David Woodhouse [Mon, 6 Nov 2023 13:34:05 +0000 (13:34 +0000)]
doc/sphinx/hxtool.py: add optional label argument to SRST directive
We can't just embed labels directly into files like qemu-options.hx which
are included from multiple top-level RST files, because Sphinx sees the
labels as duplicate: https://github.com/sphinx-doc/sphinx/issues/9707
So add an 'emitrefs' option to the Sphinx hxtool-doc directive, which is
set only in invocation.rst and not from the HTML rendition of the man
page. Along with an argument to the SRST directive which causes a label
of the form '.. _BASENAME-LABEL:' to be emitted when the emitrefs option
is set, where BASENAME is the name of the .hx file and LABEL is the text
provided within the parentheses of the SRST() directive.
Now where the Xen PV documentation refers to the documentation for the
-initrd command line option, it can emit a link directly to it.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org>
David Woodhouse [Sun, 12 Nov 2023 21:49:21 +0000 (16:49 -0500)]
hw/xen: Set XenBackendInstance in the XenDevice before realizing it
This allows a XenDevice implementation to know whether it was created
by QEMU, or merely discovered in XenStore after the toolstack created
it. This will allow us to create frontend/backend nodes only when we
should, rather than unconditionally attempting to overwrite them from
a driver domain which doesn't have privileges to do so.
As an added benefit, it also means we no longer have to call the
xen_backend_set_device() function from the device models immediately
after calling qdev_realize_and_unref(). Even though we could make
the argument that it's safe to do so, and the pointer to the unreffed
device *will* actually still be valid, it still made my skin itch to
look at it.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
David Woodhouse [Wed, 30 Aug 2023 20:13:57 +0000 (21:13 +0100)]
hw/timer/hpet: fix IRQ routing in legacy support mode
The interrupt from timer 0 in legacy mode is supposed to go to IRQ 0 on
the i8259 and IRQ 2 on the I/O APIC. The generic x86 GSI handling can't
cope with IRQ numbers differing between the two chips (despite it also
being the case for PCI INTx routing), so add a special case for the HPET.
IRQ 2 isn't valid on the i8259; it's the cascade IRQ and would be
interpreted as spurious interrupt on the secondary PIC. So we can fix
up all attempts to deliver IRQ2, to actually deliver to IRQ0 on the PIC.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
David Woodhouse [Mon, 23 Oct 2023 08:38:01 +0000 (09:38 +0100)]
net: make nb_nics and nd_table[] static in net/net.c
Also remove the stale declaration of host_net_devices; the actual
definition was removed long ago in commit 7cc28cb06104 ("net: Remove
the deprecated 'host_net_add' and 'host_net_remove' HMP commands")
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Huth <thuth@redhat.com>
These old functions can be removed now too. Let net_param_nic() print
the full set of network devices directly, and also make it note that a
list more specific to this platform/config will be available by using
'-nic model=help' instead.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
David Woodhouse [Mon, 23 Oct 2023 08:37:50 +0000 (09:37 +0100)]
hw/net/lasi_i82596: use qemu_create_nic_device()
Create the device only if there is a corresponding NIC config for it.
Remove the explicit check on nd_table[0].used from hw/hppa/machine.c
which (since commit d8a3220005d7) tries to do the same thing.
The lasi_82596 support has been disabled since it was first introduced,
since enable_lasi_lan() has always been zero. This allows the user to
enable it by explicitly requesting a NIC model 'lasi_82596' or just
using the alias 'lasi'. Otherwise, it defaults to a PCI NIC as before.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Huth <thuth@redhat.com>
David Woodhouse [Fri, 26 Jan 2024 10:06:07 +0000 (10:06 +0000)]
hw/net/lasi_i82596: Re-enable build
When converting to the shiny build-system-du-jour, a typo prevented the
last_i82596 driver from being built. Correct the config option name to
re-enable the build. And include "sysemu/sysemu.h" so it actually builds.
Fixes: b1419fa66558 ("meson: convert hw/net") Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
David Woodhouse [Mon, 23 Oct 2023 08:37:45 +0000 (09:37 +0100)]
hw/m68k/q800: use qemu_find_nic_info()
If a corresponding NIC configuration was found, it will have a MAC address
already assigned, so use that. Else, generate and assign a default one.
Using qemu_find_nic_info() is simpler than the alternative of using
qemu_configure_nic_device() and then having to fetch the "mac" property
as a string and convert it.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
David Woodhouse [Mon, 23 Oct 2023 08:37:40 +0000 (09:37 +0100)]
hw/arm/stellaris: use qemu_find_nic_info()
Rather than just using qemu_configure_nic_device(), populate the MAC
address in the system-registers device by peeking at the NICInfo before
it's assigned to the device.
Generate the MAC address early, if there is no matching -nic option.
Otherwise the MAC address wouldn't be generated until net_client_init1()
runs.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
David Woodhouse [Mon, 23 Oct 2023 08:37:36 +0000 (09:37 +0100)]
hw/net/lan9118: use qemu_configure_nic_device()
Some callers instantiate the device unconditionally, others will do so only
if there is a NICInfo to go with it. This appears to be fairly random, but
preseve the existing behaviour for now.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
David Woodhouse [Mon, 23 Oct 2023 08:37:35 +0000 (09:37 +0100)]
hw/net/smc91c111: use qemu_configure_nic_device()
Some callers instantiate the device unconditionally, others will do so only
if there is a NICInfo to go with it. This appears to be fairly random, but
preserve the existing behaviour of each caller for now.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Huth <thuth@redhat.com>
David Woodhouse [Mon, 23 Oct 2023 08:37:23 +0000 (09:37 +0100)]
hw/sh4/r2d: use pci_init_nic_devices()
Previously, the first PCI NIC would be assigned to slot 2 even if the
user override the model and made it something other than an rtl8139
which is the default. Everything else would be dynamically assigned.
Now, the first rtl8139 gets slot 2 and everything else is dynamic.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Yoshinori Sato <ysato@users.sourceforge.jp>
David Woodhouse [Mon, 23 Oct 2023 08:37:17 +0000 (09:37 +0100)]
hw/ppc/spapr: use qemu_get_nic_info() and pci_init_nic_devices()
Avoid directly referencing nd_table[] by first instantiating any
spapr-vlan devices using a qemu_get_nic_info() loop, then calling
pci_init_nic_devices() to do the rest.
No functional change intended.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Huth <thuth@redhat.com>
David Woodhouse [Mon, 23 Oct 2023 08:37:14 +0000 (09:37 +0100)]
hw/ppc/prep: use pci_init_nic_devices()
Previously, the first PCI NIC would be placed in PCI slot 3 and the rest
would be dynamically assigned. Even if the user overrode the default NIC
type and made it something other than PCNet.
Now, the first PCNet NIC (that is, anything not explicitly specified
to be anything different) will go to slot 3 even if it isn't the first
NIC specified on the command line. And anything else will be dynamically
assigned.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Huth <thuth@redhat.com>
David Woodhouse [Sat, 21 Oct 2023 20:30:51 +0000 (21:30 +0100)]
hw/mips/malta: use pci_init_nic_devices()
The Malta board setup code would previously place the first NIC into PCI
slot 11 if was a PCNet card, and the rest (including the first if it was
anything other than a PCNet card) would be dynamically assigned.
Now it will place any PCNet NIC into slot 11, and then anything else will
be dynamically assigned.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Huth <thuth@redhat.com>
David Woodhouse [Sat, 21 Oct 2023 20:26:19 +0000 (21:26 +0100)]
hw/mips/fuloong2e: use pci_init_nic_devices()
The previous behaviour was: *if* the first NIC specified on the command
line was an RTL8139 (or unspecified model) then it gets assigned to PCI
slot 7, which is where the Fuloong board had an RTL8139. All other
devices (including the first, if it was specified as anything other than
an rtl8319) get dynamically assigned on the bus.
The new behaviour is subtly different: If the first NIC was given a
specific model *other* than rtl8139, and a subsequent NIC was not,
then the rtl8139 (or unspecified) NIC will go to slot 7 and the rest
will be dynamically assigned.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Thomas Huth <thuth@redhat.com>
David Woodhouse [Tue, 17 Oct 2023 16:53:58 +0000 (17:53 +0100)]
hw/xen: use qemu_create_nic_bus_devices() to instantiate Xen NICs
When instantiating XenBus itself, for each NIC which is configured with
either the model unspecified, or set to to "xen" or "xen-net-device",
create a corresponding xen-net-device for it.
Now we can revert the previous more hackish version which relied on the
platform code explicitly registering the NICs on its own XenBus, having
returned the BusState* from xen_bus_init() itself.
This also fixes the setup for Xen PV guests, which was previously broken
in various ways and never actually managed to peer with the netdev.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org>
David Woodhouse [Sun, 22 Oct 2023 08:13:41 +0000 (09:13 +0100)]
net: add qemu_create_nic_bus_devices()
This will instantiate any NICs which live on a given bus type. Each bus
is allowed *one* substitution (for PCI it's virtio → virtio-net-pci, for
Xen it's xen → xen-net-device; no point in overengineering it unless we
actually want more).
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
David Woodhouse [Sat, 21 Oct 2023 22:09:38 +0000 (23:09 +0100)]
net: report list of available models according to platform
By noting the models for which a configuration was requested, we can give
the user an accurate list of which NIC models were actually available on
the platform/configuration that was otherwise chosen.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org>
Most code which directly accesses nd_table[] and nb_nics uses them for
one of two things. Either "I have created a NIC device and I'd like a
configuration for it", or "I will create a NIC device *if* there is a
configuration for it". With some variants on the theme around whether
they actually *check* if the model specified in the configuration is
the right one.
Provide functions which perform both of those, allowing platforms to
be a little more consistent and as a step towards making nd_table[]
and nb_nics private to the net code.
One might argue that platforms ought to be consistent about whether
they create the unconfigured devices or not, but making significant
user-visible changes is explicitly *not* the intent right now.
The new functions leave the 'model' field of the NICInfo as NULL after
using it for the default NIC model, unlike the qemu_check_nic_model()
function which does set nd->model to match default_model explicitly.
This is acceptable because there is no code which consumes nd->model
except this NIC-matching code in net/net.c, and no reasonable excuse
for any code wanting to use nd->model in future.
Also export the qemu_find_nic_info() helper, as some platforms have
special cases they need to handle.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> Reviewed-by: Paul Durrant <paul@xen.org> Reviewed-by: Thomas Huth <thuth@redhat.com>
* tag 'pull-request-2024-01-24' of https://gitlab.com/thuth/qemu:
util/uri: Remove unused macros ISA_RESERVED() and ISA_GEN_DELIM()
util/uri: Remove the uri_string_escape() function
util/uri: Remove unused functions uri_resolve() and uri_resolve_relative()
util/uri: Remove uri_string_unescape()
tests/qtest: Bump timeouts of boot_sector_test()-based tests to 610 seconds
tests/unit/test-iov: Fix timeout problem on NetBSD and OpenBSD
tests/qtest: Bump timeout of the boot-serial-test to 360 seconds
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Thu, 25 Jan 2024 12:33:33 +0000 (12:33 +0000)]
Merge tag 'pull-tcg-20240123' of https://gitlab.com/rth7680/qemu into staging
tcg/arm: Fix SIGILL in tcg_out_qemu_st_direct
tcg/s390x: Fix encoding of VRIc, VRSa, VRSc insns
tcg: Clean up error paths in alloc_code_gen_buffer_splitwx_memfd
linux-user/riscv: Adjust vdso signal frame cfa offsets
linux-user: Fixed cpu restore with pc 0 on SIGBUS
* tag 'pull-tcg-20240123' of https://gitlab.com/rth7680/qemu:
tcg/arm: Fix SIGILL in tcg_out_qemu_st_direct
linux-user/elfload: check PR_GET_DUMPABLE before creating coredump
linux-user/elfload: test return value of getrlimit
linux-user/riscv: Adjust vdso signal frame cfa offsets
tcg/s390x: Fix encoding of VRIc, VRSa, VRSc insns
linux-user: Fixed cpu restore with pc 0 on SIGBUS
tcg: Make the cleanup-on-error path unique
tcg: Remove unreachable code
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* tag 'block-pull-request' of https://gitlab.com/stefanha/qemu:
block/io: clear BDRV_BLOCK_RECURSE flag after recursing in bdrv_co_block_status
coroutine-ucontext: Save fake stack for pooled coroutine
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Thomas Huth [Tue, 23 Jan 2024 18:22:47 +0000 (19:22 +0100)]
util/uri: Remove unused macros ISA_RESERVED() and ISA_GEN_DELIM()
They are not used anywhere, so there's no need to keep them around.
Reviewed-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: "Daniel P. Berrangé" <berrange@redhat.com>
Message-ID: <20240123182247.432642-5-thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Tue, 23 Jan 2024 18:22:46 +0000 (19:22 +0100)]
util/uri: Remove the uri_string_escape() function
Now that uri_resolve_relative() has been removed, this function is not
used in QEMU anymore - and if somebody needs this functionality, they
can simply use g_uri_escape_string() from the glib instead.
Reviewed-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: "Daniel P. Berrangé" <berrange@redhat.com>
Message-ID: <20240123182247.432642-4-thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Tue, 23 Jan 2024 18:22:45 +0000 (19:22 +0100)]
util/uri: Remove unused functions uri_resolve() and uri_resolve_relative()
These rather complex functions have never been used since they've been
introduced in 2012, so looks like they are not really useful for QEMU.
And since the static normalize_uri_path() function is also only used by
uri_resolve(), we can remove that function now, too.
Reviewed-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: "Daniel P. Berrangé" <berrange@redhat.com>
Message-ID: <20240123182247.432642-3-thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Tue, 23 Jan 2024 18:22:44 +0000 (19:22 +0100)]
util/uri: Remove uri_string_unescape()
uri_string_unescape() basically does the same as the glib function
g_uri_unescape_segment(). So we can get rid of our implementation
completely by simply using the glib function instead.
Suggested-by: Stefan Weil <sw@weilnetz.de> Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <20240123182247.432642-2-thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Thomas Huth <thuth@redhat.com>
So we should bump the timeout of cdrom-test to see whether that
fixes the issue.
Now, cdrom-test, as bios-tables-test, pxe-test and vmgenid-test use
the boot_sector_test() function for running a TCG payload. That
function already uses an internal timeout of 600 seconds with
the remark that the test could be slow with TCI.
Thus from the outer meson test runner side, we should not use less
than 600 seconds as timeout values for these tests. Let's bump them
on the meson side to 610 seconds so that the tests themselves can
run with their internal 600 seconds timeout and have some additional
seconds on top for reporting the outcome.
Message-ID: <20240124084412.465638-1-thuth@redhat.com> Reviewed-by: "Daniel P. Berrangé" <berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Thomas Huth [Mon, 22 Jan 2024 15:33:47 +0000 (16:33 +0100)]
tests/unit/test-iov: Fix timeout problem on NetBSD and OpenBSD
The test-iov code uses usleep() with small values (<= 30) in some
nested loops with many iterations. This causes a small delay on OSes
like Linux that have a precise sleeping mechanism, but on systems
like NetBSD and OpenBSD, each usleep() call takes multiple microseconds,
which then sum up in a total test time of multiple minutes!
Looking at the code, the usleep() does not really seem to be necessary
here - if not enough data could be send, we should simply always use
select() to wait 'til we can send more. Thus remove the usleep() and
re-arrange the code a little bit to make it more clear what is going
on here.
Suggested-by: "Daniel P. Berrangé" <berrange@redhat.com>
Message-ID: <20240122153347.71654-1-thuth@redhat.com> Reviewed-by: "Daniel P. Berrangé" <berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
Joseph Burt [Sun, 21 Jan 2024 21:14:39 +0000 (21:14 +0000)]
tcg/arm: Fix SIGILL in tcg_out_qemu_st_direct
When tcg_out_qemu_st_{index,direct} were merged, the direct case for
MO_64 was omitted, causing qemu_st_i64 to be encoded as 0xffffffff due
to underflow when adding h.base and h.index.
Fixes: 1df6d611bdc2 ("tcg/arm: Introduce HostAddress") Signed-off-by: Joseph Burt <caseorum@gmail.com>
Message-Id: <20240121211439.100829-1-caseorum@gmail.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Thomas Weißschuh [Sat, 20 Jan 2024 21:45:25 +0000 (22:45 +0100)]
linux-user/elfload: check PR_GET_DUMPABLE before creating coredump
A process can opt-out of coredump creation by calling
prctl(PR_SET_DUMPABLE, 0).
linux-user passes this call from the guest through to the
operating system.
From there it can be read back again to avoid creating coredumps from
qemu-user itself if the guest chose so.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
Message-Id: <20240120-qemu-user-dumpable-v3-2-6aa410c933f1@t-8ch.de> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Thomas Weißschuh [Sat, 20 Jan 2024 21:45:24 +0000 (22:45 +0100)]
linux-user/elfload: test return value of getrlimit
Should getrlimit() fail the value of dumpsize.rlimit_cur may not be
initialized. Avoid reading garbage data by checking the return value of
getrlimit.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
Message-Id: <20240120-qemu-user-dumpable-v3-1-6aa410c933f1@t-8ch.de> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Robbin Ehn [Fri, 12 Jan 2024 20:57:22 +0000 (21:57 +0100)]
linux-user: Fixed cpu restore with pc 0 on SIGBUS
Commit f4e1168198 (linux-user: Split out host_sig{segv,bus}_handler)
introduced a bug, when returning from host_sigbus_handler the PC is
never set. Thus cpu_loop_exit_restore is called with a zero PC and
we immediate get a SIGSEGV.
Signed-off-by: Robbin Ehn <rehn@rivosinc.com> Fixes: f4e1168198 ("linux-user: Split out host_sig{segv,bus}_handler") Reviewed-by: Palmer Dabbelt <palmer@rivosinc.com>
Message-Id: <33f27425878fb529b9e39ef22c303f6e0d90525f.camel@rivosinc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Samuel Tardieu [Tue, 19 Dec 2023 18:22:12 +0000 (19:22 +0100)]
tcg: Make the cleanup-on-error path unique
By calling `error_setg_errno()` before jumping to the cleanup-on-error
path at the `fail` label, the cleanup path is clearer.
Signed-off-by: Samuel Tardieu <sam@rfc1149.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20231219182212.455952-3-sam@rfc1149.net> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
In the reproducer [0], it happens because the BDRV_BLOCK_RECURSE flag
will be set by the qcow2 driver, so the caller will recursively check
the file child. Then the BDRV_BLOCK_ZERO set too. Later up the call
chain, in bdrv_co_do_block_status() for the snapshot-access driver,
the assertion failure will happen, because both flags are set.
To fix it, clear the recurse flag after the recursive check was done.
Because of the data flag, bdrv_co_do_block_status() will now also set
BDRV_BLOCK_ALLOCATED. Because of the recurse flag,
bdrv_co_do_block_status() for the bdrv_file child will be called,
which returns 0x16 = BDRV_BLOCK_ALLOCATED | BDRV_BLOCK_OFFSET_VALID |
BDRV_BLOCK_ZERO. Now the return value inherits the zero flag.
Akihiko Odaki [Wed, 17 Jan 2024 07:06:02 +0000 (16:06 +0900)]
coroutine-ucontext: Save fake stack for pooled coroutine
Coroutine may be pooled even after COROUTINE_TERMINATE if
CONFIG_COROUTINE_POOL is enabled and fake stack should be saved in
such a case to keep AddressSanitizerUseAfterReturn working. Even worse,
I'm seeing stack corruption without fake stack being saved.
Taylor Simpson [Mon, 15 Jan 2024 22:14:43 +0000 (15:14 -0700)]
Hexagon (target/hexagon) Remove old dectree.py
Now that we are using QEMU decodetree.py, remove the old decoder
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20240115221443.365287-4-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Mon, 15 Jan 2024 22:14:42 +0000 (15:14 -0700)]
Hexagon (target/hexagon) Use QEMU decodetree (16-bit instructions)
Section 10.3 of the Hexagon V73 Programmer's Reference Manual
A duplex is encoded as a 32-bit instruction with bits [15:14] set to 00.
The sub-instructions that comprise a duplex are encoded as 13-bit fields
in the duplex.
Create a decoder for each subinstruction class (a, l1, l2, s1, s2).
Extend gen_trans_funcs.py to handle all instructions rather than
filter by instruction class.
There is a g_assert_not_reached() in decode_insns() in decode.c to
verify we never try to use the old decoder on 16-bit instructions.
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20240115221443.365287-3-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Mon, 15 Jan 2024 22:14:41 +0000 (15:14 -0700)]
Hexagon (target/hexagon) Use QEMU decodetree (32-bit instructions)
The Decodetree Specification can be found here
https://www.qemu.org/docs/master/devel/decodetree.html
Covers all 32-bit instructions, including HVX
We generate separate decoders for each instruction class. The reason
will be more apparent in the next patch in this series.
We add 2 new scripts
gen_decodetree.py Generate the input to decodetree.py
gen_trans_funcs.py Generate the trans_* functions used by the
output of decodetree.py
Since the functions generated by decodetree.py take DisasContext * as an
argument, we add the argument to a couple of functions that didn't need
it previously. We also set the insn field in DisasContext during decode
because it is used by the trans_* functions.
There is a g_assert_not_reached() in decode_insns() in decode.c to
verify we never try to use the old decoder on 32-bit instructions
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20240115221443.365287-2-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:12 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Remove dead functions from hex_common.py
These functions are no longer used after making the generators
object oriented.
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20231210220712.491494-10-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
This is the only remaining use of the is_written function. We will
remove it in the subsequent commit.
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20231210220712.491494-9-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:10 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Make generators object oriented - gen_analyze_funcs
This patch conflicts with
https://lists.gnu.org/archive/html/qemu-devel/2023-11/msg00729.html
If that series goes in first, we'll rework this patch and vice versa.
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20231210220712.491494-8-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:09 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Make generators object oriented - gen_op_regs
Reviewed-by: Brian Cain <bcain@quicinc.com> Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com>
Message-Id: <20231210220712.491494-7-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:08 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Make generators object oriented - gen_idef_parser_funcs
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20231210220712.491494-6-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:07 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Make generators object oriented - gen_helper_funcs
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20231210220712.491494-5-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:06 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Make generators object oriented - gen_helper_protos
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20231210220712.491494-4-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:05 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Make generators object oriented - gen_tcg_funcs
The generators are generally a bunch of Python if-then-else
statements based on the regtype and regid. Encapsulate regtype/regid
into a class hierarchy. Clients lookup the register and invoke
methods.
This has several advantages for making the code easier to read,
understand, and maintain
- The class name makes it more clear what the operand does
- All the methods for a given type of operand are together
- Don't need hex_common.bad_register
If a regtype/regid is missing, the lookup in hex_common.get_register
will fail
- We can remove the functions in hex_common that use regtype/regid
(e.g., is_read)
This patch creates the class hierarchy in hex_common and converts
gen_tcg_funcs.py. The other scripts will be converted in subsequent
patches in this series.
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com>
Message-Id: <20231210220712.491494-3-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Sun, 10 Dec 2023 22:07:04 +0000 (15:07 -0700)]
Hexagon (target/hexagon) Clean up handling of modifier registers
Currently, the register number (MuN) for modifier registers is the
modifier register number rather than the index into hex_gpr. This
patch changes MuN to the hex_gpr index, which is consistent with
the handling of control registers.
Note that HELPER(fcircadd) needs the CS register corresponding to the
modifier register specified in the instruction. We create a TCGv
variable "CS" to hold the value to pass to the helper.
Reviewed-by: Brian Cain <bcain@quicinc.com> Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com>
Message-Id: <20231210220712.491494-2-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Taylor Simpson [Thu, 30 Nov 2023 18:39:55 +0000 (11:39 -0700)]
Hexagon (target/hexagon) Fix shadow variable when idef-parser is off
Adding -Werror=shadow=compatible-local causes Hexagon not to build
when idef-parser is off. The "label" variable in CHECK_NOSHUF_PRED
shadows a variable in the surrounding code.
Signed-off-by: Taylor Simpson <ltaylorsimpson@gmail.com> Reviewed-by: Brian Cain <bcain@quicinc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20231130183955.54314-1-ltaylorsimpson@gmail.com> Signed-off-by: Brian Cain <bcain@quicinc.com>
Peter Maydell [Fri, 19 Jan 2024 11:39:38 +0000 (11:39 +0000)]
Merge tag 'hw-cpus-20240119' of https://github.com/philmd/qemu into staging
HW core patch queue
. Deprecate unmaintained SH-4 models (Samuel)
. HPET: Convert DPRINTF calls to trace events (Daniel)
. Implement buffered block writes in Intel PFlash (Gerd)
. Ignore ELF loadable segments with zero size (Bin)
. ESP/NCR53C9x: PCI DMA fixes (Mark)
. PIIX: Simplify Xen PCI IRQ routing (Bernhard)
. Restrict CPU 'start-powered-off' property to sysemu (Phil)
. target/alpha: Only build sys_helper.c on system emulation (Phil)
. target/xtensa: Use generic instruction breakpoint API & add test (Max)
. Restrict icount to system emulation (Phil)
. Do not set CPUState TCG-specific flags in non-TCG accels (Phil)
. Cleanup TCG tb_invalidate API (Phil)
. Correct LoongArch/KVM include path (Bibo)
. Do not ignore throttle errors in crypto backends (Phil)
* tag 'hw-cpus-20240119' of https://github.com/philmd/qemu: (36 commits)
configure: Add linux header compile support for LoongArch
MAINTAINERS: Update hw/core/cpu.c entry
MAINTAINERS: Update Raphael Norwitz email
hw/elf_ops: Ignore loadable segments with zero size
hw/scsi/esp-pci: set DMA_STAT_BCMBLT when BLAST command issued
hw/scsi/esp-pci: synchronise setting of DMA_STAT_DONE with ESP completion interrupt
hw/scsi/esp-pci: generate PCI interrupt from separate ESP and PCI sources
hw/scsi/esp-pci: use correct address register for PCI DMA transfers
target/riscv: Rename tcg_cpu_FOO() to include 'riscv'
target/i386: Rename tcg_cpu_FOO() to include 'x86'
hw/s390x: Rename cpu_class_init() to include 'sclp'
hw/core/cpu: Rename cpu_class_init() to include 'common'
accel: Rename accel_init_ops_interfaces() to include 'system'
cpus: Restrict 'start-powered-off' property to system emulation
system/watchpoint: Move TCG specific code to accel/tcg/
system/replay: Restrict icount to system emulation
hw/pflash: implement update buffer for block writes
hw/pflash: use ldn_{be,le}_p and stn_{be,le}_p
hw/pflash: refactor pflash_data_write()
hw/i386/pc_piix: Make piix_intx_routing_notifier_xen() more device independent
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 19 Jan 2024 11:39:27 +0000 (11:39 +0000)]
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* vga: implement odd/even and byte/word/doubleword modes more accurately
* vga: implement horizontal pel panning
* KVM: add class property to configure KVM device node to use
* fix various bugs in x86 TCG PC-relative translation
* properly align huge pages on LoongArch
* cleanup patches
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
tests/tcg: Don't #include <inttypes.h> in aarch64/system/vtimer.c
qemu/osdep: Add huge page aligned support on LoongArch platform
remove unnecessary casts from uintptr_t
target/i386: pcrel: store low bits of physical address in data[0]
target/i386: fix incorrect EIP in PC-relative translation blocks
target/i386: Do not re-compute new pc with CF_PCREL
io_uring: move LuringState typedef to block/aio.h
Add class property to configure KVM device node to use
vga: sort-of implement word and double-word access modes
vga: use latches in odd/even mode too
vga: reindent memory access code
vga: optimize horizontal pel panning in 256-color modes
vga: implement horizontal pel panning in graphics modes
vga: mask addresses in non-VESA modes to 256k
vga: introduce VGADisplayParams
vga: use common endian swap macros
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Bibo Mao [Tue, 16 Jan 2024 01:39:52 +0000 (09:39 +0800)]
configure: Add linux header compile support for LoongArch
When compiling qemu with system KVM mode for LoongArch, header files
in directory linux-headers/asm-loongarch should be used firstly.
Otherwise it fails to find kvm.h on system with old glibc, since
latest kernel header files are not installed.
This patch adds linux_arch definition for LoongArch system so that
header files in directory linux-headers/asm-loongarch can be included.
Fixes: 714b03c125 ("target/loongarch: Add loongarch kvm into meson build") Signed-off-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20240116013952.264474-1-maobibo@loongson.cn> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Zhao Liu [Mon, 15 Jan 2024 09:48:42 +0000 (17:48 +0800)]
MAINTAINERS: Update hw/core/cpu.c entry
The hw/core/cpu.c was split as hw/core/cpu-common.c and
hw/core/cpu-sysemu.c in the commit df4fd7d5c8a3 ("cpu: Split as
cpu-common / cpu-sysemu").
Update the related entry.
Signed-off-by: Zhao Liu <zhao1.liu@intel.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20240115094852.3597165-2-zhao1.liu@linux.intel.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Bin Meng [Tue, 16 Jan 2024 15:50:49 +0000 (23:50 +0800)]
hw/elf_ops: Ignore loadable segments with zero size
Some ELF files really do have segments of zero size, e.g.:
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
RISCV_ATTRIBUT 0x00000000000025b8 0x0000000000000000 0x0000000000000000
0x000000000000003e 0x0000000000000000 R 0x1
LOAD 0x0000000000001000 0x0000000080200000 0x0000000080200000
0x00000000000001d1 0x00000000000001d1 R E 0x1000
LOAD 0x00000000000011d1 0x00000000802001d1 0x00000000802001d1
0x0000000000000e37 0x0000000000000e37 RW 0x1000
LOAD 0x0000000000000120 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 0x1000
The current logic does not check for this condition, resulting in
the incorrect assignment of 'lowaddr' as zero.
There is already a piece of codes inside the segment traversal loop
that checks for zero-sized loadable segments for not creating empty
ROM blobs. Let's move this check to the beginning of the loop to
cover both scenarios.
Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20240116155049.390301-1-bmeng@tinylab.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Mark Cave-Ayland [Fri, 12 Jan 2024 13:15:29 +0000 (13:15 +0000)]
hw/scsi/esp-pci: set DMA_STAT_BCMBLT when BLAST command issued
Even though the BLAST command isn't fully implemented in QEMU, the DMA_STAT_BCMBLT
bit should be set after the command has been issued to indicate that the command
has completed.
This fixes an issue with the DC390 DOS driver which issues the BLAST command as
part of its normal error recovery routine at startup, and otherwise sits in a
tight loop waiting for DMA_STAT_BCMBLT to be set before continuing.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Guenter Roeck <linux@roeck-us.net> Tested-by: Guenter Roeck <linux@roeck-us.net>
Message-ID: <20240112131529.515642-5-mark.cave-ayland@ilande.co.uk> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Mark Cave-Ayland [Fri, 12 Jan 2024 13:15:28 +0000 (13:15 +0000)]
hw/scsi/esp-pci: synchronise setting of DMA_STAT_DONE with ESP completion interrupt
The setting of DMA_STAT_DONE at the end of a DMA transfer can be configured to
generate an interrupt, however the Linux driver manually checks for DMA_STAT_DONE
being set and if it is, considers that a DMA transfer has completed.
If DMA_STAT_DONE is set but the ESP device isn't indicating an interrupt then
the Linux driver considers this to be a spurious interrupt. However this can
occur in QEMU as there is a delay between the end of DMA transfer where
DMA_STAT_DONE is set, and the ESP device raising its completion interrupt.
This appears to be an incorrect assumption in the Linux driver as the ESP and
PCI DMA interrupt sources are separate (and may not be raised exactly
together), however we can work around this by synchronising the setting of
DMA_STAT_DONE at the end of a DMA transfer with the ESP completion interrupt.
In conjunction with the previous commit Linux is now able to correctly boot
from an am53c974 PCI SCSI device on the hppa C3700 machine without emitting
"iget: checksum invalid" and "Spurious irq, sreg=10" errors.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Guenter Roeck <linux@roeck-us.net> Tested-by: Guenter Roeck <linux@roeck-us.net>
Message-ID: <20240112131529.515642-4-mark.cave-ayland@ilande.co.uk> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Mark Cave-Ayland [Fri, 12 Jan 2024 13:15:27 +0000 (13:15 +0000)]
hw/scsi/esp-pci: generate PCI interrupt from separate ESP and PCI sources
The am53c974/dc390 PCI interrupt has two separate sources: the first is from the
internal ESP device, and the second is from the PCI DMA transfer logic.
Update the ESP interrupt handler so that it sets DMA_STAT_SCSIINT rather than
driving the PCI IRQ directly, and introduce a new esp_pci_update_irq() function
to generate the correct PCI IRQ level. In particular this fixes spurious interrupts
being generated by setting DMA_STAT_DONE at the end of a transfer if DMA_CMD_INTE_D
isn't set in the DMA_CMD register.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Guenter Roeck <linux@roeck-us.net> Tested-by: Guenter Roeck <linux@roeck-us.net>
Message-ID: <20240112131529.515642-3-mark.cave-ayland@ilande.co.uk> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Mark Cave-Ayland [Fri, 12 Jan 2024 13:15:26 +0000 (13:15 +0000)]
hw/scsi/esp-pci: use correct address register for PCI DMA transfers
The current code in esp_pci_dma_memory_rw() sets the DMA address to the value
of the DMA_SPA (Starting Physical Address) register which is incorrect: this
means that for each callback from the SCSI layer the DMA address is set back
to the starting address.
In the case where only a single SCSI callback occurs (currently for transfer
lengths < 128kB) this works fine, however for larger transfers the DMA address
wraps back to the initial starting address, corrupting the buffer holding the
data transferred to the guest.
Fix esp_pci_dma_memory_rw() to use the DMA_WAC (Working Address Counter) for
the DMA address which is correctly incremented across multiple SCSI layer
transfers.
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Guenter Roeck <linux@roeck-us.net> Tested-by: Guenter Roeck <linux@roeck-us.net>
Message-ID: <20240112131529.515642-2-mark.cave-ayland@ilande.co.uk> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Philippe Mathieu-Daudé [Wed, 10 Jan 2024 08:32:33 +0000 (09:32 +0100)]
target/riscv: Rename tcg_cpu_FOO() to include 'riscv'
The tcg_cpu_FOO() names are riscv specific, so rename
them as riscv_tcg_cpu_FOO() (as other names in this file)
to ease navigating the code.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240111120221.35072-6-philmd@linaro.org>
Philippe Mathieu-Daudé [Wed, 10 Jan 2024 08:30:48 +0000 (09:30 +0100)]
target/i386: Rename tcg_cpu_FOO() to include 'x86'
The tcg_cpu_FOO() names are x86 specific, so rename
them as x86_tcg_cpu_FOO() (as other names in this file)
to ease navigating the code.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20240111120221.35072-5-philmd@linaro.org>
Philippe Mathieu-Daudé [Wed, 10 Jan 2024 08:46:42 +0000 (09:46 +0100)]
hw/s390x: Rename cpu_class_init() to include 'sclp'
cpu_class_init() is specific to s390x SCLP, so rename
it as sclp_cpu_class_init() (as other names in this file)
to ease navigating the code.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Eric Farman <farman@linux.ibm.com>
Message-ID: <20240111120221.35072-4-philmd@linaro.org>
projects / users / dwmw2 / qemu.git / log