
> 'remotes/dgilbert/tags/pull-migration-20200925a' into staging (2020-09-25 
> 14:46:18 +0100)
>
> are available in the Git repository at:
>
>   g...@github.com:alistair23/qemu.git tags/pull-register-20200927
>
> for you to fetch changes up to e8a612b7e3cdbdface1e34a27300ca2f8521dee0:
>
>   core/register: Specify instance_size in the TypeInfo (2020-09-25 16:52:24 
> -0700)
>
> 
> Two small patches. One with a fix for the register API instance_size
> and one for removing unused address variables from load_elf.
>
> 


Applied, thanks.

Please update the changelog at https://wiki.qemu.org/ChangeLog/5.2
for any user-visible changes.

-- PMM

Re: [PULL 0/5] Usb 20200928 patches

[no-reply]

Patchew URL: https://patchew.org/QEMU/20200928131638.9486-1-kra...@redhat.com/



Hi,

This series failed the docker-quick@centos7 build test. Please find the testing 
commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.

=== TEST SCRIPT BEGIN ===
#!/bin/bash
make docker-image-centos7 V=1 NETWORK=1
time make docker-test-quick@centos7 SHOW_ENV=1 J=14 NETWORK=1
=== TEST SCRIPT END ===

C linker for the host machine: cc ld.bfd 2.27-43
Host machine cpu family: x86_64
Host machine cpu: x86_64
../src/meson.build:10: WARNING: Module unstable-keyval has no backwards or 
forwards compatibility and might not exist in future releases.
Program sh found: YES
Program python3 found: YES (/usr/bin/python3)
Configuring ninjatool using configuration
---
qemu-system-aarch64: cannot set up guest memory 'sbsa-ref.ram': Cannot allocate 
memory
Broken pipe
../src/tests/qtest/libqtest.c:166: kill_qemu() tried to terminate QEMU process 
but encountered exit status 1 (expected 0)
ERROR qtest-aarch64: test-hmp - too few tests run (expected 72, got 12)
make: *** [run-test-171] Error 1
make: *** Waiting for unfinished jobs
Looking for expected file 'tests/data/acpi/virt/GTDT'
Using expected file 'tests/data/acpi/virt/GTDT'
---
Using expected file 'tests/data/acpi/virt/DSDT'
socket_accept failed: Resource temporarily unavailable
**
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
../src/tests/qtest/libqtest.c:166: kill_qemu() tried to terminate QEMU process 
but encountered exit status 1 (expected 0)
ERROR qtest-x86_64: bios-tables-test - Bail out! 
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
make: *** [run-test-138] Error 1
  TESTiotest-qcow2: 013

Looking for expected file 'tests/data/acpi/virt/FACP.numamem'
---
  TESTiotest-qcow2: 018
socket_accept failed: Resource temporarily unavailable
**
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
../src/tests/qtest/libqtest.c:166: kill_qemu() tried to terminate QEMU process 
but encountered exit status 1 (expected 0)
ERROR qtest-x86_64: pxe-test - Bail out! 
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
make: *** [run-test-110] Error 1
socket_accept failed: Resource temporarily unavailable
**
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
../src/tests/qtest/libqtest.c:166: kill_qemu() tried to terminate QEMU process 
but encountered exit status 1 (expected 0)
ERROR qtest-x86_64: migration-test - Bail out! 
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
make: *** [run-test-148] Error 1
  TESTiotest-qcow2: 019
  TESTiotest-qcow2: 020
  TESTiotest-qcow2: 021
---
  TESTiotest-qcow2: 024
socket_accept failed: Resource temporarily unavailable
**
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
../src/tests/qtest/libqtest.c:166: kill_qemu() tried to terminate QEMU process 
but encountered exit status 1 (expected 0)
ERROR qtest-aarch64: migration-test - Bail out! 
ERROR:../src/tests/qtest/libqtest.c:301:qtest_init_without_qmp_handshake: 
assertion failed: (s->fd >= 0 && s->qmp_fd >= 0)
make: *** [run-test-164] Error 1
  TESTiotest-qcow2: 025

Looking for expected file 'tests/data/acpi/virt/FACP.memhp'
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--rm', 
'--label', 'com.qemu.instance.uuid=0ddbfa81cdf649018b2c11f35a52be9a', '-u', 
'1001', '--security-opt', 'seccomp=unconfined', '-e', 'TARGET_LIST=', '-e', 
'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 
'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', 
'/home/patchew/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', 
'/var/tmp/patchew-tester-tmp-0nxvnmfo/src/docker-src.2020-09-28-14.09.44.31514:/var/tmp/qemu:z,ro',
 'qemu/centos7', '/var/tmp/qemu/run', 'test-quick']' returned non-zero exit 
status 2.
filter=--filter=label=com.qemu.instance.uuid=0ddbfa81cdf649018b2c11f35a52be9a
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-0nxvnmfo/src'
make: *** [docker-run-test-quick@centos7] Error 2

real17m14.146s
user0m22.324s


The full log is available at
http://patchew.org/logs/20200928131638.9486-1-kra...@redhat.com/testing.docker-quick@centos7/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-de...@redhat.com

Re: [PATCH v5] hw/i386/pc: add max combined fw size as machine configuration option

[McMillan, Erich]

Laszlo,

Thanks double checking the archives. I did end up finding them the next day.

With regards to PATCH v6, I missed removing the squash commit message, so that 
will need to be fixed in v7 apologies for that.

-Erich

From: Laszlo Ersek 
Sent: Monday, September 28, 2020 1:10 PM
To: McMillan, Erich ; qemu-devel@nongnu.org 

Cc: dgilb...@redhat.com ; m...@redhat.com 
; marcel.apfelb...@gmail.com ; 
imamm...@redhat.com ; kra...@redhat.com 
Subject: Re: [PATCH v5] hw/i386/pc: add max combined fw size as machine 
configuration option

On 09/25/20 19:14, McMillan, Erich wrote:

> On an unrelated note, it seems that my patches are no longer appearing in 
> https://lists.nongnu.org/archive/html/qemu-devel/2020-09/index.html
>  is this because I need to cc 
> qemu-devel@nongnu.org rather than –to?

Cc: and To: are equally fine. I can see both your v5 and v6 postings there:

https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg09212.html
https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg09577.html

The qemu-devel list is very busy, plus 
> hosts
a very large number of other lists -- so updates to the WebUI are done
in batches (I think once every 30 minutes, but I could be out of date on
that). A fresh posting almost never shows up immediately on the WebUI.
(I believe it may be delivered to subscribers via actual email more
quickly.)

Thanks
Laszlo

Re: [PATCH v5] hw/i386/pc: add max combined fw size as machine configuration option

[Laszlo Ersek]

On 09/25/20 19:14, McMillan, Erich wrote:

> On an unrelated note, it seems that my patches are no longer appearing in 
> https://lists.nongnu.org/archive/html/qemu-devel/2020-09/index.html is this 
> because I need to cc qemu-devel@nongnu.org 
> rather than –to?

Cc: and To: are equally fine. I can see both your v5 and v6 postings there:

https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg09212.html
https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg09577.html

The qemu-devel list is very busy, plus  hosts
a very large number of other lists -- so updates to the WebUI are done
in batches (I think once every 30 minutes, but I could be out of date on
that). A fresh posting almost never shows up immediately on the WebUI.
(I believe it may be delivered to subscribers via actual email more
quickly.)

Thanks
Laszlo

Re: SEV guest debugging support for Qemu

[Paolo Bonzini]

Il lun 28 set 2020, 15:26 Ashish Kalra  ha scritto:

> Hello Paolo,
>
> On Sat, Sep 26, 2020 at 02:02:20AM +0200, Paolo Bonzini wrote:
> > On 26/09/20 01:48, Ashish Kalra wrote:
> > > Thanks for your input, i have one additional query with reference to
> this support :
> > >
> > > For all explicitly unecrypted guest memory regions such as S/W IOTLB
> bounce buffers,
> > > dma_decrypted() allocated regions and for guest regions marked as
> "__bss_decrypted",
> > > we need to ensure that DBG_DECRYPT API calls are bypassed for such
> > > regions and those regions are dumped as un-encrypted.
> >
> > Yes those would be a bit different as they would be physical memory
> > accesses.  Those currently go through address_space_read in memory_dump
> > (monitor/misc.c), and would have to use the MemoryDebugOps instead.
> > That is the place to hook into in order to read the KVM page encryption
> > bitmap (which is not per-CPU, so another MemoryDebugOps entry
> > get_phys_addr_attrs?); the MemTxAttrs can then be passed to the read
> > function in the MemoryDebugOps.
> >
>
> Actually, currently we do this in sev_dbg_crypt() in KVM itself by
> checking the page encryption bitmap and if it is an un-encrypted guest
> memory region then returning the un-encrypted buffer read from user
> back to it as it is.
>

Fair enough. :-)

Paolo


> > > This guest memory regions encryption status is found using KVM's page
> encryption bitmap
> > > support which is part of the page encryption bitmap hypercall
> interface of the
> > > KVM/QEMU SEV live migration patches.
> > >
> > > As this additional debug support is dependent on the KVM's page
> encryption bitmap
> > > support, are there any updates on KVM SEV live migration patches ?
> >
> > Sorry about that, I've been busy with QEMU.  I'll review them as soon as
> > possible.H
>
> Looking forward to your updates and reviews regarding the same.
>
> Thanks,
> Ashish
>
>

Re: [PATCH v6 02/21] qapi/block.json: Add newline after "Example:" for block-latency-histogram-set

[Markus Armbruster]

Peter Maydell  writes:

> On Mon, 28 Sep 2020 at 13:42, Markus Armbruster  wrote:
>>
>> Peter Maydell  writes:
>>
>> > The block-latency-histogram-set command is the only one which uses
>> > the Example/Examples section with the first line of the documentation
>> > immediately following the ':'. Bring it into line with the rest.
>> >
>> > This allows us to avoid special-casing the indentation handling for
>> > "Examples" sections; instead for Examples as for any other section
>> > header these two indentations will be equivalent:
>>
>> I figure you're talking about PATCH 5 here.  Correct?
>>
>> If yes, I'd like to tweak this to "This will allow us".  Okay?
>
> Sure. (In my idiolect both those phrasings have pretty much
> identical meaning in this context.)
>
> thanks
> -- PMM

Neglected to say
Reviewed-by: Markus Armbruster 

Re: [PATCH v2 6/8] qemu/bswap: Use compiler __builtin_bswap() on FreeBSD

[Philippe Mathieu-Daudé]

On 9/28/20 7:32 PM, Thomas Huth wrote:
> On 28/09/2020 15.19, Philippe Mathieu-Daudé wrote:
>> Since commit efc6c070aca ("configure: Add a test for the minimum
>> compiler version") the minimum compiler version required for GCC
>> is 4.8, which supports __builtin_bswap().
>> Remove the FreeBSD specific ifdef'ry.
>>
>> This reverts commit de03c3164accc21311c39327601fcdd95da301f3
>> ("bswap: Fix build on FreeBSD 10.0").
>>
>> Signed-off-by: Philippe Mathieu-Daudé 
>> ---
>> Cc: Ed Maste 
>> ---
>>  include/qemu/bswap.h | 2 --
>>  1 file changed, 2 deletions(-)
>>
>> diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
>> index 719d620bfe6..1a297bfec22 100644
>> --- a/include/qemu/bswap.h
>> +++ b/include/qemu/bswap.h
>> @@ -6,8 +6,6 @@
>>  #ifdef CONFIG_MACHINE_BSWAP_H
>>  # include 
>>  # include 
>> -#elif defined(__FreeBSD__)
>> -# include 
> 
> Ah, well, no I get it ... you're removing this stuff bit by bit. Quite
> confusing, IMHO, I'd remove them all in one patch instead.

Sure. I did it that way because I was testing OS after OS, when
one was successful I committed the change and went for the next
one.

> 
>  Thomas
> 

Re: [PATCH 5/5] memory: Skip bad range assertion if notifier is DEVIOTLB_UNMAP type

[Peter Xu]

On Mon, Sep 28, 2020 at 11:05:01AM +0200, Eugenio Perez Martin wrote:
> On Fri, Sep 4, 2020 at 6:34 AM Jason Wang  wrote:
> >
> >
> > On 2020/9/4 上午12:14, Eugenio Pérez wrote:
> > > Device IOTLB invalidations can unmap arbitrary ranges, eiter outside of
> > > the memory region or even [0, ~0ULL] for all the space. The assertion
> > > could be hit by a guest, and rhel7 guest effectively hit it.
> > >
> > > Signed-off-by: Eugenio Pérez 
> > > Reviewed-by: Peter Xu 
> > > Reviewed-by: Juan Quintela 
> > > ---
> > >   softmmu/memory.c | 13 +++--
> > >   1 file changed, 11 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/softmmu/memory.c b/softmmu/memory.c
> > > index 8694fc7cf7..e723fcbaa1 100644
> > > --- a/softmmu/memory.c
> > > +++ b/softmmu/memory.c
> > > @@ -1895,6 +1895,7 @@ void memory_region_notify_iommu_one(IOMMUNotifier 
> > > *notifier,
> > >   {
> > >   IOMMUTLBEntry *entry = >entry;
> > >   hwaddr entry_end = entry->iova + entry->addr_mask;
> > > +IOMMUTLBEntry tmp = *entry;
> > >
> > >   if (event->type == IOMMU_NOTIFIER_UNMAP) {
> > >   assert(entry->perm == IOMMU_NONE);
> > > @@ -1908,10 +1909,18 @@ void memory_region_notify_iommu_one(IOMMUNotifier 
> > > *notifier,
> > >   return;
> > >   }
> > >
> > > -assert(entry->iova >= notifier->start && entry_end <= notifier->end);
> > > +if (notifier->notifier_flags & IOMMU_NOTIFIER_DEVIOTLB_UNMAP) {
> > > +/* Crop (iova, addr_mask) to range */
> > > +tmp.iova = MAX(tmp.iova, notifier->start);
> > > +tmp.addr_mask = MIN(entry_end, notifier->end) - tmp.iova;
> > > +/* Confirm no underflow */
> > > +assert(MIN(entry_end, notifier->end) >= tmp.iova);
> >
> >
> > It's still not clear to me why we need such assert. Consider
> > notifier->end is the possible IOVA range but not possible device IOTLB
> > invalidation range (e.g it allows [0, ULLONG_MAX]).
> >
> > Thanks
> >
> 
> As far as I understood the device should admit that out of bounds
> notifications in that case,
> and the assert just makes sure that there was no underflow in
> tmp.addr_mask, i.e., that something
> very wrong that should never happen in production happened.
> 
> Peter, would you mind to confirm/correct it?

I think Jason is right - since we have checked at the entry that the two
regions cross over each other:

/*
 * Skip the notification if the notification does not overlap
 * with registered range.
 */
if (notifier->start > entry_end || notifier->end < entry->iova) {
return;
}

Then I don't see how this assertion can fail any more.

But imho not a big problem either, and it shouldn't hurt to even keep the
assertion of above isn't that straightforward.

> 
> Is there anything else needed to pull this patch?

I didn't post a pull for this only because I shouldn't :) - the plan was that
all vt-d patches will still go via Michael's tree, iiuc.  Though at least to me
I think this series is acceptable for merging.

Though it would always be good too if Jason would still like to review it.

Jason, what's your opinion?

Thanks,

-- 
Peter Xu

Re: [PATCH v2 6/8] qemu/bswap: Use compiler __builtin_bswap() on FreeBSD

[Philippe Mathieu-Daudé]

On 9/28/20 7:57 PM, Philippe Mathieu-Daudé wrote:
> On 9/28/20 7:32 PM, Thomas Huth wrote:
>> On 28/09/2020 15.19, Philippe Mathieu-Daudé wrote:
>>> Since commit efc6c070aca ("configure: Add a test for the minimum
>>> compiler version") the minimum compiler version required for GCC
>>> is 4.8, which supports __builtin_bswap().
>>> Remove the FreeBSD specific ifdef'ry.
>>>
>>> This reverts commit de03c3164accc21311c39327601fcdd95da301f3
>>> ("bswap: Fix build on FreeBSD 10.0").
>>>
>>> Signed-off-by: Philippe Mathieu-Daudé 
>>> ---
>>> Cc: Ed Maste 
>>> ---
>>>  include/qemu/bswap.h | 2 --
>>>  1 file changed, 2 deletions(-)
>>>
>>> diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
>>> index 719d620bfe6..1a297bfec22 100644
>>> --- a/include/qemu/bswap.h
>>> +++ b/include/qemu/bswap.h
>>> @@ -6,8 +6,6 @@
>>>  #ifdef CONFIG_MACHINE_BSWAP_H
>>>  # include 
>>>  # include 
>>> -#elif defined(__FreeBSD__)
>>> -# include 
>>
>> Ah, well, no I get it ... you're removing this stuff bit by bit. Quite
>> confusing, IMHO, I'd remove them all in one patch instead.

Actually I thought it would be easier for each OS maintainer to
review the corresponding patch.

> 
> Sure. I did it that way because I was testing OS after OS, when
> one was successful I committed the change and went for the next
> one.
> 
>>
>>  Thomas
>>
> 

[RFC PATCH v4 24/29] Hexagon (target/hexagon) TCG generation

[Taylor Simpson]

Include the generated files and set up the data structures

Signed-off-by: Taylor Simpson 
---
 target/hexagon/genptr.h |  25 ++
 target/hexagon/genptr.c | 234 
 2 files changed, 259 insertions(+)
 create mode 100644 target/hexagon/genptr.h
 create mode 100644 target/hexagon/genptr.c

diff --git a/target/hexagon/genptr.h b/target/hexagon/genptr.h
new file mode 100644
index 000..cf27a02
--- /dev/null
+++ b/target/hexagon/genptr.h
@@ -0,0 +1,25 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_GENPTR_H
+#define HEXAGON_GENPTR_H
+
+#include "insn.h"
+
+extern const semantic_insn_t opcode_genptr[];
+
+#endif
diff --git a/target/hexagon/genptr.c b/target/hexagon/genptr.c
new file mode 100644
index 000..ba233a4
--- /dev/null
+++ b/target/hexagon/genptr.c
@@ -0,0 +1,234 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#define QEMU_GENERATE
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "cpu.h"
+#include "internal.h"
+#include "tcg/tcg-op.h"
+#include "insn.h"
+#include "opcodes.h"
+#include "translate.h"
+#include "macros.h"
+#include "gen_tcg.h"
+
+static inline TCGv gen_read_reg(TCGv result, int num)
+{
+tcg_gen_mov_tl(result, hex_gpr[num]);
+return result;
+}
+
+static inline TCGv gen_read_preg(TCGv pred, uint8_t num)
+{
+tcg_gen_mov_tl(pred, hex_pred[num]);
+return pred;
+}
+
+static inline void gen_log_predicated_reg_write(int rnum, TCGv val, int slot)
+{
+TCGv one = tcg_const_tl(1);
+TCGv zero = tcg_const_tl(0);
+TCGv slot_mask = tcg_temp_new();
+
+tcg_gen_andi_tl(slot_mask, hex_slot_cancelled, 1 << slot);
+tcg_gen_movcond_tl(TCG_COND_EQ, hex_new_value[rnum], slot_mask, zero,
+   val, hex_new_value[rnum]);
+#if HEX_DEBUG
+/* Do this so HELPER(debug_commit_end) will know */
+tcg_gen_movcond_tl(TCG_COND_EQ, hex_reg_written[rnum], slot_mask, zero,
+   one, hex_reg_written[rnum]);
+#endif
+
+tcg_temp_free(one);
+tcg_temp_free(zero);
+tcg_temp_free(slot_mask);
+}
+
+static inline void gen_log_reg_write(int rnum, TCGv val)
+{
+tcg_gen_mov_tl(hex_new_value[rnum], val);
+#if HEX_DEBUG
+/* Do this so HELPER(debug_commit_end) will know */
+tcg_gen_movi_tl(hex_reg_written[rnum], 1);
+#endif
+}
+
+static void gen_log_predicated_reg_write_pair(int rnum, TCGv_i64 val, int slot)
+{
+TCGv val32 = tcg_temp_new();
+TCGv one = tcg_const_tl(1);
+TCGv zero = tcg_const_tl(0);
+TCGv slot_mask = tcg_temp_new();
+
+tcg_gen_andi_tl(slot_mask, hex_slot_cancelled, 1 << slot);
+/* Low word */
+tcg_gen_extrl_i64_i32(val32, val);
+tcg_gen_movcond_tl(TCG_COND_EQ, hex_new_value[rnum], slot_mask, zero,
+   val32, hex_new_value[rnum]);
+#if HEX_DEBUG
+/* Do this so HELPER(debug_commit_end) will know */
+tcg_gen_movcond_tl(TCG_COND_EQ, hex_reg_written[rnum],
+   slot_mask, zero,
+   one, hex_reg_written[rnum]);
+#endif
+
+/* High word */
+tcg_gen_extrh_i64_i32(val32, val);
+tcg_gen_movcond_tl(TCG_COND_EQ, hex_new_value[rnum + 1],
+   slot_mask, zero,
+   val32, hex_new_value[rnum + 1]);
+#if HEX_DEBUG
+/* Do this so HELPER(debug_commit_end) will know */
+tcg_gen_movcond_tl(TCG_COND_EQ, hex_reg_written[rnum + 1],
+   slot_mask, zero,
+   one, hex_reg_written[rnum + 1]);
+#endif
+
+tcg_temp_free(val32);
+tcg_temp_free(one);
+

[RFC PATCH v4 21/29] Hexagon (target/hexagon) opcode data structures

[Taylor Simpson]

Signed-off-by: Taylor Simpson 
---
 target/hexagon/opcodes.h |  66 
 target/hexagon/opcodes.c | 199 +++
 2 files changed, 265 insertions(+)
 create mode 100644 target/hexagon/opcodes.h
 create mode 100644 target/hexagon/opcodes.c

diff --git a/target/hexagon/opcodes.h b/target/hexagon/opcodes.h
new file mode 100644
index 000..ef02592
--- /dev/null
+++ b/target/hexagon/opcodes.h
@@ -0,0 +1,66 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_OPCODES_H
+#define HEXAGON_OPCODES_H
+
+#include "hex_arch_types.h"
+#include "attribs.h"
+
+typedef enum {
+#define OPCODE(IID) IID
+#include "opcodes_def_generated.h"
+XX_LAST_OPCODE
+#undef OPCODE
+} opcode_t;
+
+typedef enum {
+NORMAL,
+HALF,
+SUBINSN_A,
+SUBINSN_L1,
+SUBINSN_L2,
+SUBINSN_S1,
+SUBINSN_S2,
+EXT_noext,
+EXT_mmvec,
+XX_LAST_ENC_CLASS
+} enc_class_t;
+
+extern const char *opcode_names[];
+
+extern const char *opcode_reginfo[];
+extern const char *opcode_rregs[];
+extern const char *opcode_wregs[];
+
+typedef struct {
+const char * const encoding;
+uint32_t vals;
+uint32_t dep_vals;
+const enc_class_t enc_class;
+} opcode_encoding_t;
+
+extern opcode_encoding_t opcode_encodings[XX_LAST_OPCODE];
+
+extern uint32_t
+opcode_attribs[XX_LAST_OPCODE][(A_ZZ_LASTATTRIB / ATTRIB_WIDTH) + 1];
+
+extern void opcode_init(void);
+
+extern int opcode_which_immediate_is_extended(opcode_t opcode);
+
+#endif
diff --git a/target/hexagon/opcodes.c b/target/hexagon/opcodes.c
new file mode 100644
index 000..8621f1c
--- /dev/null
+++ b/target/hexagon/opcodes.c
@@ -0,0 +1,199 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+/*
+ * opcodes.c
+ *
+ * data tables generated automatically
+ * Maybe some functions too
+ */
+
+#include "qemu/osdep.h"
+#include "opcodes.h"
+#include "decode.h"
+
+#define VEC_DESCR(A, B, C) DESCR(A, B, C)
+#define DONAME(X) #X
+
+const char *opcode_names[] = {
+#define OPCODE(IID) DONAME(IID)
+#include "opcodes_def_generated.h"
+NULL
+#undef OPCODE
+};
+
+const char *opcode_reginfo[] = {
+#define IMMINFO(TAG, SIGN, SIZE, SHAMT, SIGN2, SIZE2, SHAMT2)/* nothing */
+#define REGINFO(TAG, REGINFO, RREGS, WREGS) REGINFO,
+#include "op_regs_generated.h"
+NULL
+#undef REGINFO
+#undef IMMINFO
+};
+
+
+const char *opcode_rregs[] = {
+#define IMMINFO(TAG, SIGN, SIZE, SHAMT, SIGN2, SIZE2, SHAMT2)/* nothing */
+#define REGINFO(TAG, REGINFO, RREGS, WREGS) RREGS,
+#include "op_regs_generated.h"
+NULL
+#undef REGINFO
+#undef IMMINFO
+};
+
+
+const char *opcode_wregs[] = {
+#define IMMINFO(TAG, SIGN, SIZE, SHAMT, SIGN2, SIZE2, SHAMT2)/* nothing */
+#define REGINFO(TAG, REGINFO, RREGS, WREGS) WREGS,
+#include "op_regs_generated.h"
+NULL
+#undef REGINFO
+#undef IMMINFO
+};
+
+const char * const opcode_short_semantics[] = {
+#define DEF_SHORTCODE(TAG, SHORTCODE)  [TAG] = #SHORTCODE,
+#include "shortcode_generated.h"
+#undef DEF_SHORTCODE
+NULL
+};
+
+
+uint32_t
+opcode_attribs[XX_LAST_OPCODE][(A_ZZ_LASTATTRIB / ATTRIB_WIDTH) + 1];
+
+static void init_attribs(int tag, ...)
+{
+va_list ap;
+int attr;
+va_start(ap, tag);
+while ((attr = va_arg(ap, int)) != 0) {
+opcode_attribs[tag][attr / ATTRIB_WIDTH] |= 1 << (attr % ATTRIB_WIDTH);
+}
+}
+
+static uint32_t str2val(const char *str)
+{
+uint32_t ret = 0;
+for ( ; *str; str++) {
+switch (*str) {
+case ' ':
+case '\t':
+break;
+case 's':
+   

Re: [PATCH v2 6/8] qemu/bswap: Use compiler __builtin_bswap() on FreeBSD

[Thomas Huth]

On 28/09/2020 15.19, Philippe Mathieu-Daudé wrote:
> Since commit efc6c070aca ("configure: Add a test for the minimum
> compiler version") the minimum compiler version required for GCC
> is 4.8, which supports __builtin_bswap().
> Remove the FreeBSD specific ifdef'ry.
> 
> This reverts commit de03c3164accc21311c39327601fcdd95da301f3
> ("bswap: Fix build on FreeBSD 10.0").
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
> Cc: Ed Maste 
> ---
>  include/qemu/bswap.h | 2 --
>  1 file changed, 2 deletions(-)
> 
> diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
> index 719d620bfe6..1a297bfec22 100644
> --- a/include/qemu/bswap.h
> +++ b/include/qemu/bswap.h
> @@ -6,8 +6,6 @@
>  #ifdef CONFIG_MACHINE_BSWAP_H
>  # include 
>  # include 
> -#elif defined(__FreeBSD__)
> -# include 

Ah, well, no I get it ... you're removing this stuff bit by bit. Quite
confusing, IMHO, I'd remove them all in one patch instead.

 Thomas

[RFC PATCH v4 18/29] Hexagon (target/hexagon) generator phase 2 - generate header files

[Taylor Simpson]

Python scripts generate the following files
helper_protos_generated.h
For each instruction we create DEF_HELPER function prototype
helper_funcs_generated.h
For each instruction we create the helper function definition
tcg_funcs_generated.h
For each instruction we create TCG code to generate call to helper
tcg_func_table_generated.h
Table of function pointers indexed by opcode
shortcode_generated.h
Generate a table of instruction "shortcode" semantics
opcodes_def_generated.h
Gives a list of all the opcodes
op_attribs_generated.h
Lists all the attributes associated with each instruction
op_regs_generated.h
Lists the register and immediate operands for each instruction
printinsn_generated.h
Data for printing (disassembling) each instruction (format
string + operands)

Signed-off-by: Taylor Simpson 
---
 target/hexagon/gen_helper_funcs.py   | 229 +++
 target/hexagon/gen_helper_protos.py  | 158 ++
 target/hexagon/gen_op_attribs.py |  46 +++
 target/hexagon/gen_op_regs.py| 119 
 target/hexagon/gen_opcodes_def.py|  43 +++
 target/hexagon/gen_printinsn.py  | 185 
 target/hexagon/gen_shortcode.py  |  71 +
 target/hexagon/gen_tcg_func_table.py |  66 +
 target/hexagon/gen_tcg_funcs.py  | 543 +++
 target/hexagon/hex_common.py | 216 ++
 10 files changed, 1676 insertions(+)
 create mode 100755 target/hexagon/gen_helper_funcs.py
 create mode 100755 target/hexagon/gen_helper_protos.py
 create mode 100755 target/hexagon/gen_op_attribs.py
 create mode 100755 target/hexagon/gen_op_regs.py
 create mode 100755 target/hexagon/gen_opcodes_def.py
 create mode 100755 target/hexagon/gen_printinsn.py
 create mode 100755 target/hexagon/gen_shortcode.py
 create mode 100755 target/hexagon/gen_tcg_func_table.py
 create mode 100755 target/hexagon/gen_tcg_funcs.py
 create mode 100755 target/hexagon/hex_common.py

diff --git a/target/hexagon/gen_helper_funcs.py 
b/target/hexagon/gen_helper_funcs.py
new file mode 100755
index 000..089818c
--- /dev/null
+++ b/target/hexagon/gen_helper_funcs.py
@@ -0,0 +1,229 @@
+#!/usr/bin/env python3
+
+##
+##  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+##
+##  This program is free software; you can redistribute it and/or modify
+##  it under the terms of the GNU General Public License as published by
+##  the Free Software Foundation; either version 2 of the License, or
+##  (at your option) any later version.
+##
+##  This program is distributed in the hope that it will be useful,
+##  but WITHOUT ANY WARRANTY; without even the implied warranty of
+##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+##  GNU General Public License for more details.
+##
+##  You should have received a copy of the GNU General Public License
+##  along with this program; if not, see .
+##
+
+import sys
+import re
+import string
+from io import StringIO
+
+from hex_common import *
+
+##
+## Helpers for gen_helper_function
+##
+def gen_decl_ea(f):
+f.write("uint32_t EA;\n")
+
+def gen_helper_return_type(f,regtype,regid,regno):
+if regno > 1 : f.write(", ")
+f.write("int32_t")
+
+def gen_helper_return_type_pair(f,regtype,regid,regno):
+if regno > 1 : f.write(", ")
+f.write("int64_t")
+
+def gen_helper_arg(f,regtype,regid,regno):
+if regno > 0 : f.write(", " )
+f.write("int32_t %s%sV" % (regtype,regid))
+
+def gen_helper_arg_new(f,regtype,regid,regno):
+if regno >= 0 : f.write(", " )
+f.write("int32_t %s%sN" % (regtype,regid))
+
+def gen_helper_arg_pair(f,regtype,regid,regno):
+if regno >= 0 : f.write(", ")
+f.write("int64_t %s%sV" % (regtype,regid))
+
+def gen_helper_arg_opn(f,regtype,regid,i,tag):
+if (is_pair(regid)):
+gen_helper_arg_pair(f,regtype,regid,i)
+elif (is_single(regid)):
+if is_old_val(regtype, regid, tag):
+gen_helper_arg(f,regtype,regid,i)
+elif is_new_val(regtype, regid, tag):
+gen_helper_arg_new(f,regtype,regid,i)
+else:
+print("Bad register parse: ",regtype,regid,toss,numregs)
+else:
+print("Bad register parse: ",regtype,regid,toss,numregs)
+
+def gen_helper_arg_imm(f,immlett):
+f.write(", int32_t %s" % (imm_name(immlett)))
+
+def gen_helper_dest_decl(f,regtype,regid,regno,subfield=""):
+f.write("int32_t %s%sV%s = 0;\n" % \
+(regtype,regid,subfield))
+
+def gen_helper_dest_decl_pair(f,regtype,regid,regno,subfield=""):
+f.write("int64_t %s%sV%s = 0;\n" % \
+(regtype,regid,subfield))
+
+def gen_helper_dest_decl_opn(f,regtype,regid,i):
+if (is_pair(regid)):
+gen_helper_dest_decl_pair(f,regtype,regid,i)
+elif (is_single(regid)):
+gen_helper_dest_decl(f,regtype,regid,i)
+else:
+

Re: [PATCH v2 5/8] qemu/bswap: Use compiler __builtin_bswap() on Haiku

[Thomas Huth]

On 28/09/2020 15.19, Philippe Mathieu-Daudé wrote:
> Since commit efc6c070aca ("configure: Add a test for the minimum
> compiler version") the minimum compiler version required for GCC
> is 4.8, which supports __builtin_bswap().
> Remove the Haiku specific ifdef'ry.
> 
> This reverts commit 652a46ebba970017c7a23767dcc983265cdb8eb7
> ("bswap.h: Include  on Haiku for bswap operations").
> 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
> Cc: David Carlier 
> Cc: Carlo Arenas 
> ---
>  include/qemu/bswap.h | 2 --
>  1 file changed, 2 deletions(-)
> 
> diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
> index 55916670d39..719d620bfe6 100644
> --- a/include/qemu/bswap.h
> +++ b/include/qemu/bswap.h
> @@ -8,8 +8,6 @@
>  # include 
>  #elif defined(__FreeBSD__)
>  # include 
> -#elif defined(__HAIKU__)
> -# include 
>  #else
>  #undef  bswap16
>  #define bswap16(_x) __builtin_bswap16(_x)

Why don't we simply always use the builtin functions on all systems? I
assume the compiler can handle these the best in all cases... or do you
see any advantage in using  or  in
certain cases?

 Thomas


 Thomas

[RFC PATCH v4 22/29] Hexagon (target/hexagon) macros

[Taylor Simpson]

macros to interface with the generator
macros referenced in instruction semantics

Signed-off-by: Taylor Simpson 
---
 target/hexagon/macros.h | 654 
 1 file changed, 654 insertions(+)
 create mode 100644 target/hexagon/macros.h

diff --git a/target/hexagon/macros.h b/target/hexagon/macros.h
new file mode 100644
index 000..34831d4
--- /dev/null
+++ b/target/hexagon/macros.h
@@ -0,0 +1,654 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_MACROS_H
+#define HEXAGON_MACROS_H
+
+#include "qemu/osdep.h"
+#include "qemu/host-utils.h"
+#include "cpu.h"
+#include "hex_regs.h"
+#include "reg_fields.h"
+
+#ifdef QEMU_GENERATE
+#define READ_REG(dest, NUM)  gen_read_reg(dest, NUM)
+#define READ_PREG(dest, NUM) gen_read_preg(dest, (NUM))
+#else
+#define READ_REG(NUM)(env->gpr[(NUM)])
+#define READ_PREG(NUM)   (env->pred[NUM])
+
+#define WRITE_RREG(NUM, VAL) log_reg_write(env, NUM, VAL, slot)
+#define WRITE_PREG(NUM, VAL) log_pred_write(env, NUM, VAL)
+#endif
+
+#define PCALIGN 4
+#define PCALIGN_MASK (PCALIGN - 1)
+
+#define GET_FIELD(FIELD, REGIN) \
+fEXTRACTU_BITS(REGIN, reg_field_info[FIELD].width, \
+   reg_field_info[FIELD].offset)
+
+#define GET_USR_FIELD(FIELD) \
+fEXTRACTU_BITS(env->gpr[HEX_REG_USR], reg_field_info[FIELD].width, \
+   reg_field_info[FIELD].offset)
+
+#define SET_USR_FIELD(FIELD, VAL) \
+fINSERT_BITS(env->gpr[HEX_REG_USR], reg_field_info[FIELD].width, \
+ reg_field_info[FIELD].offset, (VAL))
+
+#ifdef QEMU_GENERATE
+/*
+ * Section 5.5 of the Hexagon V67 Programmer's Reference Manual
+ *
+ * Slot 1 store with slot 0 load
+ * A slot 1 store operation with a slot 0 load operation can appear in a 
packet.
+ * The packet attribute :mem_noshuf inhibits the instruction reordering that
+ * would otherwise be done by the assembler. For example:
+ * {
+ * memw(R5) = R2 // slot 1 store
+ * R3 = memh(R6) // slot 0 load
+ * }:mem_noshuf
+ * Unlike most packetized operations, these memory operations are not executed
+ * in parallel (Section 3.3.1). Instead, the store instruction in Slot 1
+ * effectively executes first, followed by the load instruction in Slot 0. If
+ * the addresses of the two operations are overlapping, the load will receive
+ * the newly stored data. This feature is supported in processor versions
+ * V65 or greater.
+ *
+ *
+ * For qemu, we look for a load in slot 0 when there is  a store in slot 1
+ * in the same packet.  When we see this, we call a helper that merges the
+ * bytes from the store buffer with the value loaded from memory.
+ */
+#define CHECK_NOSHUF(DST, VA, SZ, SIGN) \
+do { \
+if (insn->slot == 0 && pkt->pkt_has_store_s1) { \
+gen_helper_merge_inflight_store##SZ##SIGN(DST, cpu_env, VA, DST); \
+} \
+} while (0)
+
+#define MEM_LOAD1s(DST, VA) \
+do { \
+tcg_gen_qemu_ld8s(DST, VA, ctx->mem_idx); \
+CHECK_NOSHUF(DST, VA, 1, s); \
+} while (0)
+#define MEM_LOAD1u(DST, VA) \
+do { \
+tcg_gen_qemu_ld8u(DST, VA, ctx->mem_idx); \
+CHECK_NOSHUF(DST, VA, 1, u); \
+} while (0)
+#define MEM_LOAD2s(DST, VA) \
+do { \
+tcg_gen_qemu_ld16s(DST, VA, ctx->mem_idx); \
+CHECK_NOSHUF(DST, VA, 2, s); \
+} while (0)
+#define MEM_LOAD2u(DST, VA) \
+do { \
+tcg_gen_qemu_ld16u(DST, VA, ctx->mem_idx); \
+CHECK_NOSHUF(DST, VA, 2, u); \
+} while (0)
+#define MEM_LOAD4s(DST, VA) \
+do { \
+tcg_gen_qemu_ld32s(DST, VA, ctx->mem_idx); \
+CHECK_NOSHUF(DST, VA, 4, s); \
+} while (0)
+#define MEM_LOAD4u(DST, VA) \
+do { \
+tcg_gen_qemu_ld32s(DST, VA, ctx->mem_idx); \
+CHECK_NOSHUF(DST, VA, 4, u); \
+} while (0)
+#define MEM_LOAD8u(DST, VA) \
+do { \
+tcg_gen_qemu_ld64(DST, VA, ctx->mem_idx); \
+CHECK_NOSHUF(DST, VA, 8, u); \
+} while (0)
+#else
+#define MEM_LOAD1s(VA) ((int8_t)mem_load1(env, slot, VA))
+#define MEM_LOAD1u(VA) ((uint8_t)mem_load1(env, slot, VA))
+#define MEM_LOAD2s(VA) ((int16_t)mem_load2(env, slot, VA))
+#define MEM_LOAD2u(VA) ((uint16_t)mem_load2(env, 

[RFC PATCH v4 25/29] Hexagon (target/hexagon) TCG for instructions with multiple definitions

[Taylor Simpson]

Helpers won't work if there are multiple definitions, so we override these
instructions using #define fGEN_TCG_.

Signed-off-by: Taylor Simpson 
---
 target/hexagon/gen_tcg.h | 198 +++
 1 file changed, 198 insertions(+)
 create mode 100644 target/hexagon/gen_tcg.h

diff --git a/target/hexagon/gen_tcg.h b/target/hexagon/gen_tcg.h
new file mode 100644
index 000..35568d1
--- /dev/null
+++ b/target/hexagon/gen_tcg.h
@@ -0,0 +1,198 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_GEN_TCG_H
+#define HEXAGON_GEN_TCG_H
+
+/*
+ * Here is a primer to understand the tag names for load/store instructions
+ *
+ * Data types
+ *  bsigned byte   r0 = memb(r2+#0)
+ * ubunsigned byte r0 = memub(r2+#0)
+ *  hsigned half word (16 bits)r0 = memh(r2+#0)
+ * uhunsigned half wordr0 = memuh(r2+#0)
+ *  iinteger (32 bits) r0 = memw(r2+#0)
+ *  ddouble word (64 bits) r1:0 = memd(r2+#0)
+ *
+ * Addressing modes
+ * _io   indirect with offset  r0 = memw(r1+#4)
+ * _ur   absolute with register offset r0 = memw(r1<<#4+##variable)
+ * _rr   indirect with register offset r0 = memw(r1+r4<<#2)
+ * gpglobal pointer relative   r0 = memw(gp+#200)
+ * _sp   stack pointer relativer0 = memw(r29+#12)
+ * _ap   absolute set  r0 = memw(r1=##variable)
+ * _pr   post increment register   r0 = memw(r1++m1)
+ * _pi   post increment immediate  r0 = memb(r1++#1)
+ */
+
+/* Macros for complex addressing modes */
+#define GET_EA_ap \
+do { \
+fEA_IMM(UiV); \
+tcg_gen_movi_tl(ReV, UiV); \
+} while (0)
+#define GET_EA_pr \
+do { \
+fEA_REG(RxV); \
+fPM_M(RxV, MuV); \
+} while (0)
+#define GET_EA_pi \
+do { \
+fEA_REG(RxV); \
+fPM_I(RxV, siV); \
+} while (0)
+
+
+/* Instructions with multiple definitions */
+#define fGEN_TCG_LOAD_AP(RES, SIZE, SIGN) \
+do { \
+fMUST_IMMEXT(UiV); \
+fEA_IMM(UiV); \
+fLOAD(1, SIZE, SIGN, EA, RES); \
+tcg_gen_movi_tl(ReV, UiV); \
+} while (0)
+
+#define fGEN_TCG_L4_loadrub_ap(SHORTCODE) \
+fGEN_TCG_LOAD_AP(RdV, 1, u)
+#define fGEN_TCG_L4_loadrb_ap(SHORTCODE) \
+fGEN_TCG_LOAD_AP(RdV, 1, s)
+#define fGEN_TCG_L4_loadruh_ap(SHORTCODE) \
+fGEN_TCG_LOAD_AP(RdV, 2, u)
+#define fGEN_TCG_L4_loadrh_ap(SHORTCODE) \
+fGEN_TCG_LOAD_AP(RdV, 2, s)
+#define fGEN_TCG_L4_loadri_ap(SHORTCODE) \
+fGEN_TCG_LOAD_AP(RdV, 4, u)
+#define fGEN_TCG_L4_loadrd_ap(SHORTCODE) \
+fGEN_TCG_LOAD_AP(RddV, 8, u)
+
+#define fGEN_TCG_L2_loadrub_pr(SHORTCODE)  SHORTCODE
+#define fGEN_TCG_L2_loadrub_pi(SHORTCODE)  SHORTCODE
+#define fGEN_TCG_L2_loadrb_pr(SHORTCODE)   SHORTCODE
+#define fGEN_TCG_L2_loadrb_pi(SHORTCODE)   SHORTCODE;
+#define fGEN_TCG_L2_loadruh_pr(SHORTCODE)  SHORTCODE
+#define fGEN_TCG_L2_loadruh_pi(SHORTCODE)  SHORTCODE;
+#define fGEN_TCG_L2_loadrh_pr(SHORTCODE)   SHORTCODE
+#define fGEN_TCG_L2_loadrh_pi(SHORTCODE)   SHORTCODE
+#define fGEN_TCG_L2_loadri_pr(SHORTCODE)   SHORTCODE
+#define fGEN_TCG_L2_loadri_pi(SHORTCODE)   SHORTCODE
+#define fGEN_TCG_L2_loadrd_pr(SHORTCODE)   SHORTCODE
+#define fGEN_TCG_L2_loadrd_pi(SHORTCODE)   SHORTCODE
+
+/*
+ * Predicated loads
+ * Here is a primer to understand the tag names
+ *
+ * Predicate used
+ *  ttrue "old" value  if (p0) r0 = memb(r2+#0)
+ *  ffalse "old" value if (!p0) r0 = memb(r2+#0)
+ *  tnew true "new" value  if (p0.new) r0 = memb(r2+#0)
+ *  fnew false "new" value if (!p0.new) r0 = 
memb(r2+#0)
+ */
+#define fGEN_TCG_PRED_LOAD(GET_EA, PRED, SIZE, SIGN) \
+do { \
+TCGv LSB = tcg_temp_local_new(); \
+TCGLabel *label = gen_new_label(); \
+GET_EA; \
+PRED;  \
+PRED_LOAD_CANCEL(LSB, EA); \
+tcg_gen_movi_tl(RdV, 0); \
+tcg_gen_brcondi_tl(TCG_COND_EQ, LSB, 0, label); \
+fLOAD(1, 

[RFC PATCH v4 29/29] Hexagon build infrastructure

[Taylor Simpson]

Add file to default-configs
Change configure
Add hexagon to meson.build
Add hexagon to target/meson.build
Add target/hexagon/meson.build
Change scripts/qemu-binfmt-conf.sh

We can build a hexagon-linux-user target and run programs on the Hexagon
scalar core.  With hexagon-linux-clang installed, "make check-tcg" will
pass.

Signed-off-by: Taylor Simpson 
---
 configure  |   6 ++
 default-configs/hexagon-linux-user.mak |   1 +
 meson.build|   1 +
 scripts/qemu-binfmt-conf.sh|   6 +-
 target/hexagon/meson.build | 178 +
 target/meson.build |   1 +
 6 files changed, 192 insertions(+), 1 deletion(-)
 create mode 100644 default-configs/hexagon-linux-user.mak
 create mode 100644 target/hexagon/meson.build

diff --git a/configure b/configure
index e8e8e98..e57eb1b 100755
--- a/configure
+++ b/configure
@@ -7727,6 +7727,12 @@ case "$target_name" in
 bflt="yes"
 mttcg="yes"
   ;;
+  hexagon)
+TARGET_BASE_ARCH=hexagon
+TARGET_ABI_DIR=hexagon
+mttcg=yes
+target_compiler=$cross_cc_hexagon
+  ;;
   *)
 error_exit "Unsupported target CPU"
   ;;
diff --git a/default-configs/hexagon-linux-user.mak 
b/default-configs/hexagon-linux-user.mak
new file mode 100644
index 000..ad55af0
--- /dev/null
+++ b/default-configs/hexagon-linux-user.mak
@@ -0,0 +1 @@
+# Default configuration for hexagon-linux-user
diff --git a/meson.build b/meson.build
index f4d1ab1..f401838 100644
--- a/meson.build
+++ b/meson.build
@@ -485,6 +485,7 @@ disassemblers = {
   'arm' : ['CONFIG_ARM_DIS'],
   'avr' : ['CONFIG_AVR_DIS'],
   'cris' : ['CONFIG_CRIS_DIS'],
+  'hexagon' : ['CONFIG_HEXAGON_DIS'],
   'hppa' : ['CONFIG_HPPA_DIS'],
   'i386' : ['CONFIG_I386_DIS'],
   'x86_64' : ['CONFIG_I386_DIS'],
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
index 9f1580a..7b5d54b 100755
--- a/scripts/qemu-binfmt-conf.sh
+++ b/scripts/qemu-binfmt-conf.sh
@@ -4,7 +4,7 @@
 qemu_target_list="i386 i486 alpha arm armeb sparc sparc32plus sparc64 \
 ppc ppc64 ppc64le m68k mips mipsel mipsn32 mipsn32el mips64 mips64el \
 sh4 sh4eb s390x aarch64 aarch64_be hppa riscv32 riscv64 xtensa xtensaeb \
-microblaze microblazeel or1k x86_64"
+microblaze microblazeel or1k x86_64 hexagon"
 
 
i386_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00'
 
i386_mask='\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
@@ -136,6 +136,10 @@ 
or1k_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\
 
or1k_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
 or1k_family=or1k
 
+hexagon_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xa4\x00'
+hexagon_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
+hexagon_family=hexagon
+
 qemu_get_family() {
 cpu=${HOST_ARCH:-$(uname -m)}
 case "$cpu" in
diff --git a/target/hexagon/meson.build b/target/hexagon/meson.build
new file mode 100644
index 000..8ff5cf6
--- /dev/null
+++ b/target/hexagon/meson.build
@@ -0,0 +1,178 @@
+##
+##  Copyright(c) 2020 Qualcomm Innovation Center, Inc. All Rights Reserved.
+##
+##  This program is free software; you can redistribute it and/or modify
+##  it under the terms of the GNU General Public License as published by
+##  the Free Software Foundation; either version 2 of the License, or
+##  (at your option) any later version.
+##
+##  This program is distributed in the hope that it will be useful,
+##  but WITHOUT ANY WARRANTY; without even the implied warranty of
+##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+##  GNU General Public License for more details.
+##
+##  You should have received a copy of the GNU General Public License
+##  along with this program; if not, see .
+##
+
+hexagon_ss = ss.source_set()
+
+prog_python = import('python').find_installation('python3')
+
+hex_common_py = 'hex_common.py'
+attribs_def_h = meson.current_source_dir() / 'attribs_def.h'
+gen_tcg_h = meson.current_source_dir() / 'gen_tcg.h'
+
+#
+#  Step 1
+#  We use a C program to create semantics_generated.pyinc
+#
+gen_semantics = executable('gen_semantics', 'gen_semantics.c')
+
+semantics = custom_target(
+'semantics_generated.pyinc',
+output: 'semantics_generated.pyinc',
+input: gen_semantics,
+command: ['@INPUT@', '@OUTPUT@'],
+)
+hexagon_ss.add(semantics)
+
+#
+# Step 2
+# We use Python scripts to generate the following files
+# shortcode_generated.h
+# helper_protos_generated.h
+# tcg_funcs_generated.h
+# tcg_func_table_generated.h
+# helper_funcs_generated.h
+# printinsn_generated.h
+# op_regs_generated.h
+# op_attribs_generated.h
+# opcodes_def_generated.h
+#
+shortcode_h = custom_target(
+'shortcode_generated.h',
+output: 'shortcode_generated.h',
+

[RFC PATCH v4 27/29] Hexagon (linux-user/hexagon) Linux user emulation

[Taylor Simpson]

Implementation of Linux user emulation for Hexagon
Some common files modified in addition to new files in linux-user/hexagon

Signed-off-by: Taylor Simpson 
Reviewed-by: Richard Henderson 
---
 linux-user/hexagon/sockbits.h   |  18 ++
 linux-user/hexagon/syscall_nr.h | 343 
 linux-user/hexagon/target_cpu.h |  44 +
 linux-user/hexagon/target_elf.h |  40 +
 linux-user/hexagon/target_fcntl.h   |  18 ++
 linux-user/hexagon/target_signal.h  |  34 
 linux-user/hexagon/target_structs.h |  46 +
 linux-user/hexagon/target_syscall.h |  36 
 linux-user/hexagon/termbits.h   |  18 ++
 linux-user/qemu.h   |   2 +
 linux-user/syscall_defs.h   |  33 
 linux-user/elfload.c|  16 ++
 linux-user/hexagon/cpu_loop.c   |  99 +++
 linux-user/hexagon/signal.c | 276 +
 linux-user/hexagon/meson.build  |  22 +++
 linux-user/meson.build  |   1 +
 scripts/gensyscalls.sh  |   3 +-
 17 files changed, 1048 insertions(+), 1 deletion(-)
 create mode 100644 linux-user/hexagon/sockbits.h
 create mode 100644 linux-user/hexagon/syscall_nr.h
 create mode 100644 linux-user/hexagon/target_cpu.h
 create mode 100644 linux-user/hexagon/target_elf.h
 create mode 100644 linux-user/hexagon/target_fcntl.h
 create mode 100644 linux-user/hexagon/target_signal.h
 create mode 100644 linux-user/hexagon/target_structs.h
 create mode 100644 linux-user/hexagon/target_syscall.h
 create mode 100644 linux-user/hexagon/termbits.h
 create mode 100644 linux-user/hexagon/cpu_loop.c
 create mode 100644 linux-user/hexagon/signal.c
 create mode 100644 linux-user/hexagon/meson.build

diff --git a/linux-user/hexagon/sockbits.h b/linux-user/hexagon/sockbits.h
new file mode 100644
index 000..a6e8966
--- /dev/null
+++ b/linux-user/hexagon/sockbits.h
@@ -0,0 +1,18 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#include "../generic/sockbits.h"
diff --git a/linux-user/hexagon/syscall_nr.h b/linux-user/hexagon/syscall_nr.h
new file mode 100644
index 000..31bf2e4
--- /dev/null
+++ b/linux-user/hexagon/syscall_nr.h
@@ -0,0 +1,343 @@
+/*
+ * This file contains the system call numbers.
+ * Do not modify.
+ * This file is generated by gensyscalls.sh
+ */
+#ifndef LINUX_USER_HEXAGON_SYSCALL_NR_H
+#define LINUX_USER_HEXAGON_SYSCALL_NR_H
+
+#define TARGET_NR_io_setup 0
+#define TARGET_NR_io_destroy 1
+#define TARGET_NR_io_submit 2
+#define TARGET_NR_io_cancel 3
+#define TARGET_NR_io_getevents 4
+#define TARGET_NR_setxattr 5
+#define TARGET_NR_lsetxattr 6
+#define TARGET_NR_fsetxattr 7
+#define TARGET_NR_getxattr 8
+#define TARGET_NR_lgetxattr 9
+#define TARGET_NR_fgetxattr 10
+#define TARGET_NR_listxattr 11
+#define TARGET_NR_llistxattr 12
+#define TARGET_NR_flistxattr 13
+#define TARGET_NR_removexattr 14
+#define TARGET_NR_lremovexattr 15
+#define TARGET_NR_fremovexattr 16
+#define TARGET_NR_getcwd 17
+#define TARGET_NR_lookup_dcookie 18
+#define TARGET_NR_eventfd2 19
+#define TARGET_NR_epoll_create1 20
+#define TARGET_NR_epoll_ctl 21
+#define TARGET_NR_epoll_pwait 22
+#define TARGET_NR_dup 23
+#define TARGET_NR_dup3 24
+#define TARGET_NR_fcntl64 25
+#define TARGET_NR_inotify_init1 26
+#define TARGET_NR_inotify_add_watch 27
+#define TARGET_NR_inotify_rm_watch 28
+#define TARGET_NR_ioctl 29
+#define TARGET_NR_ioprio_set 30
+#define TARGET_NR_ioprio_get 31
+#define TARGET_NR_flock 32
+#define TARGET_NR_mknodat 33
+#define TARGET_NR_mkdirat 34
+#define TARGET_NR_unlinkat 35
+#define TARGET_NR_symlinkat 36
+#define TARGET_NR_linkat 37
+#define TARGET_NR_renameat 38
+#define TARGET_NR_umount2 39
+#define TARGET_NR_mount 40
+#define TARGET_NR_pivot_root 41
+#define TARGET_NR_nfsservctl 42
+#define TARGET_NR_statfs64 43
+#define TARGET_NR_fstatfs64 44
+#define TARGET_NR_truncate64 45
+#define TARGET_NR_ftruncate64 46
+#define TARGET_NR_fallocate 47
+#define TARGET_NR_faccessat 48
+#define TARGET_NR_chdir 49
+#define TARGET_NR_fchdir 50
+#define TARGET_NR_chroot 51
+#define TARGET_NR_fchmod 52
+#define TARGET_NR_fchmodat 53
+#define TARGET_NR_fchownat 54
+#define TARGET_NR_fchown 55
+#define TARGET_NR_openat 56
+#define TARGET_NR_close 57
+#define TARGET_NR_vhangup 58
+#define 

[RFC PATCH v4 19/29] Hexagon (target/hexagon) generator phase 3 - C preprocessor for decode tree

[Taylor Simpson]

Run the C preprocessor across the instruction definition and encoding
files to expand macros and prepare the iset.py file.  The resulting
fill contains python data structures used to build the decode tree.

Signed-off-by: Taylor Simpson 
---
 target/hexagon/gen_dectree_import.c | 191 
 1 file changed, 191 insertions(+)
 create mode 100644 target/hexagon/gen_dectree_import.c

diff --git a/target/hexagon/gen_dectree_import.c 
b/target/hexagon/gen_dectree_import.c
new file mode 100644
index 000..237726e
--- /dev/null
+++ b/target/hexagon/gen_dectree_import.c
@@ -0,0 +1,191 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+/*
+ * This program generates the encodings file that is processed by
+ * the dectree.py script to produce the decoding tree.  We use the C
+ * preprocessor to manipulate the files imported from the Hexagon
+ * architecture library.
+ */
+#include "qemu/osdep.h"
+#include "opcodes.h"
+
+#define STRINGIZE(X)#X
+
+const char *opcode_names[] = {
+#define OPCODE(IID) STRINGIZE(IID)
+#include "opcodes_def_generated.h"
+NULL
+#undef OPCODE
+};
+
+const char *opcode_syntax[XX_LAST_OPCODE];
+
+/*
+ * Process the instruction definitions
+ * Scalar core instructions have the following form
+ * Q6INSN(A2_add,"Rd32=add(Rs32,Rt32)",ATTRIBS(),
+ * "Add 32-bit registers",
+ * { RdV=RsV+RtV;})
+ */
+void opcode_init(void)
+{
+#define Q6INSN(TAG, BEH, ATTRIBS, DESCR, SEM) \
+   opcode_syntax[TAG] = BEH;
+#define EXTINSN(TAG, BEH, ATTRIBS, DESCR, SEM) \
+   opcode_syntax[TAG] = BEH;
+#include "imported/allidefs.def"
+#undef Q6INSN
+#undef EXTINSN
+}
+
+const char *opcode_rregs[] = {
+#define REGINFO(TAG, REGINFO, RREGS, WREGS) RREGS,
+#define IMMINFO(TAG, SIGN, SIZE, SHAMT, SIGN2, SIZE2, SHAMT2)  /* nothing */
+#include "op_regs_generated.h"
+NULL
+#undef REGINFO
+#undef IMMINFO
+};
+
+const char *opcode_wregs[] = {
+#define REGINFO(TAG, REGINFO, RREGS, WREGS) WREGS,
+#define IMMINFO(TAG, SIGN, SIZE, SHAMT, SIGN2, SIZE2, SHAMT2)  /* nothing */
+#include "op_regs_generated.h"
+NULL
+#undef REGINFO
+#undef IMMINFO
+};
+
+opcode_encoding_t opcode_encodings[] = {
+#define DEF_ENC32(TAG, ENCSTR) \
+[TAG] = { .encoding = ENCSTR },
+#define DEF_ENC_SUBINSN(TAG, CLASS, ENCSTR) \
+[TAG] = { .encoding = ENCSTR, .enc_class = CLASS },
+#define DEF_EXT_ENC(TAG, CLASS, ENCSTR) \
+[TAG] = { .encoding = ENCSTR, .enc_class = CLASS },
+#include "imported/encode.def"
+#undef DEF_ENC32
+#undef DEF_ENC_SUBINSN
+#undef DEF_EXT_ENC
+};
+
+static const char * const opcode_enc_class_names[XX_LAST_ENC_CLASS] = {
+"NORMAL",
+"16BIT",
+"SUBINSN_A",
+"SUBINSN_L1",
+"SUBINSN_L2",
+"SUBINSN_S1",
+"SUBINSN_S2",
+"EXT_noext",
+"EXT_mmvec",
+};
+
+static const char *get_opcode_enc(int opcode)
+{
+const char *tmp = opcode_encodings[opcode].encoding;
+if (tmp == NULL) {
+tmp = "MISSING ENCODING";
+}
+return tmp;
+}
+
+static const char *get_opcode_enc_class(int opcode)
+{
+return opcode_enc_class_names[opcode_encodings[opcode].enc_class];
+}
+
+static void gen_iset_table(FILE *out)
+{
+int i;
+
+fprintf(out, "iset = {\n");
+for (i = 0; i < XX_LAST_OPCODE; i++) {
+fprintf(out, "\t\'%s\' : {\n", opcode_names[i]);
+fprintf(out, "\t\t\'tag\' : \'%s\',\n", opcode_names[i]);
+fprintf(out, "\t\t\'syntax\' : \'%s\',\n", opcode_syntax[i]);
+fprintf(out, "\t\t\'rregs\' : \'%s\',\n", opcode_rregs[i]);
+fprintf(out, "\t\t\'wregs\' : \'%s\',\n", opcode_wregs[i]);
+fprintf(out, "\t\t\'enc\' : \'%s\',\n", get_opcode_enc(i));
+fprintf(out, "\t\t\'enc_class\' : \'%s\',\n", get_opcode_enc_class(i));
+fprintf(out, "\t},\n");
+}
+fprintf(out, "};\n\n");
+}
+
+static void gen_tags_list(FILE *out)
+{
+int i;
+
+fprintf(out, "tags = [\n");
+for (i = 0; i < XX_LAST_OPCODE; i++) {
+fprintf(out, "\t\'%s\',\n", opcode_names[i]);
+}
+fprintf(out, "];\n\n");
+}
+
+static void gen_enc_ext_spaces_table(FILE *out)
+{
+fprintf(out, "enc_ext_spaces = {\n");
+#define DEF_EXT_SPACE(SPACEID, ENCSTR) \
+fprintf(out, "\t\'%s\' : \'%s\',\n", #SPACEID, ENCSTR);
+#include "imported/encode.def"
+#undef 

Re: [PATCH v2 3/8] qemu/bswap: Replace bswapXXs() by compiler __builtin_bswap()

[Thomas Huth]

On 28/09/2020 15.19, Philippe Mathieu-Daudé wrote:
> Reviewed-by: Richard Henderson 
> Signed-off-by: Philippe Mathieu-Daudé 
> ---
>  include/qemu/bswap.h | 16 +---
>  1 file changed, 9 insertions(+), 7 deletions(-)
> 
> diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
> index 41131d3d76e..fed967a 100644
> --- a/include/qemu/bswap.h
> +++ b/include/qemu/bswap.h
> @@ -38,29 +38,31 @@ static inline uint64_t bswap64(uint64_t x)
>  
>  static inline void bswap16s(uint16_t *s)
>  {
> -*s = bswap16(*s);
> +*s = __builtin_bswap16(*s);
>  }
>  
>  static inline void bswap32s(uint32_t *s)
>  {
> -*s = bswap32(*s);
> +*s = __builtin_bswap32(*s);
>  }
>  
>  static inline void bswap64s(uint64_t *s)
>  {
> -*s = bswap64(*s);
> +*s = __builtin_bswap64(*s);
>  }
>  
>  #if defined(HOST_WORDS_BIGENDIAN)
>  #define be_bswap(v, size) (v)
> -#define le_bswap(v, size) glue(bswap, size)(v)
> +#define le_bswap(v, size) glue(__builtin_bswap, size)(v)
>  #define be_bswaps(v, size)
> -#define le_bswaps(p, size) do { *p = glue(bswap, size)(*p); } while(0)
> +#define le_bswaps(p, size) \
> +do { *p = glue(__builtin_bswap, size)(*p); } while (0)
>  #else
>  #define le_bswap(v, size) (v)
> -#define be_bswap(v, size) glue(bswap, size)(v)
> +#define be_bswap(v, size) glue(__builtin_bswap, size)(v)
>  #define le_bswaps(v, size)
> -#define be_bswaps(p, size) do { *p = glue(bswap, size)(*p); } while(0)
> +#define be_bswaps(p, size) \
> +do { *p = glue(__builtin_bswap, size)(*p); } while (0)
>  #endif

What's the advantage of the renaming here if bswap is already #defined
to the builtin function (or another useful function from a system
header)? This just looks like code churn to me?

 Thomas

[RFC PATCH v4 17/29] Hexagon (target/hexagon) generator phase 1 - C preprocessor for semantics

[Taylor Simpson]

Run the C preprocessor across the instruction definition files and macro
definitoin file to expand macros and prepare the semantics_generated.pyinc
file.  The resulting file contains one entry with the semantics for each
instruction and one line with the instruction attributes associated with
each macro.

Signed-off-by: Taylor Simpson 
---
 target/hexagon/gen_semantics.c | 88 ++
 1 file changed, 88 insertions(+)
 create mode 100644 target/hexagon/gen_semantics.c

diff --git a/target/hexagon/gen_semantics.c b/target/hexagon/gen_semantics.c
new file mode 100644
index 000..1b198cb
--- /dev/null
+++ b/target/hexagon/gen_semantics.c
@@ -0,0 +1,88 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+/*
+ * This program generates the semantics file that is processed by
+ * the do_qemu.py script.  We use the C preporcessor to manipulate the
+ * files imported from the Hexagon architecture library.
+ */
+
+#include 
+#define STRINGIZE(X) #X
+
+int main(int argc, char *argv[])
+{
+FILE *outfile;
+
+if (argc != 2) {
+fprintf(stderr, "Usage: gen_semantics ouptputfile\n");
+return -1;
+}
+outfile = fopen(argv[1], "w");
+if (outfile == NULL) {
+fprintf(stderr, "Cannot open %s for writing\n", argv[1]);
+return -1;
+}
+
+/*
+ * Process the instruction definitions
+ * Scalar core instructions have the following form
+ * Q6INSN(A2_add,"Rd32=add(Rs32,Rt32)",ATTRIBS(),
+ * "Add 32-bit registers",
+ * { RdV=RsV+RtV;})
+ */
+#define Q6INSN(TAG, BEH, ATTRIBS, DESCR, SEM) \
+do { \
+fprintf(outfile, "SEMANTICS( \\\n" \
+ "\"%s\", \\\n" \
+ "%s, \\\n" \
+ "\"\"\"%s\"\"\" \\\n" \
+ ")\n", \
+#TAG, STRINGIZE(BEH), STRINGIZE(SEM)); \
+fprintf(outfile, "ATTRIBUTES( \\\n" \
+ "\"%s\", \\\n" \
+ "\"%s\" \\\n" \
+ ")\n", \
+#TAG, STRINGIZE(ATTRIBS)); \
+} while (0);
+#include "imported/allidefs.def"
+#undef Q6INSN
+
+/*
+ * Process the macro definitions
+ * Macros definitions have the following form
+ * DEF_MACRO(
+ * fLSBNEW0,
+ * predlog_read(thread,0),
+ * ()
+ * )
+ * The important part here is the attributes.  Whenever an instruction
+ * invokes a macro, we add the macro's attributes to the instruction.
+ */
+#define DEF_MACRO(MNAME, BEH, ATTRS) \
+fprintf(outfile, "MACROATTRIB( \\\n" \
+ "\"%s\", \\\n" \
+ "\"\"\"%s\"\"\", \\\n" \
+ "\"%s\" \\\n" \
+ ")\n", \
+#MNAME, STRINGIZE(BEH), STRINGIZE(ATTRS));
+#include "imported/macros.def"
+#undef DEF_MACRO
+
+fclose(outfile);
+return 0;
+}
-- 
2.7.4

[RFC PATCH v4 26/29] Hexagon (target/hexagon) translation

[Taylor Simpson]

Read the instruction memory
Create a packet data structure
Generate TCG code for the start of the packet
Invoke the generate function for each instruction
Generate TCG code for the end of the packet

Signed-off-by: Taylor Simpson 
---
 target/hexagon/translate.h |  89 ++
 target/hexagon/translate.c | 678 +
 2 files changed, 767 insertions(+)
 create mode 100644 target/hexagon/translate.h
 create mode 100644 target/hexagon/translate.c

diff --git a/target/hexagon/translate.h b/target/hexagon/translate.h
new file mode 100644
index 000..1c46e84
--- /dev/null
+++ b/target/hexagon/translate.h
@@ -0,0 +1,89 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_TRANSLATE_H
+#define HEXAGON_TRANSLATE_H
+
+#include "cpu.h"
+#include "exec/translator.h"
+#include "tcg/tcg-op.h"
+#include "internal.h"
+
+typedef struct DisasContext {
+DisasContextBase base;
+uint32_t mem_idx;
+int reg_log[REG_WRITES_MAX];
+int reg_log_idx;
+int preg_log[PRED_WRITES_MAX];
+int preg_log_idx;
+uint8_t store_width[STORES_MAX];
+} DisasContext;
+
+static inline void ctx_log_reg_write(DisasContext *ctx, int rnum)
+{
+#if HEX_DEBUG
+int i;
+for (i = 0; i < ctx->reg_log_idx; i++) {
+if (ctx->reg_log[i] == rnum) {
+HEX_DEBUG_LOG("WARNING: Multiple writes to r%d\n", rnum);
+}
+}
+#endif
+ctx->reg_log[ctx->reg_log_idx] = rnum;
+ctx->reg_log_idx++;
+}
+
+static inline void ctx_log_pred_write(DisasContext *ctx, int pnum)
+{
+ctx->preg_log[ctx->preg_log_idx] = pnum;
+ctx->preg_log_idx++;
+}
+
+static inline bool is_preloaded(DisasContext *ctx, int num)
+{
+int i;
+for (i = 0; i < ctx->reg_log_idx; i++) {
+if (ctx->reg_log[i] == num) {
+return true;
+}
+}
+return false;
+}
+
+extern TCGv hex_gpr[TOTAL_PER_THREAD_REGS];
+extern TCGv hex_pred[NUM_PREGS];
+extern TCGv hex_next_PC;
+extern TCGv hex_this_PC;
+extern TCGv hex_slot_cancelled;
+extern TCGv hex_branch_taken;
+extern TCGv hex_new_value[TOTAL_PER_THREAD_REGS];
+extern TCGv hex_reg_written[TOTAL_PER_THREAD_REGS];
+extern TCGv hex_new_pred_value[NUM_PREGS];
+extern TCGv hex_pred_written;
+extern TCGv hex_store_addr[STORES_MAX];
+extern TCGv hex_store_width[STORES_MAX];
+extern TCGv hex_store_val32[STORES_MAX];
+extern TCGv_i64 hex_store_val64[STORES_MAX];
+extern TCGv hex_dczero_addr;
+extern TCGv hex_llsc_addr;
+extern TCGv hex_llsc_val;
+extern TCGv_i64 hex_llsc_val_i64;
+
+extern void gen_exception(int excp);
+extern void gen_exception_debug(void);
+
+#endif
diff --git a/target/hexagon/translate.c b/target/hexagon/translate.c
new file mode 100644
index 000..704a234
--- /dev/null
+++ b/target/hexagon/translate.c
@@ -0,0 +1,678 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#define QEMU_GENERATE
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "tcg/tcg-op.h"
+#include "exec/cpu_ldst.h"
+#include "exec/log.h"
+#include "internal.h"
+#include "attribs.h"
+#include "insn.h"
+#include "decode.h"
+#include "translate.h"
+#include "printinsn.h"
+
+TCGv hex_gpr[TOTAL_PER_THREAD_REGS];
+TCGv hex_pred[NUM_PREGS];
+TCGv hex_next_PC;
+TCGv hex_this_PC;
+TCGv hex_slot_cancelled;
+TCGv hex_branch_taken;
+TCGv hex_new_value[TOTAL_PER_THREAD_REGS];
+#if HEX_DEBUG
+TCGv hex_reg_written[TOTAL_PER_THREAD_REGS];
+#endif
+TCGv hex_new_pred_value[NUM_PREGS];
+TCGv hex_pred_written;
+TCGv hex_store_addr[STORES_MAX];
+TCGv hex_store_width[STORES_MAX];
+TCGv hex_store_val32[STORES_MAX];
+TCGv_i64 

[RFC PATCH v4 09/29] Hexagon (target/hexagon) architecture types

[Taylor Simpson]

Define types used in files imported from the Hexagon architecture library

Signed-off-by: Taylor Simpson 
---
 target/hexagon/hex_arch_types.h | 43 +
 1 file changed, 43 insertions(+)
 create mode 100644 target/hexagon/hex_arch_types.h

diff --git a/target/hexagon/hex_arch_types.h b/target/hexagon/hex_arch_types.h
new file mode 100644
index 000..d9c308b
--- /dev/null
+++ b/target/hexagon/hex_arch_types.h
@@ -0,0 +1,43 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_ARCH_TYPES_H
+#define HEXAGON_ARCH_TYPES_H
+
+#include "qemu/osdep.h"
+
+/*
+ * These types are used by the code generated from the Hexagon
+ * architecture library.
+ */
+typedef uint8_t size1u_t;
+typedef int8_t  size1s_t;
+typedef uint16_tsize2u_t;
+typedef int16_t size2s_t;
+typedef uint32_tsize4u_t;
+typedef int32_t size4s_t;
+typedef uint64_tsize8u_t;
+typedef int64_t size8s_t;
+typedef uint64_tpaddr_t;
+typedef uint32_tvaddr_t;
+
+typedef struct {
+int64_t hi;
+uint64_t lo;
+} size16s_t;
+
+#endif
-- 
2.7.4

[RFC PATCH v4 10/29] Hexagon (target/hexagon) instruction and packet types

[Taylor Simpson]

The insn_t and packet_t are the interface between instruction decoding and
TCG code generation

Signed-off-by: Taylor Simpson 
---
 target/hexagon/insn.h | 74 +++
 1 file changed, 74 insertions(+)
 create mode 100644 target/hexagon/insn.h

diff --git a/target/hexagon/insn.h b/target/hexagon/insn.h
new file mode 100644
index 000..087cc6e
--- /dev/null
+++ b/target/hexagon/insn.h
@@ -0,0 +1,74 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_INSN_H
+#define HEXAGON_INSN_H
+
+#include "cpu.h"
+
+#define INSTRUCTIONS_MAX 7/* 2 pairs + loopend */
+#define REG_OPERANDS_MAX 5
+#define IMMEDS_MAX 2
+
+struct Instruction;
+struct Packet;
+struct DisasContext;
+
+typedef void (*semantic_insn_t)(CPUHexagonState *env,
+struct DisasContext *ctx,
+struct Instruction *insn,
+struct Packet *pkt);
+
+struct Instruction {
+semantic_insn_t generate;/* pointer to genptr routine */
+uint8_t regno[REG_OPERANDS_MAX];/* reg operands including predicates */
+uint16_t opcode;
+
+uint32_t iclass:6;
+uint32_t slot:3;
+uint32_t part1:1;/*
+  * cmp-jumps are split into two insns.
+  * set for the compare and clear for the jump
+  */
+uint32_t extension_valid:1;   /* Has a constant extender attached */
+uint32_t which_extended:1;/* If has an extender, which immediate */
+uint32_t is_endloop:1;   /* This is an end of loop */
+uint32_t new_value_producer_slot:4;
+int32_t immed[IMMEDS_MAX];/* immediate field */
+};
+
+typedef struct Instruction insn_t;
+
+struct Packet {
+uint16_t num_insns;
+uint16_t encod_pkt_size_in_bytes;
+
+/* Pre-decodes about COF */
+uint32_t pkt_has_cof:1;  /* Has any change-of-flow */
+uint32_t pkt_has_endloop:1;
+
+uint32_t pkt_has_dczeroa:1;
+
+uint32_t pkt_has_store_s0:1;
+uint32_t pkt_has_store_s1:1;
+
+insn_t insn[INSTRUCTIONS_MAX];
+};
+
+typedef struct Packet packet_t;
+
+#endif
-- 
2.7.4

[RFC PATCH v4 12/29] Hexagon (target/hexagon) instruction attributes

[Taylor Simpson]

Signed-off-by: Taylor Simpson 
---
 target/hexagon/attribs.h | 32 +++
 target/hexagon/attribs_def.h | 98 
 2 files changed, 130 insertions(+)
 create mode 100644 target/hexagon/attribs.h
 create mode 100644 target/hexagon/attribs_def.h

diff --git a/target/hexagon/attribs.h b/target/hexagon/attribs.h
new file mode 100644
index 000..d35af0c
--- /dev/null
+++ b/target/hexagon/attribs.h
@@ -0,0 +1,32 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_ATTRIBS_H
+#define HEXAGON_ATTRIBS_H
+
+enum {
+#define DEF_ATTRIB(NAME, ...) A_##NAME,
+#include "attribs_def.h"
+#undef DEF_ATTRIB
+};
+
+#define ATTRIB_WIDTH 32
+#define GET_ATTRIB(opcode, attrib) \
+(((opcode_attribs[opcode][attrib / ATTRIB_WIDTH])\
+>> (attrib % ATTRIB_WIDTH)) & 0x1)
+
+#endif /* ATTRIBS_H */
diff --git a/target/hexagon/attribs_def.h b/target/hexagon/attribs_def.h
new file mode 100644
index 000..d024176
--- /dev/null
+++ b/target/hexagon/attribs_def.h
@@ -0,0 +1,98 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+/* Keep this as the first attribute: */
+DEF_ATTRIB(AA_DUMMY, "Dummy Zeroth Attribute", "", "")
+
+/* Misc */
+DEF_ATTRIB(EXTENSION, "Extension instruction", "", "")
+
+DEF_ATTRIB(PRIV, "Not available in user or guest mode", "", "")
+DEF_ATTRIB(GUEST, "Not available in user mode", "", "")
+
+DEF_ATTRIB(FPOP, "Floating Point Operation", "", "")
+
+DEF_ATTRIB(EXTENDABLE, "Immediate may be extended", "", "")
+
+DEF_ATTRIB(ARCHV2, "V2 architecture", "", "")
+DEF_ATTRIB(ARCHV3, "V3 architecture", "", "")
+DEF_ATTRIB(ARCHV4, "V4 architecture", "", "")
+DEF_ATTRIB(ARCHV5, "V5 architecture", "", "")
+
+DEF_ATTRIB(SUBINSN, "sub-instruction", "", "")
+
+/* Load and Store attributes */
+DEF_ATTRIB(LOAD, "Loads from memory", "", "")
+DEF_ATTRIB(STORE, "Stores to memory", "", "")
+DEF_ATTRIB(MEMLIKE, "Memory-like instruction", "", "")
+DEF_ATTRIB(MEMLIKE_PACKET_RULES, "follows Memory-like packet rules", "", "")
+
+
+/* Change-of-flow attributes */
+DEF_ATTRIB(JUMP, "Jump-type instruction", "", "")
+DEF_ATTRIB(INDIRECT, "Absolute register jump", "", "")
+DEF_ATTRIB(CALL, "Function call instruction", "", "")
+DEF_ATTRIB(COF, "Change-of-flow instruction", "", "")
+DEF_ATTRIB(CONDEXEC, "May be cancelled by a predicate", "", "")
+DEF_ATTRIB(DOTNEWVALUE, "Uses a register value generated in this pkt", "", "")
+DEF_ATTRIB(NEWCMPJUMP, "Compound compare and jump", "", "")
+
+/* access to implicit registers */
+DEF_ATTRIB(IMPLICIT_WRITES_LR, "Writes the link register", "", "UREG.LR")
+DEF_ATTRIB(IMPLICIT_WRITES_PC, "Writes the program counter", "", "UREG.PC")
+DEF_ATTRIB(IMPLICIT_WRITES_SP, "Writes the stack pointer", "", "UREG.SP")
+DEF_ATTRIB(IMPLICIT_WRITES_FP, "Writes the frame pointer", "", "UREG.FP")
+DEF_ATTRIB(IMPLICIT_WRITES_GP, "Writes the GP register", "", "UREG.GP")
+DEF_ATTRIB(IMPLICIT_WRITES_LC0, "Writes loop count for loop 0", "", "UREG.LC0")
+DEF_ATTRIB(IMPLICIT_WRITES_LC1, "Writes loop count for loop 1", "", "UREG.LC1")
+DEF_ATTRIB(IMPLICIT_WRITES_SA0, "Writes start addr for loop 0", "", "UREG.SA0")
+DEF_ATTRIB(IMPLICIT_WRITES_SA1, "Writes start addr for loop 1", "", "UREG.SA1")
+DEF_ATTRIB(IMPLICIT_WRITES_P0, "Writes Predicate 0", "", "UREG.P0")
+DEF_ATTRIB(IMPLICIT_WRITES_P1, "Writes Predicate 1", "", "UREG.P1")
+DEF_ATTRIB(IMPLICIT_WRITES_P2, "Writes Predicate 1", "", "UREG.P2")
+DEF_ATTRIB(IMPLICIT_WRITES_P3, "May write Predicate 3", "", "UREG.P3")
+
+DEF_ATTRIB(CRSLOT23, "Can execute in slot 2 or slot 3 (CR)", "", "")

[RFC PATCH v4 11/29] Hexagon (target/hexagon) register fields

[Taylor Simpson]

Declare bitfields within registers such as user status register (USR)

Signed-off-by: Taylor Simpson 
---
 target/hexagon/reg_fields.h | 36 
 target/hexagon/reg_fields_def.h | 41 +
 target/hexagon/reg_fields.c | 28 
 3 files changed, 105 insertions(+)
 create mode 100644 target/hexagon/reg_fields.h
 create mode 100644 target/hexagon/reg_fields_def.h
 create mode 100644 target/hexagon/reg_fields.c

diff --git a/target/hexagon/reg_fields.h b/target/hexagon/reg_fields.h
new file mode 100644
index 000..706c3e9
--- /dev/null
+++ b/target/hexagon/reg_fields.h
@@ -0,0 +1,36 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_REG_FIELDS_H
+#define HEXAGON_REG_FIELDS_H
+
+typedef struct {
+int offset;
+int width;
+} reg_field_t;
+
+extern const reg_field_t reg_field_info[];
+
+enum {
+#define DEF_REG_FIELD(TAG, START, WIDTH) \
+TAG,
+#include "reg_fields_def.h"
+NUM_REG_FIELDS
+#undef DEF_REG_FIELD
+};
+
+#endif
diff --git a/target/hexagon/reg_fields_def.h b/target/hexagon/reg_fields_def.h
new file mode 100644
index 000..27b2231
--- /dev/null
+++ b/target/hexagon/reg_fields_def.h
@@ -0,0 +1,41 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+/*
+ * For registers that have individual fields, explain them here
+ *   DEF_REG_FIELD(tag,
+ * bit start offset,
+ * width
+ */
+
+/* USR fields */
+DEF_REG_FIELD(USR_OVF,0, 1)
+DEF_REG_FIELD(USR_FPINVF, 1, 1)
+DEF_REG_FIELD(USR_FPDBZF, 2, 1)
+DEF_REG_FIELD(USR_FPOVFF, 3, 1)
+DEF_REG_FIELD(USR_FPUNFF, 4, 1)
+DEF_REG_FIELD(USR_FPINPF, 5, 1)
+
+DEF_REG_FIELD(USR_LPCFG,  8, 2)
+
+DEF_REG_FIELD(USR_FPRND, 22, 2)
+
+DEF_REG_FIELD(USR_FPINVE,25, 1)
+DEF_REG_FIELD(USR_FPDBZE,26, 1)
+DEF_REG_FIELD(USR_FPOVFE,27, 1)
+DEF_REG_FIELD(USR_FPUNFE,28, 1)
+DEF_REG_FIELD(USR_FPINPE,29, 1)
diff --git a/target/hexagon/reg_fields.c b/target/hexagon/reg_fields.c
new file mode 100644
index 000..8e6a188
--- /dev/null
+++ b/target/hexagon/reg_fields.c
@@ -0,0 +1,28 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "reg_fields.h"
+
+const reg_field_t reg_field_info[] = {
+#define DEF_REG_FIELD(TAG, START, WIDTH)\
+  { START, WIDTH },
+#include "reg_fields_def.h"
+  { 0, 0 }
+#undef DEF_REG_FIELD
+};
+
-- 
2.7.4

[RFC PATCH v4 15/29] Hexagon (target/hexagon) utility functions

[Taylor Simpson]

Utility functions called by various instructions

Signed-off-by: Taylor Simpson 
---
 target/hexagon/arch.h |  42 +++
 target/hexagon/conv_emu.h |  50 +++
 target/hexagon/fma_emu.h  |  27 ++
 target/hexagon/arch.c | 354 +
 target/hexagon/conv_emu.c | 369 ++
 target/hexagon/fma_emu.c  | 777 ++
 6 files changed, 1619 insertions(+)
 create mode 100644 target/hexagon/arch.h
 create mode 100644 target/hexagon/conv_emu.h
 create mode 100644 target/hexagon/fma_emu.h
 create mode 100644 target/hexagon/arch.c
 create mode 100644 target/hexagon/conv_emu.c
 create mode 100644 target/hexagon/fma_emu.c

diff --git a/target/hexagon/arch.h b/target/hexagon/arch.h
new file mode 100644
index 000..82644ac
--- /dev/null
+++ b/target/hexagon/arch.h
@@ -0,0 +1,42 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_ARCH_H
+#define HEXAGON_ARCH_H
+
+#include "cpu.h"
+#include "hex_arch_types.h"
+
+extern uint64_t interleave(uint32_t odd, uint32_t even);
+extern uint64_t deinterleave(uint64_t src);
+extern uint32_t carry_from_add64(uint64_t a, uint64_t b, uint32_t c);
+extern int32_t conv_round(int32_t a, int n);
+extern size16s_t cast8s_to_16s(int64_t a);
+extern int64_t cast16s_to_8s(size16s_t a);
+extern size16s_t add128(size16s_t a, size16s_t b);
+extern size16s_t sub128(size16s_t a, size16s_t b);
+extern size16s_t shiftr128(size16s_t a, uint32_t n);
+extern size16s_t shiftl128(size16s_t a, uint32_t n);
+extern size16s_t and128(size16s_t a, size16s_t b);
+extern void arch_fpop_start(CPUHexagonState *env);
+extern void arch_fpop_end(CPUHexagonState *env);
+extern void arch_raise_fpflag(unsigned int flags);
+extern int arch_sf_recip_common(int32_t *Rs, int32_t *Rt, int32_t *Rd,
+int *adjust);
+extern int arch_sf_invsqrt_common(int32_t *Rs, int32_t *Rd, int *adjust);
+
+#endif
diff --git a/target/hexagon/conv_emu.h b/target/hexagon/conv_emu.h
new file mode 100644
index 000..e713a12
--- /dev/null
+++ b/target/hexagon/conv_emu.h
@@ -0,0 +1,50 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_CONV_EMU_H
+#define HEXAGON_CONV_EMU_H
+
+#include "hex_arch_types.h"
+
+extern uint64_t conv_sf_to_8u(float in);
+extern uint32_t conv_sf_to_4u(float in);
+extern int64_t conv_sf_to_8s(float in);
+extern int32_t conv_sf_to_4s(float in);
+
+extern uint64_t conv_df_to_8u(double in);
+extern uint32_t conv_df_to_4u(double in);
+extern int64_t conv_df_to_8s(double in);
+extern int32_t conv_df_to_4s(double in);
+
+extern double conv_8u_to_df(uint64_t in);
+extern double conv_4u_to_df(uint32_t in);
+extern double conv_8s_to_df(int64_t in);
+extern double conv_4s_to_df(int32_t in);
+
+extern float conv_8u_to_sf(uint64_t in);
+extern float conv_4u_to_sf(uint32_t in);
+extern float conv_8s_to_sf(int64_t in);
+extern float conv_4s_to_sf(int32_t in);
+
+extern float conv_df_to_sf(double in);
+
+static inline double conv_sf_to_df(float in)
+{
+return in;
+}
+
+#endif
diff --git a/target/hexagon/fma_emu.h b/target/hexagon/fma_emu.h
new file mode 100644
index 000..181b1f6
--- /dev/null
+++ b/target/hexagon/fma_emu.h
@@ -0,0 +1,27 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ 

[RFC PATCH v4 23/29] Hexagon (target/hexagon) instruction classes

[Taylor Simpson]

Determine legal VLIW slots for each instruction

Signed-off-by: Taylor Simpson 
---
 target/hexagon/iclass.h| 40 +++
 target/hexagon/iclass.c| 80 ++
 target/hexagon/imported/iclass.def | 52 +
 3 files changed, 172 insertions(+)
 create mode 100644 target/hexagon/iclass.h
 create mode 100644 target/hexagon/iclass.c
 create mode 100644 target/hexagon/imported/iclass.def

diff --git a/target/hexagon/iclass.h b/target/hexagon/iclass.h
new file mode 100644
index 000..148
--- /dev/null
+++ b/target/hexagon/iclass.h
@@ -0,0 +1,40 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#ifndef HEXAGON_ICLASS_H
+#define HEXAGON_ICLASS_H
+
+#include "opcodes.h"
+
+#define ICLASS_FROM_TYPE(TYPE) ICLASS_##TYPE
+
+enum {
+
+#define DEF_PP_ICLASS32(TYPE, SLOTS, UNITS)ICLASS_FROM_TYPE(TYPE),
+#define DEF_EE_ICLASS32(TYPE, SLOTS, UNITS)ICLASS_FROM_TYPE(TYPE),
+#include "imported/iclass.def"
+#undef DEF_PP_ICLASS32
+#undef DEF_EE_ICLASS32
+
+ICLASS_FROM_TYPE(COPROC_VX),
+ICLASS_FROM_TYPE(COPROC_VMEM),
+NUM_ICLASSES
+};
+
+extern const char *find_iclass_slots(opcode_t opcode, int itype);
+
+#endif
diff --git a/target/hexagon/iclass.c b/target/hexagon/iclass.c
new file mode 100644
index 000..2f138a8
--- /dev/null
+++ b/target/hexagon/iclass.c
@@ -0,0 +1,80 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "iclass.h"
+
+typedef struct {
+const char * const slots;
+} iclass_info_t;
+
+static const iclass_info_t iclass_info[] = {
+
+#define DEF_PP_ICLASS32(TYPE, SLOTS, UNITS) \
+[ICLASS_FROM_TYPE(TYPE)] = { .slots = #SLOTS },
+#define DEF_EE_ICLASS32(TYPE, SLOTS, UNITS) \
+[ICLASS_FROM_TYPE(TYPE)] = { .slots = #SLOTS },
+#include "imported/iclass.def"
+#undef DEF_PP_ICLASS32
+#undef DEF_EE_ICLASS32
+
+{0}
+};
+
+const char *find_iclass_slots(opcode_t opcode, int itype)
+{
+/* There are some exceptions to what the iclass dictates */
+if (GET_ATTRIB(opcode, A_ICOP)) {
+return "2";
+} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT0ONLY)) {
+return "0";
+} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT1ONLY)) {
+return "1";
+} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT2ONLY)) {
+return "2";
+} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT3ONLY)) {
+return "3";
+} else if (GET_ATTRIB(opcode, A_COF) &&
+   GET_ATTRIB(opcode, A_INDIRECT) &&
+   !GET_ATTRIB(opcode, A_MEMLIKE) &&
+   !GET_ATTRIB(opcode, A_MEMLIKE_PACKET_RULES)) {
+return "2";
+} else if (GET_ATTRIB(opcode, A_RESTRICT_NOSLOT1)) {
+return "0";
+} else if ((opcode == J2_trap0) ||
+   (opcode == Y2_isync) ||
+   (opcode == J4_hintjumpr)) {
+return "2";
+} else if ((itype == ICLASS_V2LDST) && (GET_ATTRIB(opcode, A_STORE))) {
+return "01";
+} else if ((itype == ICLASS_V2LDST) && (!GET_ATTRIB(opcode, A_STORE))) {
+return "01";
+} else if (GET_ATTRIB(opcode, A_CRSLOT23)) {
+return "23";
+} else if (GET_ATTRIB(opcode, A_RESTRICT_PREFERSLOT0)) {
+return "0";
+} else if (GET_ATTRIB(opcode, A_SUBINSN)) {
+return "01";
+} else if (GET_ATTRIB(opcode, A_CALL)) {
+return "23";
+} else if ((opcode == J4_jumpseti) || (opcode == J4_jumpsetr)) {
+return "23";
+} else {
+return iclass_info[itype].slots;
+}
+}
+
diff --git a/target/hexagon/imported/iclass.def 

[RFC PATCH v4 07/29] Hexagon (target/hexagon) scalar core helpers

[Taylor Simpson]

The majority of helpers are generated.  Define the helper functions needed
then include the generated file

Signed-off-by: Taylor Simpson 
---
 target/hexagon/helper.h|  31 
 target/hexagon/op_helper.c | 381 +
 2 files changed, 412 insertions(+)
 create mode 100644 target/hexagon/helper.h
 create mode 100644 target/hexagon/op_helper.c

diff --git a/target/hexagon/helper.h b/target/hexagon/helper.h
new file mode 100644
index 000..bad7321
--- /dev/null
+++ b/target/hexagon/helper.h
@@ -0,0 +1,31 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+DEF_HELPER_2(raise_exception, noreturn, env, i32)
+DEF_HELPER_1(debug_start_packet, void, env)
+DEF_HELPER_3(debug_check_store_width, void, env, int, int)
+DEF_HELPER_2(commit_store, void, env, int)
+DEF_HELPER_3(debug_commit_end, void, env, int, int)
+DEF_HELPER_3(merge_inflight_store1s, s32, env, s32, s32)
+DEF_HELPER_3(merge_inflight_store1u, s32, env, s32, s32)
+DEF_HELPER_3(merge_inflight_store2s, s32, env, s32, s32)
+DEF_HELPER_3(merge_inflight_store2u, s32, env, s32, s32)
+DEF_HELPER_3(merge_inflight_store4s, s32, env, s32, s32)
+DEF_HELPER_3(merge_inflight_store4u, s32, env, s32, s32)
+DEF_HELPER_3(merge_inflight_store8u, s64, env, s32, s64)
+
+#include "helper_protos_generated.h"
diff --git a/target/hexagon/op_helper.c b/target/hexagon/op_helper.c
new file mode 100644
index 000..4e62ff1
--- /dev/null
+++ b/target/hexagon/op_helper.c
@@ -0,0 +1,381 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#include 
+#include "qemu/osdep.h"
+#include "qemu.h"
+#include "exec/helper-proto.h"
+#include "cpu.h"
+#include "internal.h"
+#include "macros.h"
+#include "arch.h"
+#include "fma_emu.h"
+#include "conv_emu.h"
+
+/* Exceptions processing helpers */
+static void QEMU_NORETURN do_raise_exception_err(CPUHexagonState *env,
+ uint32_t exception,
+ uintptr_t pc)
+{
+CPUState *cs = CPU(hexagon_env_get_cpu(env));
+qemu_log_mask(CPU_LOG_INT, "%s: %d\n", __func__, exception);
+cs->exception_index = exception;
+cpu_loop_exit_restore(cs, pc);
+}
+
+void HELPER(raise_exception)(CPUHexagonState *env, uint32_t exception)
+{
+do_raise_exception_err(env, exception, 0);
+}
+
+static inline void log_reg_write(CPUHexagonState *env, int rnum,
+ target_ulong val, uint32_t slot)
+{
+HEX_DEBUG_LOG("log_reg_write[%d] = " TARGET_FMT_ld " (0x" TARGET_FMT_lx 
")",
+  rnum, val, val);
+if (env->slot_cancelled & (1 << slot)) {
+HEX_DEBUG_LOG(" CANCELLED");
+}
+if (val == env->gpr[rnum]) {
+HEX_DEBUG_LOG(" NO CHANGE");
+}
+HEX_DEBUG_LOG("\n");
+if (!(env->slot_cancelled & (1 << slot))) {
+env->new_value[rnum] = val;
+#if HEX_DEBUG
+/* Do this so HELPER(debug_commit_end) will know */
+env->reg_written[rnum] = 1;
+#endif
+}
+}
+
+static __attribute__((unused))
+inline void log_reg_write_pair(CPUHexagonState *env, int rnum,
+  int64_t val, uint32_t slot)
+{
+HEX_DEBUG_LOG("log_reg_write_pair[%d:%d] = %ld\n", rnum + 1, rnum, val);
+log_reg_write(env, rnum, val & 0x, slot);
+log_reg_write(env, rnum + 1, (val >> 32) & 0x, slot);
+}
+
+static inline void log_pred_write(CPUHexagonState *env, int pnum,
+  target_ulong val)
+{
+HEX_DEBUG_LOG("log_pred_write[%d] = " TARGET_FMT_ld
+  " (0x" 

[RFC PATCH v4 02/29] Hexagon (target/hexagon) README

[Taylor Simpson]

Gives an introduction and overview to the Hexagon target

Signed-off-by: Taylor Simpson 
---
 target/hexagon/README | 236 ++
 1 file changed, 236 insertions(+)
 create mode 100644 target/hexagon/README

diff --git a/target/hexagon/README b/target/hexagon/README
new file mode 100644
index 000..de2d1d9
--- /dev/null
+++ b/target/hexagon/README
@@ -0,0 +1,236 @@
+Hexagon is Qualcomm's very long instruction word (VLIW) digital signal
+processor(DSP).
+
+The following versions of the Hexagon core are supported
+Scalar core: v67
+
https://developer.qualcomm.com/downloads/qualcomm-hexagon-v67-programmer-s-reference-manual
+
+We presented an overview of the project at the 2019 KVM Forum.
+
https://kvmforum2019.sched.com/event/Tmwc/qemu-hexagon-automatic-translation-of-the-isa-manual-pseudcode-to-tiny-code-instructions-of-a-vliw-architecture-niccolo-izzo-revng-taylor-simpson-qualcomm-innovation-center
+
+*** Tour of the code ***
+
+The qemu-hexagon implementation is a combination of qemu and the Hexagon
+architecture library (aka archlib).  The three primary directories with
+Hexagon-specific code are
+
+qemu/target/hexagon
+This has all the instruction and packet semantics
+qemu/target/hexagon/imported
+These files are imported with very little modification from archlib
+*.idef  Instruction semantics definition
+macros.def  Mapping of macros to instruction attributes
+encode*.def Encoding patterns for each instruction
+iclass.def  Instruction class definitions used to determine
+legal VLIW slots for each instruction
+qemu/linux-user/hexagon
+Helpers for loading the ELF file and making Linux system calls,
+signals, etc
+
+We start with scripts that generate a bunch of include files.  This
+is a two step process.  The first step is to use the C preprocessor to expand
+macros inside the architecture definition files.  This is done in
+target/hexagon/gen_semantics.c.  This step produces
+/target/hexagon/semantics_generated.pyinc.
+That file is consumed by the following python scripts to produce the indicated
+header files in /target/hexagon
+gen_opcodes_def.py  -> opcodes_def_generated.h
+gen_op_regs.py  -> op_regs_generated.h
+gen_printinsn.py-> printinsn_generated.h
+gen_op_attribs.py   -> op_attribs_generated.h
+gen_helper_protos.py-> helper_protos_generated.h
+gen_shortcode.py-> shortcode_generated.h
+gen_tcg_funcs.py-> tcg_funcs_generated.h
+gen_tcg_func_table.py   -> tcg_func_table_generated.h
+gen_helper_funcs.py -> helper_funcs_generated.h
+
+Qemu helper functions have 3 parts
+DEF_HELPER declaration indicates the signature of the helper
+gen_helper_ will generate a TCG call to the helper function
+The helper implementation
+
+Here's an example of the A2_add instruction.
+Instruction tagA2_add
+Assembly syntax"Rd32=add(Rs32,Rt32)"
+Instruction semantics  "{ RdV=RsV+RtV;}"
+
+By convention, the operands are identified by letter
+RdV is the destination register
+RsV, RtV are source registers
+
+The generator uses the operand naming conventions (see large comment in
+hex_common.py) to determine the signature of the helper function.  Here are the
+results for A2_add
+
+helper_protos_generated.h
+DEF_HELPER_3(A2_add, s32, env, s32, s32)
+
+tcg_funcs_generated.h
+static void generate_A2_add(
+CPUHexagonState *env,
+DisasContext *ctx,
+insn_t *insn,
+packet_t *pkt)
+{
+TCGv RdV = tcg_temp_local_new();
+const int RdN = insn->regno[0];
+TCGv RsV = hex_gpr[insn->regno[1]];
+TCGv RtV = hex_gpr[insn->regno[2]];
+gen_helper_A2_add(RdV, cpu_env, RsV, RtV);
+gen_log_reg_write(RdN, RdV);
+ctx_log_reg_write(ctx, RdN);
+tcg_temp_free(RdV);
+}
+
+helper_funcs_generated.h
+int32_t HELPER(A2_add)(CPUHexagonState *env, int32_t RsV, int32_t RtV)
+{
+uint32_t slot __attribute__((unused)) = 4;
+int32_t RdV = 0;
+{ RdV=RsV+RtV;}
+return RdV;
+}
+
+Note that generate_A2_add updates the disassembly context to be processed
+when the packet commits (see "Packet Semantics" below).
+
+The generator checks for fGEN_TCG_ macro.  This allows us to generate
+TCG code instead of a call to the helper.  If defined, the macro takes 1
+argument.
+C semantics (aka short code)
+
+This allows the code generator to override the auto-generated code.  In some
+cases this is necessary for correct execution.  We can also override for
+faster emulation.  For example, calling a helper for add is 

[RFC PATCH v4 05/29] Hexagon (disas) disassembler

[Taylor Simpson]

Add hexagon to disas/meson.build
Add disas/hexagon.c
Add hexagon to include/disas/dis-asm.h

Signed-off-by: Taylor Simpson 
---
 include/disas/dis-asm.h |  1 +
 disas/hexagon.c | 62 +
 disas/meson.build   |  1 +
 3 files changed, 64 insertions(+)
 create mode 100644 disas/hexagon.c

diff --git a/include/disas/dis-asm.h b/include/disas/dis-asm.h
index 9856bf7..14ff2be 100644
--- a/include/disas/dis-asm.h
+++ b/include/disas/dis-asm.h
@@ -460,6 +460,7 @@ int print_insn_xtensa   (bfd_vma, 
disassemble_info*);
 int print_insn_riscv32  (bfd_vma, disassemble_info*);
 int print_insn_riscv64  (bfd_vma, disassemble_info*);
 int print_insn_rx(bfd_vma, disassemble_info *);
+int print_insn_hexagon(bfd_vma, disassemble_info *);
 
 #if 0
 /* Fetch the disassembler for a given BFD, if that support is available.  */
diff --git a/disas/hexagon.c b/disas/hexagon.c
new file mode 100644
index 000..6ee8653
--- /dev/null
+++ b/disas/hexagon.c
@@ -0,0 +1,62 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+/*
+ * QEMU Hexagon Disassembler
+ */
+
+#include "qemu/osdep.h"
+#include "disas/dis-asm.h"
+#include "target/hexagon/cpu_bits.h"
+
+/*
+ * We will disassemble a packet with up to 4 instructions, so we need
+ * a hefty size buffer.
+ */
+#define PACKET_BUFFER_LEN   1028
+
+int print_insn_hexagon(bfd_vma memaddr, struct disassemble_info *info)
+{
+uint32_t words[PACKET_WORDS_MAX];
+int len, slen;
+char buf[PACKET_BUFFER_LEN];
+int status;
+int i;
+
+for (i = 0; i < PACKET_WORDS_MAX; i++) {
+status = (*info->read_memory_func)(memaddr + i * sizeof(uint32_t),
+   (bfd_byte *)[i],
+   sizeof(uint32_t), info);
+if (status) {
+if (i > 0) {
+break;
+}
+(*info->memory_error_func)(status, memaddr, info);
+return status;
+}
+}
+
+len = disassemble_hexagon(words, i, buf, PACKET_BUFFER_LEN);
+slen = strlen(buf);
+if (buf[slen - 1] == '\n') {
+buf[slen - 1] = '\0';
+}
+(*info->fprintf_func)(info->stream, "%s", buf);
+
+return len;
+}
+
diff --git a/disas/meson.build b/disas/meson.build
index bde8280..4468d10 100644
--- a/disas/meson.build
+++ b/disas/meson.build
@@ -7,6 +7,7 @@ common_ss.add_all(when: 'CONFIG_ARM_A64_DIS', if_true: 
libvixl_ss)
 common_ss.add(when: 'CONFIG_ARM_DIS', if_true: files('arm.c'))
 common_ss.add(when: 'CONFIG_CRIS_DIS', if_true: files('cris.c'))
 common_ss.add(when: 'CONFIG_HPPA_DIS', if_true: files('hppa.c'))
+common_ss.add(when: 'CONFIG_HEXAGON_DIS', if_true: files('hexagon.c'))
 common_ss.add(when: 'CONFIG_I386_DIS', if_true: files('i386.c'))
 common_ss.add(when: 'CONFIG_LM32_DIS', if_true: files('lm32.c'))
 common_ss.add(when: 'CONFIG_M68K_DIS', if_true: files('m68k.c'))
-- 
2.7.4

[RFC PATCH v4 08/29] Hexagon (target/hexagon) GDB Stub

[Taylor Simpson]

GDB register read and write routines

Signed-off-by: Taylor Simpson 
Reviewed-by: Richard Henderson 
---
 target/hexagon/internal.h |  3 +++
 target/hexagon/cpu.c  |  2 ++
 target/hexagon/gdbstub.c  | 47 +++
 3 files changed, 52 insertions(+)
 create mode 100644 target/hexagon/gdbstub.c

diff --git a/target/hexagon/internal.h b/target/hexagon/internal.h
index 327bad9..961318a 100644
--- a/target/hexagon/internal.h
+++ b/target/hexagon/internal.h
@@ -29,6 +29,9 @@
 } \
 } while (0)
 
+extern int hexagon_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
+extern int hexagon_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
+
 extern void hexagon_debug(CPUHexagonState *env);
 
 extern const char * const hexagon_regnames[TOTAL_PER_THREAD_REGS];
diff --git a/target/hexagon/cpu.c b/target/hexagon/cpu.c
index 5e0da3f..32aa982 100644
--- a/target/hexagon/cpu.c
+++ b/target/hexagon/cpu.c
@@ -280,6 +280,8 @@ static void hexagon_cpu_class_init(ObjectClass *c, void 
*data)
 cc->dump_state = hexagon_dump_state;
 cc->set_pc = hexagon_cpu_set_pc;
 cc->synchronize_from_tb = hexagon_cpu_synchronize_from_tb;
+cc->gdb_read_register = hexagon_gdb_read_register;
+cc->gdb_write_register = hexagon_gdb_write_register;
 cc->gdb_num_core_regs = TOTAL_PER_THREAD_REGS;
 cc->gdb_stop_before_watchpoint = true;
 cc->disas_set_info = hexagon_cpu_disas_set_info;
diff --git a/target/hexagon/gdbstub.c b/target/hexagon/gdbstub.c
new file mode 100644
index 000..e8c10b2
--- /dev/null
+++ b/target/hexagon/gdbstub.c
@@ -0,0 +1,47 @@
+/*
+ *  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see .
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "exec/gdbstub.h"
+#include "cpu.h"
+#include "internal.h"
+
+int hexagon_gdb_read_register(CPUState *cs, GByteArray *mem_buf, int n)
+{
+HexagonCPU *cpu = HEXAGON_CPU(cs);
+CPUHexagonState *env = >env;
+
+if (n < TOTAL_PER_THREAD_REGS) {
+return gdb_get_regl(mem_buf, env->gpr[n]);
+}
+
+g_assert_not_reached();
+}
+
+int hexagon_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
+{
+HexagonCPU *cpu = HEXAGON_CPU(cs);
+CPUHexagonState *env = >env;
+
+if (n < TOTAL_PER_THREAD_REGS) {
+env->gpr[n] = ldtul_p(mem_buf);
+return sizeof(target_ulong);
+}
+
+g_assert_not_reached();
+}
-- 
2.7.4

[RFC PATCH v4 20/29] Hexagon (target/hexagon) generater phase 4 - decode tree

[Taylor Simpson]

Python script that emits the decode tree in dectree_generated.h.

Signed-off-by: Taylor Simpson 
---
 target/hexagon/dectree.py | 352 ++
 1 file changed, 352 insertions(+)
 create mode 100755 target/hexagon/dectree.py

diff --git a/target/hexagon/dectree.py b/target/hexagon/dectree.py
new file mode 100755
index 000..8e9d32f
--- /dev/null
+++ b/target/hexagon/dectree.py
@@ -0,0 +1,352 @@
+#!/usr/bin/env python3
+
+##
+##  Copyright(c) 2019-2020 Qualcomm Innovation Center, Inc. All Rights 
Reserved.
+##
+##  This program is free software; you can redistribute it and/or modify
+##  it under the terms of the GNU General Public License as published by
+##  the Free Software Foundation; either version 2 of the License, or
+##  (at your option) any later version.
+##
+##  This program is distributed in the hope that it will be useful,
+##  but WITHOUT ANY WARRANTY; without even the implied warranty of
+##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+##  GNU General Public License for more details.
+##
+##  You should have received a copy of the GNU General Public License
+##  along with this program; if not, see .
+##
+
+import io
+import re
+
+import sys
+import iset
+
+encs = {tag : ''.join(reversed(iset.iset[tag]['enc'].replace(' ', '')))
+for tag in iset.tags if iset.iset[tag]['enc'] != 'MISSING ENCODING'}
+
+enc_classes = set([iset.iset[tag]['enc_class'] for tag in encs.keys()])
+subinsn_enc_classes = \
+set([enc_class for enc_class in enc_classes \
+if enc_class.startswith('SUBINSN_')])
+ext_enc_classes = \
+set([enc_class for enc_class in enc_classes \
+if enc_class not in ('NORMAL', '16BIT') and \
+   not enc_class.startswith('SUBINSN_')])
+
+try:
+subinsn_groupings = iset.subinsn_groupings
+except AttributeError:
+subinsn_groupings = {}
+
+for (tag, subinsn_grouping) in subinsn_groupings.items():
+encs[tag] = ''.join(reversed(subinsn_grouping['enc'].replace(' ', '')))
+
+dectree_normal = {'leaves' : set()}
+dectree_16bit = {'leaves' : set()}
+dectree_subinsn_groupings = {'leaves' : set()}
+dectree_subinsns = {name : {'leaves' : set()} for name in subinsn_enc_classes}
+dectree_extensions = {name : {'leaves' : set()} for name in ext_enc_classes}
+
+for tag in encs.keys():
+if tag in subinsn_groupings:
+dectree_subinsn_groupings['leaves'].add(tag)
+continue
+enc_class = iset.iset[tag]['enc_class']
+if enc_class.startswith('SUBINSN_'):
+if len(encs[tag]) != 32:
+encs[tag] = encs[tag] + '0' * (32 - len(encs[tag]))
+dectree_subinsns[enc_class]['leaves'].add(tag)
+elif  enc_class == '16BIT':
+if len(encs[tag]) != 16:
+raise Exception('Tag "{}" has enc_class "{}" and not an encoding ' 
+
+'width of 16 bits!'.format(tag, enc_class))
+dectree_16bit['leaves'].add(tag)
+else:
+if len(encs[tag]) != 32:
+raise Exception('Tag "{}" has enc_class "{}" and not an encoding ' 
+
+'width of 32 bits!'.format(tag, enc_class))
+if enc_class == 'NORMAL':
+dectree_normal['leaves'].add(tag)
+else:
+dectree_extensions[enc_class]['leaves'].add(tag)
+
+faketags = set()
+for (tag, enc) in iset.enc_ext_spaces.items():
+faketags.add(tag)
+encs[tag] = ''.join(reversed(enc.replace(' ', '')))
+dectree_normal['leaves'].add(tag)
+
+faketags |= set(subinsn_groupings.keys())
+
+def every_bit_counts(bitset):
+for i in range(1, len(next(iter(bitset:
+if len(set([bits[:i] + bits[i+1:] for bits in bitset])) == len(bitset):
+return False
+return True
+
+def auto_separate(node):
+tags = node['leaves']
+if len(tags) <= 1:
+return
+enc_width = len(encs[next(iter(tags))])
+opcode_bit_for_all = \
+[all([encs[tag][i] in '01' \
+for tag in tags]) for i in range(enc_width)]
+opcode_bit_is_0_for_all = \
+[opcode_bit_for_all[i] and all([encs[tag][i] == '0' \
+for tag in tags]) for i in range(enc_width)]
+opcode_bit_is_1_for_all = \
+[opcode_bit_for_all[i] and all([encs[tag][i] == '1' \
+for tag in tags]) for i in range(enc_width)]
+differentiator_opcode_bit = \
+[opcode_bit_for_all[i] and \
+ not (opcode_bit_is_0_for_all[i] or \
+ opcode_bit_is_1_for_all[i]) \
+for i in range(enc_width)]
+best_width = 0
+for width in range(4, 0, -1):
+for lsb in range(enc_width - width, -1, -1):
+bitset = set([encs[tag][lsb:lsb+width] for tag in tags])
+if all(differentiator_opcode_bit[lsb:lsb+width]) and \
+(len(bitset) == len(tags) or every_bit_counts(bitset)):
+best_width = width
+best_lsb = lsb
+caught_all_tags = len(bitset) == len(tags)
+