Commit Graph

89444 Commits

Author SHA1 Message Date
Matheus Ferst
2d1154bd95 target/ppc: Ease L=0 requirement on cmp/cmpi/cmpl/cmpli for ppc32
In commit 8f0a4b6a9b, we started to require L=0 for ppc32 to match what
The Programming Environments Manual say:

"For 32-bit implementations, the L field must be cleared, otherwise
the instruction form is invalid."

The stricter behavior, however, broke AROS boot on sam460ex, which is a
regression from 6.0. This patch partially reverts the change, raising
the exception only for CPUs known to require L=0 (e500 and e500mc) and
logging a guest error for other cases.

Both behaviors are acceptable by the PowerISA, which allows "the system
illegal instruction error handler to be invoked or yield boundedly
undefined results."

Reported-by: BALATON Zoltan <balaton@eik.bme.hu>
Fixes: 8f0a4b6a9b ("target/ppc: Move cmp/cmpi/cmpl/cmpli to decodetree")
Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Matheus Ferst <matheus.ferst@eldorado.org.br>
Message-Id: <20210720135507.2444635-1-matheus.ferst@eldorado.org.br>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-29 10:59:49 +10:00
BALATON Zoltan
793abe24aa i2c/smbus_eeprom: Add feature bit to SPD data
Add the differential clock input feature bit to the generated SPD
data. Most guests don't seem to care but pegasos2 firmware version 1.2
checks for this bit and stops with unsupported module type error if
it's not present. Since this feature is likely present on real memory
modules add it in the general code rather than patching the generated
SPD data in pegasos2 board only.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <19d42ade295d5297aa624a9eb757b8df18cf64d6.1626367844.git.balaton@eik.bme.hu>
Acked-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-29 10:59:49 +10:00
BALATON Zoltan
6ebc0048dd ppc/pegasos2: Fix spurious warning with -bios
The -append option is currently not compatible with -bios (as we don't
yet emulate nvram so we can only put it in the environment with VOF).
Therefore a warning is printed if -append is used with -bios but
because the default value of kernel_cmdline seems to be an empty
string instead of NULL this warning was printed even without -append
when -bios is used. Only print warning if -append is given.

Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Message-Id: <483ac599a1407b766179aaea2794aed60cc09f53.1626367844.git.balaton@eik.bme.hu>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-29 10:59:49 +10:00
Peter Maydell
69ea12b19a Miscellaneous patches for 2021-07-27
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmEAJAcSHGFybWJydUBy
 ZWRoYXQuY29tAAoJEDhwtADrkYZTdGEP/2j98W0SsQquFSaIbYjWDWJKBSZXrPdp
 Zd4QC2EL0AG7KSmbfpUyMSrn5cEN4+RVQq/RHEmyp6kSmKS2uDrdQ6eP9iiNmsFL
 xI+85cxAVhvMuDLp1Yw1lRv3POj/vLKpTt2vSxu9SyFfls0Eg2tTpCbxU4W1dZow
 7gcfeevtUQdTbo6BI9teXlVjucwiXRzqncLyU3h+m2gSrkPpE/0KhKs1TG8n+HTP
 iD8SMhIIIUA880pZe4ONJ7H1A7hpLlNoaLSD7DkAlLTijafRnJGPZO5ELLgrknU6
 E3QL1dSLlLwZcV7+KyfppMZRDX4R2UE9U+2+ppBF0394r5eOwjhKW2GAjRWRfQCR
 CAzV5bUKfsGCy5ASN/FkXsfXjk4QzdtIx6/SN5/y4GtezVh7ZhbCZqsvKJsepWNK
 PlUXJhhE8IevAV2zAENRe8buKwxd+1iCvNfLZ1YsChxJQO/yIjeXBfWzgTWvk9iQ
 H5N7uQTjS8z5zRmbpEouJPtr+CVUQiaZyARXql4YIxzZQKBAkh8Tz7zZ1gsUhSQ+
 51rWUuKqoHlLsP/EHIXP29rOSCJPURuzpFnGC14ZeLOlAMDnZ8Og+5ACJe0WBEKE
 1ejb1gyDdmiMiA5wueqEusTHy6DsDeOmmxVAr7BtMDyTwpHs5oBdLeXlYxReOd+y
 gKnanNv7i+1k
 =HI0j
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2021-07-27' into staging

Miscellaneous patches for 2021-07-27

# gpg: Signature made Tue 27 Jul 2021 16:19:35 BST
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-misc-2021-07-27:
  vl: Don't continue after -smp help.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-28 13:32:12 +01:00
Peter Maydell
f2da205cb4 Update version for v6.1.0-rc1 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 18:07:52 +01:00
Markus Armbruster
3e61a13af3 vl: Don't continue after -smp help.
We continue after -smp help:

    $ qemu-system-x86_64 -smp help -display none -monitor stdio
    smp-opts options:
      cores=<num>
      cpus=<num>
      dies=<num>
      maxcpus=<num>
      sockets=<num>
      threads=<num>
    QEMU 6.0.50 monitor - type 'help' for more information
    (qemu)

Other options, such as -object help and -device help, don't.

Adjust -smp not to continue either.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20210720125408.387910-17-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Pankaj Gupta <pankaj.gupta@ionos.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
2021-07-27 16:52:37 +02:00
Peter Maydell
9ae1246a9b target-arm queue:
* hw/arm/smmuv3: Check 31st bit to see if CD is valid
  * qemu-options.hx: Fix formatting of -machine memory-backend option
  * hw: aspeed_gpio: Fix memory size
  * hw/arm/nseries: Display hexadecimal value with '0x' prefix
  * Add sve-default-vector-length cpu property
  * docs: Update path that mentions deprecated.rst
  * hw/intc/armv7m_nvic: for v8.1M VECTPENDING hides S exceptions from NS
  * hw/intc/armv7m_nvic: Correct size of ICSR.VECTPENDING
  * hw/intc/armv7m_nvic: ISCR.ISRPENDING is set for non-enabled pending interrupts
  * target/arm: Report M-profile alignment faults correctly to the guest
  * target/arm: Add missing 'return's after calling v7m_exception_taken()
  * target/arm: Enforce that M-profile SP low 2 bits are always zero
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmD/4/kZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3kOeD/9cYRTWNKhQI1lCpq704GxX
 hWkCPVugtXZDahom+Ill2o4cuvmyc4NNgAeCgSTh7WaUIaEjqR1a7c3eusQJN2lX
 +tEUVi7wDYGv1qJI3M8S+Z0bO5qOIVHjkxnxwpiEwNODqt1nMHBBn02k+uJpg7ME
 i9xoZWeSuFkOOSpUSwWvXRxvuEhfWLKI2TPMM+YZ3d4PkLMIP6P5CR2oYnQ6jjYu
 h1sm0JhbIOJmE8ksnsz0BNlW3nLl2eYdxpAdLObP6wB9lKOqjNh3VlkN22GTOrM8
 k4R7JZIU6lkKDYFiIxjQgSRynmesUL42YLCZFWxpEImtvOlD7RJpIFChCQY0MmFp
 ssB1/JtHR5p1652kjgY+y3hz3owlxknjlM5encuce6aBRx/xEIrQqChDk9jeEnSL
 lc8Zkl7Nhzf0gYPlAWa+2dhLuW7F6t9OC+HK4mv/LML2WcoUDQskkGpYBuTpLaCM
 BwdT2SEf78Z4i1qoTpoCbnuQxddNJYZ+P0fsvMa32WtWqEJZM6sXhWg/83aFBg57
 e3mUSH0A+hhjGW/qEarGnp2IJ4wN06BAWD4+jpJaYyDUHU8G7qZclsp8e5117p/1
 wpAH3/fKev5nYgC3I2G3pveuzqGn+vgSJ2alk12KxXibGLcJbEPKAefx4IgKZpcB
 dp1DfBz13Falx5NeSFEuZg==
 =ru4w
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210727' into staging

target-arm queue:
 * hw/arm/smmuv3: Check 31st bit to see if CD is valid
 * qemu-options.hx: Fix formatting of -machine memory-backend option
 * hw: aspeed_gpio: Fix memory size
 * hw/arm/nseries: Display hexadecimal value with '0x' prefix
 * Add sve-default-vector-length cpu property
 * docs: Update path that mentions deprecated.rst
 * hw/intc/armv7m_nvic: for v8.1M VECTPENDING hides S exceptions from NS
 * hw/intc/armv7m_nvic: Correct size of ICSR.VECTPENDING
 * hw/intc/armv7m_nvic: ISCR.ISRPENDING is set for non-enabled pending interrupts
 * target/arm: Report M-profile alignment faults correctly to the guest
 * target/arm: Add missing 'return's after calling v7m_exception_taken()
 * target/arm: Enforce that M-profile SP low 2 bits are always zero

# gpg: Signature made Tue 27 Jul 2021 11:46:17 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20210727:
  hw: aspeed_gpio: Fix memory size
  hw/arm/nseries: Display hexadecimal value with '0x' prefix
  target/arm: Add sve-default-vector-length cpu property
  target/arm: Export aarch64_sve_zcr_get_valid_len
  target/arm: Correctly bound length in sve_zcr_get_valid_len
  docs: Update path that mentions deprecated.rst
  hw/intc/armv7m_nvic: for v8.1M VECTPENDING hides S exceptions from NS
  hw/intc/armv7m_nvic: Correct size of ICSR.VECTPENDING
  hw/intc/armv7m_nvic: ISCR.ISRPENDING is set for non-enabled pending interrupts
  target/arm: Report M-profile alignment faults correctly to the guest
  target/arm: Add missing 'return's after calling v7m_exception_taken()
  target/arm: Enforce that M-profile SP low 2 bits are always zero
  qemu-options.hx: Fix formatting of -machine memory-backend option
  hw/arm/smmuv3: Check 31st bit to see if CD is valid

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 15:32:00 +01:00
Peter Maydell
202abcd389 hw/nvme fixes
* new PMR test (Gollu Appalanaidu)
 * pmr/sgl mapping fix (Padmakar Kalghatgi)
 * hotplug fixes (me)
 * mmio out-of-bound read fix (me)
 * big-endian host fixes (me)
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEUigzqnXi3OaiR2bATeGvMW1PDekFAmD/CnQACgkQTeGvMW1P
 DenrlQgAhiKhfKQAJPpP59noKaVNgHFCJySNFQdrPmnD8xDehn4wNRiP4pcdc4aL
 wpB28S5GN9LopzMpLtQBfQZaLygMPFa4QnuJ0ZFJnVoZZa5+T0yQUbBDt8xBJEM5
 gVXBeB4rjnP4TjyTipgtRhSUZt7wieul60z9oFUbJwg4ntt0Jp36DFRzSdXAhTXY
 MubNZy+jqf8p2R4icL97kZISI/phPbWBBMVDSmyqlU5E/pCnip/n5pdISJ/MTPgl
 amqBA93Zs9d2jzhZlhfiKMT+qtdUuItGUk8NV9L2IKxE7ZTdT+tujKfQ1c54JvGM
 J70NjthZApzV4EJwZyrqD0UXNYwFIg==
 =jXUw
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/nvme/tags/nvme-next-pull-request' into staging

hw/nvme fixes

* new PMR test (Gollu Appalanaidu)
* pmr/sgl mapping fix (Padmakar Kalghatgi)
* hotplug fixes (me)
* mmio out-of-bound read fix (me)
* big-endian host fixes (me)

# gpg: Signature made Mon 26 Jul 2021 20:18:12 BST
# gpg:                using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg:                 aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468  4272 63D5 6FC5 E55D A838
#      Subkey fingerprint: 5228 33AA 75E2 DCE6 A247  66C0 4DE1 AF31 6D4F 0DE9

* remotes/nvme/tags/nvme-next-pull-request:
  tests/qtest/nvme-test: add mmio read test
  hw/nvme: fix mmio read
  hw/nvme: fix out-of-bounds reads
  hw/nvme: use symbolic names for registers
  hw/nvme: split pmrmsc register into upper and lower
  hw/nvme: fix controller hot unplugging
  tests/qtest/nvme-test: add persistent memory region test
  hw/nvme: error handling for too many mappings
  hw/nvme: unregister controller with subsystem at exit
  hw/nvme: mark nvme-subsys non-hotpluggable
  hw/nvme: remove NvmeCtrl parameter from ns setup/check functions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 13:24:56 +01:00
Joel Stanley
e229a179a5 hw: aspeed_gpio: Fix memory size
The macro used to calculate the maximum memory size of the MMIO region
had a mistake, causing all GPIO models to create a mapping of 0x9D8.
The intent was to have it be 0x9D8 - 0x800.

This extra size doesn't matter on ast2400 and ast2500, which have a 4KB
region set aside for the GPIO controller.

On the ast2600 the 3.3V and 1.8V GPIO controllers are 2KB apart, so the
regions would overlap. Worse was the 1.8V controller would map over the
top of the following peripheral, which happens to be the RTC.

The mmio region used by each device is a maximum of 2KB, so avoid the
calculations and hard code this as the maximum.

Fixes: 36d737ee82 ("hw/gpio: Add in AST2600 specific implementation")
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Rashmica Gupta <rashmica.g@gmail.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-id: 20210713065854.134634-2-joel@jms.id.au
[PMM: fix autocorrect error in commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 11:00:00 +01:00
Philippe Mathieu-Daudé
b1c2a6bd3d hw/arm/nseries: Display hexadecimal value with '0x' prefix
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210726150953.1218690-1-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 10:57:40 +01:00
Richard Henderson
b3d52804c5 target/arm: Add sve-default-vector-length cpu property
Mirror the behavour of /proc/sys/abi/sve_default_vector_length
under the real linux kernel.  We have no way of passing along
a real default across exec like the kernel can, but this is a
decent way of adjusting the startup vector length of a process.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/482
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210723203344.968563-4-richard.henderson@linaro.org
[PMM: tweaked docs formatting, document -1 special-case,
 added fixup patch from RTH mentioning QEMU's maximum veclen.]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 10:57:40 +01:00
Richard Henderson
ce440581c1 target/arm: Export aarch64_sve_zcr_get_valid_len
Rename from sve_zcr_get_valid_len and make accessible
from outside of helper.c.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210723203344.968563-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 10:57:40 +01:00
Richard Henderson
dc0bc8e785 target/arm: Correctly bound length in sve_zcr_get_valid_len
Currently, our only caller is sve_zcr_len_for_el, which has
already masked the length extracted from ZCR_ELx, so the
masking done here is a nop.  But we will shortly have uses
from other locations, where the length will be unmasked.

Saturate the length to ARM_MAX_VQ instead of truncating to
the low 4 bits.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210723203344.968563-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 10:57:40 +01:00
Mao Zhongyi
a476b21672 docs: Update path that mentions deprecated.rst
Missed in commit f3478392 "docs: Move deprecation, build
and license info out of system/"

Signed-off-by: Mao Zhongyi <maozhongyi@cmss.chinamobile.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210723065828.1336760-1-maozhongyi@cmss.chinamobile.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 10:57:40 +01:00
Peter Maydell
845d27a913 hw/intc/armv7m_nvic: for v8.1M VECTPENDING hides S exceptions from NS
In Arm v8.1M the VECTPENDING field in the ICSR has new behaviour: if
the register is accessed NonSecure and the highest priority pending
enabled exception (that would be returned in the VECTPENDING field)
targets Secure, then the VECTPENDING field must read 1 rather than
the exception number of the pending exception. Implement this.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210723162146.5167-7-peter.maydell@linaro.org
2021-07-27 10:57:39 +01:00
Peter Maydell
7caad65756 hw/intc/armv7m_nvic: Correct size of ICSR.VECTPENDING
The VECTPENDING field in the ICSR is 9 bits wide, in bits [20:12] of
the register.  We were incorrectly masking it to 8 bits, so it would
report the wrong value if the pending exception was greater than 256.
Fix the bug.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210723162146.5167-6-peter.maydell@linaro.org
2021-07-27 10:57:39 +01:00
Peter Maydell
41487794f5 hw/intc/armv7m_nvic: ISCR.ISRPENDING is set for non-enabled pending interrupts
The ISCR.ISRPENDING bit is set when an external interrupt is pending.
This is true whether that external interrupt is enabled or not.
This means that we can't use 's->vectpending == 0' as a shortcut to
"ISRPENDING is zero", because s->vectpending indicates only the
highest priority pending enabled interrupt.

Remove the incorrect optimization so that if there is no pending
enabled interrupt we fall through to scanning through the whole
interrupt array.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210723162146.5167-5-peter.maydell@linaro.org
2021-07-27 10:57:39 +01:00
Peter Maydell
d4f6883912 target/arm: Report M-profile alignment faults correctly to the guest
For M-profile, we weren't reporting alignment faults triggered by the
generic TCG code correctly to the guest.  These get passed into
arm_v7m_cpu_do_interrupt() as an EXCP_DATA_ABORT with an A-profile
style exception.fsr value of 1.  We didn't check for this, and so
they fell through into the default of "assume this is an MPU fault"
and were reported to the guest as a data access violation MPU fault.

Report these alignment faults as UsageFaults which set the UNALIGNED
bit in the UFSR.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210723162146.5167-4-peter.maydell@linaro.org
2021-07-27 10:57:39 +01:00
Peter Maydell
0c317eb3dd target/arm: Add missing 'return's after calling v7m_exception_taken()
In do_v7m_exception_exit(), we perform various checks as part of
performing the exception return.  If one of these checks fails, the
architecture requires that we take an appropriate exception on the
existing stackframe.  We implement this by calling
v7m_exception_taken() to set up to take the new exception, and then
immediately returning from do_v7m_exception_exit() without proceeding
any further with the unstack-and-exception-return process.

In a couple of checks that are new in v8.1M, we forgot the "return"
statement, with the effect that if bad code in the guest tripped over
these checks we would set up to take a UsageFault exception but then
blunder on trying to also unstack and return from the original
exception, with the probable result that the guest would crash.

Add the missing return statements.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210723162146.5167-3-peter.maydell@linaro.org
2021-07-27 10:57:39 +01:00
Peter Maydell
888f470f12 target/arm: Enforce that M-profile SP low 2 bits are always zero
For M-profile, unlike A-profile, the low 2 bits of SP are defined to be
RES0H, which is to say that they must be hardwired to zero so that
guest attempts to write non-zero values to them are ignored.

Implement this behaviour by masking out the low bits:
 * for writes to r13 by the gdbstub
 * for writes to any of the various flavours of SP via MSR
 * for writes to r13 via store_reg() in generated code

Note that all the direct uses of cpu_R[] in translate.c are in places
where the register is definitely not r13 (usually because that has
been checked for as an UNDEFINED or UNPREDICTABLE case and handled as
UNDEF).

All the other writes to regs[13] in C code are either:
 * A-profile only code
 * writes of values we can guarantee to be aligned, such as
   - writes of previous-SP-value plus or minus a 4-aligned constant
   - writes of the value in an SP limit register (which we already
     enforce to be aligned)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210723162146.5167-2-peter.maydell@linaro.org
2021-07-27 10:57:39 +01:00
Peter Maydell
953558291e qemu-options.hx: Fix formatting of -machine memory-backend option
The documentation of the -machine memory-backend has some minor
formatting errors:
 * Misindentation of the initial line meant that the whole option
   section is incorrectly indented in the HTML output compared to
   the other -machine options
 * The examples weren't indented, which meant that they were formatted
   as plain run-on text including outputting the "::" as text.
 * The a) b) list has no rst-format markup so it is rendered as
   a single run-on paragraph

Fix the formatting.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20210719105257.3599-1-peter.maydell@linaro.org
2021-07-27 10:57:39 +01:00
Joe Komlodi
1b41847afb hw/arm/smmuv3: Check 31st bit to see if CD is valid
The bit to see if a CD is valid is the last bit of the first word of the CD.

Signed-off-by: Joe Komlodi <joe.komlodi@xilinx.com>
Message-id: 1626728232-134665-2-git-send-email-joe.komlodi@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 10:57:39 +01:00
Peter Maydell
ca4b5ef371 Migration fixes 2021-07-26
Peter's fix for a bunch of races
  -> Seem to fix the occasional crash seen by Peter
 
 Wei's fix for migration with free page hinting
  -> Bug has been around for a while, but makes a huge difference
 
 My fix for OpenBSD test corner case
 
 Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEERfXHG0oMt/uXep+pBRYzHrxb/ecFAmD+ragACgkQBRYzHrxb
 /efqKxAAqaor4INEZTqlK+zxSpt+if3v/3WcyMlghmFO30soz0nGuiq5qBLkOMrN
 LB+1gRxIa7bg8SgDVyGdPlOTa3SQjhM2CJFM789Y0V+8HfMIyFXlVNEZmRxegLtL
 9M5muf1VO+gG8YPTskAKEjeHNWPspv4+wjpHnY/MxRt4TZ0sPq6Q7glzfPU94Ajm
 P8e3Sx8zYhKV342M/wy6F8LSn6q5+amRV8NeO+1VtTnic/Uft2Q7Jp91kH8jbYKs
 gPy6Ly3UGZHDxjBWcUj7lA57fKTYVuAPpZm5Q+ZJLW9iwo1Mik6cYBkdaX/Wf9yD
 yQBNkDcYQoKmRJoiDEFjqmp6RbRnmD4pCXOQBzyjIu1fQXAXy3PmETAePfdk3mkR
 ssmWRJoxCG1sR/rpU738oNZFYAe8FSTPiiBHVJor/iqMIHJaoRoNlfU9bV67ak7f
 XEWU6GmP2yko34zlXCSpctuXJYkME6e74PKhS6Vh9RDIXc+6UBQwSKQMJg8oDezd
 Dqu3nOT9XO6OyD2/XWM3K+DVqQU+SOhKTvN3Gpl9BfkhDDpcpnmnySjbmj5tU70Z
 EaCqhTFuH6krbk2SnukhRyOt/uFkNhIsLahqMkdxfFMxTMZ5P0xWPC+EOvZFZjOP
 l4IrrdIxBGmP5j6rGlzWRzfz5VsN560QvMo/C6b/HzquGanPWp8=
 =jNI0
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgilbert-gitlab/tags/pull-migration-20210726a' into staging

Migration fixes 2021-07-26

Peter's fix for a bunch of races
 -> Seem to fix the occasional crash seen by Peter

Wei's fix for migration with free page hinting
 -> Bug has been around for a while, but makes a huge difference

My fix for OpenBSD test corner case

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

# gpg: Signature made Mon 26 Jul 2021 13:42:16 BST
# gpg:                using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert-gitlab/tags/pull-migration-20210726a:
  migration: clear the memory region dirty bitmap when skipping free pages
  migration: Move the yank unregister of channel_close out
  migration: Teach QEMUFile to be QIOChannel-aware
  migration: Introduce migration_ioc_[un]register_yank()
  migration: Make from_dst_file accesses thread-safe
  migration: Fix missing join() of rp_thread
  tests/qtest/migration-test.c: use 127.0.0.1 instead of 0

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 10:55:50 +01:00
Peter Maydell
c08ccd1b53 Fix icount accounting.
Replace bitrev8 with revbit8.
 Fixes for set but not used warnings.
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmD/LQEdHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9RnwgAq3wti4fF3FrSUCQ5
 zsspEi2JIU1dybpxjM9PXqi9uXZiO4ITlCrhmB9o+7DA78/rx/EjoAqFNK5MyPf4
 v1g12LvuuwxwOv6LMPiH5io+Aygbaz8Xk+AJsYr6eMMxh+4zLcyiYg03eBH65IkS
 1HceGon67gYHjIqeb9OJ6R6VgvSwCsZ3J+uAR1f4/BzfwoM/+zxMFiWzwFTJxX1t
 sc7VhX1dZwoVJoCUtL52+7a8kVMFud70aOuE0Uwlwt1nryf1HUHTS26ghF95e/6v
 +QPZEobbfuyt+X97/qiRGYHzYLDrJX1SiBZ3vTIUNoDUDip2Nyt3SncYTXHuEoHy
 SN6vFw==
 =4/cY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-tcg-20210726' into staging

Fix icount accounting.
Replace bitrev8 with revbit8.
Fixes for set but not used warnings.

# gpg: Signature made Mon 26 Jul 2021 22:45:37 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth-gitlab/tags/pull-tcg-20210726:
  tests/unit: Remove unused variable from test_io
  linux-user/syscall: Remove unused variable from execve
  hw/pci-hist/pnv_phb4: Fix typo in pnv_phb4_ioda_write
  hw/ppc/spapr_events: Remove unused variable from check_exception
  hw/audio/adlib: Remove unused variable in adlib_callback
  net/checksum: Remove unused variable in net_checksum_add_iov
  util/selfmap: Discard mapping on error
  accel/tcg: Remove unused variable in cpu_exec
  nbd/server: Mark variable unused in nbd_negotiate_meta_queries
  bitops.h: revert db1ffc32dd ("qemu/bitops.h: add bitrev8 implementation")
  accel/tcg: Remove unnecessary check on icount_extra in cpu_loop_exec_tb()
  accel/tcg: Don't use CF_COUNT_MASK as the max value of icount_decr.u16.low

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-27 08:35:01 +01:00
Peter Maydell
1f3c9c762e ui: fixes for 6.1
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEoDKM/7k6F6eZAf59TLbY7tPocTgFAmD+lv0ACgkQTLbY7tPo
 cTjkmhAAre3jMeFq4cCTQFWqYCSHV6NaCMZ+4943QePtn6FGx7Mo/wDAXOnWpVmZ
 HkRJk36ZTU78egfaL+7rVajW2qCN6wa1uvvxrV+IaDF8A2cQwzbdTEqkotNZ3vBM
 C6r6m4Z+Pt8zVUaJHS78Bw5UzI581j39xcsKGK2EPtVir6/nyZRy0JT3c7lmDDEN
 RljAIOC0ajCZEfEir8PV0pl2ycU4IDtjKNLWNjRXwLXVuBuSupdQ1d5GsPZseod7
 DbxGNzsKTzoTbk4BIF67SBEvCdGFyM6aow3mXIdH1kxKZhY2DU/uZib2h8qjts/V
 B+kny114WDlhBCsi+tj33wsUJxLAhFFUVQyWu8gvG28duf9OsbvQ5O/bYtgv428m
 2vZeLpj/ou/a2Xmmae4vPJkEwR9R0fxX25NRWNgvS8d3eAog3Ev2DaUu6FcuWZtl
 X1lchw5qZrrdTqBOxRqCO4ZgcPHTzH4zlq+YdOTND9wICeI0KbE2RtgS6j5vfyW8
 Vk081aUTm/m6R9vKM11eavS9YRUP5tQSaHsaIbC662YgyTYxrm3On6yyFzwA6pK+
 rGL7N3wIeDjcgEvcCsVCCzyS3saTpiAAKFmygNwsuGwX0nGImmKPSfa1gJvsuRGG
 L5CNC5CLi95zepkHX3PDDSIIMMmIT/qTIgeQUCOeP2Sf9shmrRw=
 =Yjvt
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/fixes-20210726-pull-request' into staging

ui: fixes for 6.1

# gpg: Signature made Mon 26 Jul 2021 12:05:33 BST
# gpg:                using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/fixes-20210726-pull-request:
  ui/gtk: add a keyboard fifo to the VTE consoles
  ui: update keycodemapdb submodule commit
  ui/cocoa: Fix the type of main's argv
  ui/egl-headless: Remove a check for CONFIG_OPENGL
  ui/spice: Use HAVE_SPICE_GL for OpenGL checks
  ui/gtk: Fix relative mouse with multiple monitors

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 20:50:19 +01:00
Klaus Jensen
9631a8ab21 tests/qtest/nvme-test: add mmio read test
Add a regression test for mmio read on big-endian hosts.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
2021-07-26 21:09:39 +02:00
Klaus Jensen
49e03457f1 hw/nvme: fix mmio read
The new PMR test unearthed a long-standing issue with MMIO reads on
big-endian hosts.

Fix this by unconditionally storing all controller registers in little
endian.

Cc: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 21:09:39 +02:00
Klaus Jensen
5029de44b5 hw/nvme: fix out-of-bounds reads
Peter noticed that mmio access may read into the NvmeParams member in
the NvmeCtrl struct.

Fix the bounds check.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 21:09:39 +02:00
Klaus Jensen
a316aa50e6 hw/nvme: use symbolic names for registers
Add the NvmeBarRegs enum and use these instead of explicit register
offsets.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
2021-07-26 21:09:38 +02:00
Klaus Jensen
5d45edbeac hw/nvme: split pmrmsc register into upper and lower
The specification uses a set of 32 bit PMRMSCL and PMRMSCU registers to
make up the 64 bit logical PMRMSC register.

Make it so.

Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
2021-07-26 21:09:38 +02:00
Klaus Jensen
5ffbaeed16 hw/nvme: fix controller hot unplugging
Prior to this patch the nvme-ns devices are always children of the
NvmeBus owned by the NvmeCtrl. This causes the namespaces to be
unrealized when the parent device is removed. However, when subsystems
are involved, this is not what we want since the namespaces may be
attached to other controllers as well.

This patch adds an additional NvmeBus on the subsystem device. When
nvme-ns devices are realized, if the parent controller device is linked
to a subsystem, the parent bus is set to the subsystem one instead. This
makes sure that namespaces are kept alive and not unrealized.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Gollu Appalanaidu
51e90178f7 tests/qtest/nvme-test: add persistent memory region test
This will test the PMR functionality.

Signed-off-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
[k.jensen: replaced memory-backend-file with memory-backend-ram]
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Padmakar Kalghatgi
234214734f hw/nvme: error handling for too many mappings
If the number of PRP/SGL mappings exceed 1024, reads and writes will
fail because of an internal QEMU limitation of max 1024 vectors.

Signed-off-by: Padmakar Kalghatgi <p.kalghatgi@samsung.com>
Reviewed-by: Klaus Jensen <k.jensen@samsung.com>
[k.jensen: changed the error message to be more generic]
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Klaus Jensen
b0fde9e861 hw/nvme: unregister controller with subsystem at exit
Make sure the controller is unregistered from the subsystem when device
is removed.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Klaus Jensen
cc6fb6bc50 hw/nvme: mark nvme-subsys non-hotpluggable
We currently lack the infrastructure to handle subsystem hotplugging, so
disable it.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Klaus Jensen
5e4f6bcc29 hw/nvme: remove NvmeCtrl parameter from ns setup/check functions
The nvme_ns_setup and nvme_ns_check_constraints should not depend on the
controller state. Refactor and remove it.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
2021-07-26 21:09:38 +02:00
Peter Maydell
76bf66b913 Pull request
Phil's block/nvme.c ENOSPC fix for newer Linux kernels that return this errno.
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmD+d+0ACgkQnKSrs4Gr
 c8j+YwgAuo2jX4ugUo4DDORe2EYNYBAGAklhW/mSkwuibT2qfgUAwrXSE3gDjSXA
 RKxIusQFTiK2sov/bscr2u5pHz4HCA441qTlTOnnv6CVJNFRG5RTRnZMD+pMDSY1
 WNkG1t8hN5cUxXSzd+F7cCe9pVl0kzAuSPp7vKSZ7tTaQPAW/eD0W1/8Xaulysst
 o/64VqyEKxz3bWdr0FBfyMtEwwwVo7YGS9y6Ea4z6jJj6/r9fKA9qH2jUNcVM0rc
 2PDcb4Lfr6IO9w6dZOmcDV58u8L8ihrBlB2JAy8IK6Ow+vkBW6mYkapFHqqBHqPS
 wt2veksFYhjzCpHzG6IfEkRpZ0J1aA==
 =YOYQ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stefanha-gitlab/tags/block-pull-request' into staging

Pull request

Phil's block/nvme.c ENOSPC fix for newer Linux kernels that return this errno.

# gpg: Signature made Mon 26 Jul 2021 09:53:01 BST
# gpg:                using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full]
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>" [full]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha-gitlab/tags/block-pull-request:
  block/nvme: Fix VFIO_MAP_DMA failed: No space left on device

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 19:19:36 +01:00
Richard Henderson
2bf07e788e tests/unit: Remove unused variable from test_io
From clang-13:
tests/unit/test-iov.c:161:26: error: variable 't' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:28 -10:00
Richard Henderson
211364c21e linux-user/syscall: Remove unused variable from execve
From clang-13:
linux-user/syscall.c:8503:17: error: variable 'total_size' set but not used \
    [-Werror,-Wunused-but-set-variable]

Acked-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:28 -10:00
Richard Henderson
984178d86b hw/pci-hist/pnv_phb4: Fix typo in pnv_phb4_ioda_write
From clang-13:
hw/pci-host/pnv_phb4.c:375:18: error: variable 'v' set but not used \
    [-Werror,-Wunused-but-set-variable]

It's pretty clear that we meant to write back 'v' after
all that computation and not 'val'.

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:07 -10:00
Richard Henderson
2d758274ee hw/ppc/spapr_events: Remove unused variable from check_exception
From clang-13:
hw/ppc/spapr_events.c:937:14: error: variable 'xinfo' set but not used \
    [-Werror,-Wunused-but-set-variable]

Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:07 -10:00
Richard Henderson
79fe9e4313 hw/audio/adlib: Remove unused variable in adlib_callback
From clang-13:
hw/audio/adlib.c:189:18: error: variable 'net' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:07:07 -10:00
Richard Henderson
fe4bd9170c net/checksum: Remove unused variable in net_checksum_add_iov
From clang-13:
../qemu/net/checksum.c:189:23: error: variable 'buf_off' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:58 -10:00
Richard Henderson
53645dc4cb util/selfmap: Discard mapping on error
From clang-13:
util/selfmap.c:26:21: error: variable 'errors' set but not used \
    [-Werror,-Wunused-but-set-variable]

Quite right of course, but there's no reason not to check errors.

First, incrementing errors is incorrect, because qemu_strtoul
returns an errno not a count -- just or them together so that
we have a non-zero value at the end.

Second, if we have an error, do not add the struct to the list,
but free it instead.

Cc: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:49 -10:00
Richard Henderson
2521c775bd accel/tcg: Remove unused variable in cpu_exec
From clang-13:
accel/tcg/cpu-exec.c:783:15: error: variable 'cc' set but not used \
    [-Werror,-Wunused-but-set-variable]

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:49 -10:00
Richard Henderson
cd1675f8d7 nbd/server: Mark variable unused in nbd_negotiate_meta_queries
From clang-13:
nbd/server.c:976:22: error: variable 'bitmaps' set but not used \
    [-Werror,-Wunused-but-set-variable]

which is incorrect; see //bugs.llvm.org/show_bug.cgi?id=3888.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 07:06:25 -10:00
Mark Cave-Ayland
2f0e10a486 bitops.h: revert db1ffc32dd ("qemu/bitops.h: add bitrev8 implementation")
Commit db1ffc32dd ("qemu/bitops.h: add bitrev8 implementation") introduced
a bitrev8() function to reverse the bit ordering required for storing the
MAC address in the q800 PROM.

This function is not required since QEMU implements its own revbit8()
function which does exactly the same thing. Remove the extraneous
bitrev8() function and switch its only caller in hw/m68k/q800.c to
use revbit8() instead.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210725110557.3007-1-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 06:56:41 -10:00
Peter Maydell
c8cf47a946 accel/tcg: Remove unnecessary check on icount_extra in cpu_loop_exec_tb()
In cpu_loop_exec_tb(), we decide whether to look for a TB with
exactly insns_left instructions in it using the condition
 (!cpu->icount_extra && insns_left > 0 && insns_left < tb->icount)

The check for icount_extra == 0 is unnecessary, because we just set
  insns_left = MIN(0xffff, cpu->icount_budget);
  icount_extra = icount_budget - insns_left;
and so icount_extra can only be non-zero if icount_budget > 0xffff
and insns_left == 0xffff. But in that case insns_left >= tb->icount
because 0xffff is much larger than TCG_MAX_INSNS, so the condition
will be false anyway.

Remove the unnecessary check, and instead assert:
 * that we are only going to execute a partial TB here if the
   icount budget has run out (ie icount_extra == 0)
 * that the number of insns we're going to execute does fit into
   the CF_COUNT_MASK

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210725174405.24568-3-peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 06:56:03 -10:00
Peter Maydell
df3a2de51a accel/tcg: Don't use CF_COUNT_MASK as the max value of icount_decr.u16.low
In cpu_loop_exec_tb() we were bounding the number of insns we might
try to execute in a TB using CF_COUNT_MASK.  This is incorrect,
because we can validly put up to 0xffff into icount_decr.u16.low.  In
particular, since commit 78ff82bb1b reduced CF_COUNT_MASK to
511 this meant that we would incorrectly only try to execute 511
instructions in a 512-instruction TB, which could result in QEMU
hanging when in icount mode.

Use the actual maximum value, which is 0xffff. (This brings this code
in to line with the similar logic in icount_prepare_for_run() in
tcg-accel-ops-icount.c.)

Fixes: 78ff82bb1b
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/499
Message-Id: <20210725174405.24568-2-peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2021-07-26 06:55:53 -10:00
Peter Maydell
1d6f147f04 The Hexagon target was silently failing the SIGSEGV test because
the signal handler was not called.
 
 Patch 1/2 fixes the Hexagon target
 Patch 2/2 drops include qemu.h from target/hexagon/op_helper.c
 
 **** Changes in v2 ****
 Drop changes to linux-test.c due to intermittent failures on riscv
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJg/doaAAoJEHsCRPsS3kQi/gIH+gJ6GBmIb7NNDt+tRYjsnOpZ
 QgmkM/cvOBhqo+dUkxWIDXA7i7ZzytBHHG5GoplVkZjm/S+e5aEsuEyqwL6KbcK7
 kB6NvnHA3n9npf5MGcUduHlvPPzDsO7Z4SLrfwkIliiWL/AJ4FzKqEGoviWv2YnN
 k+29YDSv11B1jgXriADBJVnWtCf2CGPsF7BiKMcguZ6Bj+q+fH1cPpe2EWN8R8n2
 D+La/M5qWEC2FcWPCkrCs61Pi/cV+L4M0IA6JAEm8K+MtoDWmsCNWaVsakiNWWg+
 FRiHg45z3cCBvQ+SLQQ4SvsaQriI3M/yIKD6ABNgAfurIiTj4YbHAbeTmfEFYOs=
 =YdBn
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/quic/tags/pull-hex-20210725' into staging

The Hexagon target was silently failing the SIGSEGV test because
the signal handler was not called.

Patch 1/2 fixes the Hexagon target
Patch 2/2 drops include qemu.h from target/hexagon/op_helper.c

**** Changes in v2 ****
Drop changes to linux-test.c due to intermittent failures on riscv

# gpg: Signature made Sun 25 Jul 2021 22:39:38 BST
# gpg:                using RSA key 7B0244FB12DE4422
# gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3635 C788 CE62 B91F D4C5  9AB4 7B02 44FB 12DE 4422

* remotes/quic/tags/pull-hex-20210725:
  target/hexagon: Drop include of qemu.h
  Hexagon (target/hexagon) remove put_user_*/get_user_*

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2021-07-26 13:36:51 +01:00